sst 2.0.0-rc.54 → 2.0.0-rc.56
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cdk/cloudformation-deployments-wrapper.js +8 -3
- package/cli/commands/deploy.js +2 -2
- package/cli/commands/dev.js +2 -2
- package/cli/commands/plugins/pothos.js +3 -1
- package/cli/commands/remove.js +1 -1
- package/constructs/Api.d.ts +1 -1
- package/constructs/Api.js +3 -6
- package/constructs/ApiGatewayV1Api.js +2 -2
- package/constructs/Auth.js +16 -16
- package/constructs/Cognito.js +28 -28
- package/constructs/EdgeFunction.js +8 -4
- package/constructs/NextjsSite.js +6 -4
- package/constructs/Queue.js +10 -10
- package/constructs/Secret.js +2 -2
- package/constructs/SolidStartSite.js +3 -1
- package/constructs/SsrSite.js +0 -1
- package/constructs/StaticSite.d.ts +30 -50
- package/constructs/StaticSite.js +79 -105
- package/constructs/Table.js +4 -4
- package/constructs/Topic.js +1 -1
- package/constructs/deprecated/NextjsSite.js +3 -1
- package/constructs/util/apiGatewayV2AccessLog.js +4 -4
- package/constructs/util/apiGatewayV2Domain.js +1 -3
- package/constructs/util/appSyncApiDomain.js +9 -15
- package/constructs/util/permission.js +12 -12
- package/constructs/util/warning.js +2 -2
- package/node/auth/adapter/facebook.js +1 -1
- package/node/auth/adapter/google.js +2 -2
- package/node/auth/adapter/twitch.js +1 -1
- package/node/config/index.js +3 -8
- package/node/site/index.js +3 -5
- package/package.json +1 -1
- package/sst.mjs +20 -28
- package/stacks/app-metadata.js +1 -1
- package/stacks/synth.js +2 -2
- package/support/bootstrap-metadata-function/index.mjs +36 -25
- package/support/custom-resources/index.mjs +1 -4
- package/support/dotnet6-bootstrap/release/dotnet-bootstrap.deps.json +1 -1
- package/support/dotnet6-bootstrap/release/dotnet-bootstrap.runtimeconfig.json +1 -1
- package/support/remix-site-function/edge-server.js +1 -1
|
@@ -62,7 +62,7 @@ const useDeployment = Context.memo(() => {
|
|
|
62
62
|
});
|
|
63
63
|
}
|
|
64
64
|
return state.get(sdkProvider);
|
|
65
|
-
}
|
|
65
|
+
},
|
|
66
66
|
};
|
|
67
67
|
});
|
|
68
68
|
async function deployStack(options) {
|
|
@@ -99,13 +99,18 @@ async function deployStack(options) {
|
|
|
99
99
|
parallel: options.assetParallelism,
|
|
100
100
|
});
|
|
101
101
|
return {
|
|
102
|
-
isUpdate: cloudFormationStack.exists &&
|
|
102
|
+
isUpdate: cloudFormationStack.exists &&
|
|
103
|
+
cloudFormationStack.stackStatus.name !== "REVIEW_IN_PROGRESS",
|
|
103
104
|
params: {
|
|
104
105
|
StackName: deployName,
|
|
105
106
|
TemplateBody: bodyParameter.TemplateBody,
|
|
106
107
|
TemplateURL: bodyParameter.TemplateURL,
|
|
107
108
|
Parameters: stackParams.apiParameters,
|
|
108
|
-
Capabilities: [
|
|
109
|
+
Capabilities: [
|
|
110
|
+
"CAPABILITY_IAM",
|
|
111
|
+
"CAPABILITY_NAMED_IAM",
|
|
112
|
+
"CAPABILITY_AUTO_EXPAND",
|
|
113
|
+
],
|
|
109
114
|
Tags: options.tags,
|
|
110
115
|
},
|
|
111
116
|
};
|
package/cli/commands/deploy.js
CHANGED
|
@@ -16,7 +16,7 @@ export const deploy = (program) => program.command("deploy [filter]", "Deploy yo
|
|
|
16
16
|
const { createSpinner } = await import("../spinner.js");
|
|
17
17
|
const { dim, blue, bold } = await import("colorette");
|
|
18
18
|
const { useProject } = await import("../../project.js");
|
|
19
|
-
const { loadAssembly, useAppMetadata, saveAppMetadata, Stacks
|
|
19
|
+
const { loadAssembly, useAppMetadata, saveAppMetadata, Stacks } = await import("../../stacks/index.js");
|
|
20
20
|
const { render } = await import("ink");
|
|
21
21
|
const { DeploymentUI } = await import("../ui/deploy.js");
|
|
22
22
|
const { mapValues } = await import("remeda");
|
|
@@ -27,7 +27,7 @@ export const deploy = (program) => program.command("deploy [filter]", "Deploy yo
|
|
|
27
27
|
]);
|
|
28
28
|
// Check app mode changed
|
|
29
29
|
if (appMetadata && appMetadata.mode !== "deploy") {
|
|
30
|
-
if (!await promptChangeMode()) {
|
|
30
|
+
if (!(await promptChangeMode())) {
|
|
31
31
|
process.exit(0);
|
|
32
32
|
}
|
|
33
33
|
}
|
package/cli/commands/dev.js
CHANGED
|
@@ -10,7 +10,7 @@ export const dev = (program) => program.command(["dev", "start"], "Work on your
|
|
|
10
10
|
const { useRuntimeServer } = await import("../../runtime/server.js");
|
|
11
11
|
const { useBus } = await import("../../bus.js");
|
|
12
12
|
const { useWatcher } = await import("../../watcher.js");
|
|
13
|
-
const { useAppMetadata, saveAppMetadata, Stacks
|
|
13
|
+
const { useAppMetadata, saveAppMetadata, Stacks } = await import("../../stacks/index.js");
|
|
14
14
|
const { Logger } = await import("../../logger.js");
|
|
15
15
|
const { createSpinner } = await import("../spinner.js");
|
|
16
16
|
const { bold, dim, yellow } = await import("colorette");
|
|
@@ -231,7 +231,7 @@ export const dev = (program) => program.command(["dev", "start"], "Work on your
|
|
|
231
231
|
]);
|
|
232
232
|
// Check app mode changed
|
|
233
233
|
if (appMetadata && appMetadata.mode !== "dev") {
|
|
234
|
-
if (!await promptChangeMode()) {
|
|
234
|
+
if (!(await promptChangeMode())) {
|
|
235
235
|
process.exit(0);
|
|
236
236
|
}
|
|
237
237
|
}
|
|
@@ -17,7 +17,9 @@ export const usePothosBuilder = Context.memo(() => {
|
|
|
17
17
|
});
|
|
18
18
|
await fs.writeFile(route.output, schema);
|
|
19
19
|
// bus.publish("pothos.extracted", { file: route.output });
|
|
20
|
-
|
|
20
|
+
if (Array.isArray(route.commands) && route.commands.length > 0) {
|
|
21
|
+
await Promise.all(route.commands.map((cmd) => execAsync(cmd)));
|
|
22
|
+
}
|
|
21
23
|
Colors.line(Colors.success(`✔`), " Pothos: Extracted pothos schema");
|
|
22
24
|
}
|
|
23
25
|
catch (ex) {
|
package/cli/commands/remove.js
CHANGED
|
@@ -5,7 +5,7 @@ export const remove = (program) => program.command("remove [filter]", "Remove yo
|
|
|
5
5
|
const React = await import("react");
|
|
6
6
|
const { dim, blue, bold } = await import("colorette");
|
|
7
7
|
const { useProject } = await import("../../project.js");
|
|
8
|
-
const { loadAssembly, clearAppMetadata, Stacks
|
|
8
|
+
const { loadAssembly, clearAppMetadata, Stacks } = await import("../../stacks/index.js");
|
|
9
9
|
const { render } = await import("ink");
|
|
10
10
|
const { DeploymentUI } = await import("../ui/deploy.js");
|
|
11
11
|
const { printDeploymentResults } = await import("../ui/deploy.js");
|
package/constructs/Api.d.ts
CHANGED
|
@@ -14,7 +14,7 @@ import * as apigV2Cors from "./util/apiGatewayV2Cors.js";
|
|
|
14
14
|
import * as apigV2Domain from "./util/apiGatewayV2Domain.js";
|
|
15
15
|
import * as apigV2AccessLog from "./util/apiGatewayV2AccessLog.js";
|
|
16
16
|
declare const PayloadFormatVersions: readonly ["1.0", "2.0"];
|
|
17
|
-
export type ApiPayloadFormatVersion = typeof PayloadFormatVersions[number];
|
|
17
|
+
export type ApiPayloadFormatVersion = (typeof PayloadFormatVersions)[number];
|
|
18
18
|
export type ApiAuthorizer = ApiUserPoolAuthorizer | ApiJwtAuthorizer | ApiLambdaAuthorizer;
|
|
19
19
|
interface ApiBaseAuthorizer {
|
|
20
20
|
/**
|
package/constructs/Api.js
CHANGED
|
@@ -127,8 +127,7 @@ export class Api extends Construct {
|
|
|
127
127
|
const route = this.routesData[this.normalizeRouteKey(routeKey)];
|
|
128
128
|
if (!route)
|
|
129
129
|
return;
|
|
130
|
-
if (route.type === "function" ||
|
|
131
|
-
route.type === "graphql") {
|
|
130
|
+
if (route.type === "function" || route.type === "graphql") {
|
|
132
131
|
return route.function;
|
|
133
132
|
}
|
|
134
133
|
}
|
|
@@ -143,8 +142,7 @@ export class Api extends Construct {
|
|
|
143
142
|
*/
|
|
144
143
|
bind(constructs) {
|
|
145
144
|
for (const route of Object.values(this.routesData)) {
|
|
146
|
-
if (route.type === "function" ||
|
|
147
|
-
route.type === "graphql") {
|
|
145
|
+
if (route.type === "function" || route.type === "graphql") {
|
|
148
146
|
route.function.bind(constructs);
|
|
149
147
|
}
|
|
150
148
|
}
|
|
@@ -183,8 +181,7 @@ export class Api extends Construct {
|
|
|
183
181
|
*/
|
|
184
182
|
attachPermissions(permissions) {
|
|
185
183
|
for (const route of Object.values(this.routesData)) {
|
|
186
|
-
if (route.type === "function" ||
|
|
187
|
-
route.type === "graphql") {
|
|
184
|
+
if (route.type === "function" || route.type === "graphql") {
|
|
188
185
|
route.function.attachPermissions(permissions);
|
|
189
186
|
}
|
|
190
187
|
}
|
|
@@ -665,7 +665,7 @@ export class ApiGatewayV1Api extends Construct {
|
|
|
665
665
|
const [routeProps, lambda] = (() => {
|
|
666
666
|
if (Fn.isInlineDefinition(routeValue)) {
|
|
667
667
|
const routeProps = {
|
|
668
|
-
function: routeValue
|
|
668
|
+
function: routeValue,
|
|
669
669
|
};
|
|
670
670
|
return [
|
|
671
671
|
routeProps,
|
|
@@ -709,7 +709,7 @@ export class ApiGatewayV1Api extends Construct {
|
|
|
709
709
|
const root = scope.node.root;
|
|
710
710
|
if (root.local) {
|
|
711
711
|
lambda.addEnvironment("SST_DEBUG_IS_API_ROUTE", "1", {
|
|
712
|
-
removeInEdge: true
|
|
712
|
+
removeInEdge: true,
|
|
713
713
|
});
|
|
714
714
|
}
|
|
715
715
|
this.functions[routeKey] = lambda;
|
package/constructs/Auth.js
CHANGED
|
@@ -2,7 +2,7 @@ import * as ssm from "aws-cdk-lib/aws-ssm";
|
|
|
2
2
|
import { Effect, PolicyStatement } from "aws-cdk-lib/aws-iam";
|
|
3
3
|
import { Construct } from "constructs";
|
|
4
4
|
import { Stack } from "./Stack.js";
|
|
5
|
-
import { ENVIRONMENT_PLACEHOLDER, getEnvironmentKey, getParameterPath } from "./util/functionBinding.js";
|
|
5
|
+
import { ENVIRONMENT_PLACEHOLDER, getEnvironmentKey, getParameterPath, } from "./util/functionBinding.js";
|
|
6
6
|
import { CustomResource } from "aws-cdk-lib";
|
|
7
7
|
const PUBLIC_KEY_PROP = "publicKey";
|
|
8
8
|
const PRIVATE_KEY_PROP = "privateKey";
|
|
@@ -42,15 +42,15 @@ export class Auth extends Construct {
|
|
|
42
42
|
resourceType: "Custom::AuthKeys",
|
|
43
43
|
properties: {
|
|
44
44
|
publicPath: getParameterPath(this, PUBLIC_KEY_PROP),
|
|
45
|
-
privatePath: getParameterPath(this, PRIVATE_KEY_PROP)
|
|
46
|
-
}
|
|
45
|
+
privatePath: getParameterPath(this, PRIVATE_KEY_PROP),
|
|
46
|
+
},
|
|
47
47
|
});
|
|
48
48
|
}
|
|
49
49
|
/** @internal */
|
|
50
50
|
getConstructMetadata() {
|
|
51
51
|
return {
|
|
52
52
|
type: "Auth",
|
|
53
|
-
data: {}
|
|
53
|
+
data: {},
|
|
54
54
|
};
|
|
55
55
|
}
|
|
56
56
|
/** @internal */
|
|
@@ -62,14 +62,14 @@ export class Auth extends Construct {
|
|
|
62
62
|
publicKey: {
|
|
63
63
|
environment: ENVIRONMENT_PLACEHOLDER,
|
|
64
64
|
// SSM parameters will be created by the custom resource
|
|
65
|
-
parameter: undefined
|
|
66
|
-
}
|
|
65
|
+
parameter: undefined,
|
|
66
|
+
},
|
|
67
67
|
},
|
|
68
68
|
permissions: {
|
|
69
69
|
"ssm:GetParameters": [
|
|
70
|
-
`arn:${Stack.of(this).partition}:ssm:${app.region}:${app.account}:parameter${getParameterPath(this, PUBLIC_KEY_PROP)}
|
|
71
|
-
]
|
|
72
|
-
}
|
|
70
|
+
`arn:${Stack.of(this).partition}:ssm:${app.region}:${app.account}:parameter${getParameterPath(this, PUBLIC_KEY_PROP)}`,
|
|
71
|
+
],
|
|
72
|
+
},
|
|
73
73
|
};
|
|
74
74
|
}
|
|
75
75
|
/**
|
|
@@ -93,7 +93,7 @@ export class Auth extends Construct {
|
|
|
93
93
|
throw new Error("This Auth construct has already been attached to this Api construct.");
|
|
94
94
|
}
|
|
95
95
|
// Validate: one Api can only have one Auth attached to it
|
|
96
|
-
if (Array.from(Auth.list).some(auth => auth.apis.has(props.api))) {
|
|
96
|
+
if (Array.from(Auth.list).some((auth) => auth.apis.has(props.api))) {
|
|
97
97
|
throw new Error("This Api construct already has an Auth construct attached.");
|
|
98
98
|
}
|
|
99
99
|
const prefix = props.prefix || "/auth";
|
|
@@ -101,8 +101,8 @@ export class Auth extends Construct {
|
|
|
101
101
|
props.api.addRoutes(scope, {
|
|
102
102
|
[path]: {
|
|
103
103
|
type: "function",
|
|
104
|
-
function: this.authenticator
|
|
105
|
-
}
|
|
104
|
+
function: this.authenticator,
|
|
105
|
+
},
|
|
106
106
|
});
|
|
107
107
|
// Auth construct has two types of Function bindinds:
|
|
108
108
|
// - Api routes: bindings defined in `getFunctionBinding()`
|
|
@@ -117,9 +117,9 @@ export class Auth extends Construct {
|
|
|
117
117
|
actions: ["ssm:GetParameters"],
|
|
118
118
|
effect: Effect.ALLOW,
|
|
119
119
|
resources: [
|
|
120
|
-
`arn:${Stack.of(this).partition}:ssm:${app.region}:${app.account}:parameter${getParameterPath(this, "*")}
|
|
121
|
-
]
|
|
122
|
-
})
|
|
120
|
+
`arn:${Stack.of(this).partition}:ssm:${app.region}:${app.account}:parameter${getParameterPath(this, "*")}`,
|
|
121
|
+
],
|
|
122
|
+
}),
|
|
123
123
|
]);
|
|
124
124
|
}
|
|
125
125
|
// Create a parameter for prefix
|
|
@@ -128,7 +128,7 @@ export class Auth extends Construct {
|
|
|
128
128
|
if (this.apis.size === 0) {
|
|
129
129
|
new ssm.StringParameter(this, "prefix", {
|
|
130
130
|
parameterName: getParameterPath(this, PREFIX_PROP),
|
|
131
|
-
stringValue: prefix
|
|
131
|
+
stringValue: prefix,
|
|
132
132
|
});
|
|
133
133
|
}
|
|
134
134
|
this.apis.add(props.api);
|
package/constructs/Cognito.js
CHANGED
|
@@ -2,9 +2,9 @@ import { Construct } from "constructs";
|
|
|
2
2
|
import * as iam from "aws-cdk-lib/aws-iam";
|
|
3
3
|
import * as cognito from "aws-cdk-lib/aws-cognito";
|
|
4
4
|
import { Stack } from "./Stack.js";
|
|
5
|
-
import { getFunctionRef, isCDKConstruct } from "./Construct.js";
|
|
6
|
-
import { Function as Fn } from "./Function.js";
|
|
7
|
-
import { attachPermissionsToRole, attachPermissionsToPolicy } from "./util/permission.js";
|
|
5
|
+
import { getFunctionRef, isCDKConstruct, } from "./Construct.js";
|
|
6
|
+
import { Function as Fn, } from "./Function.js";
|
|
7
|
+
import { attachPermissionsToRole, attachPermissionsToPolicy, } from "./util/permission.js";
|
|
8
8
|
const CognitoUserPoolTriggerOperationMapping = {
|
|
9
9
|
createAuthChallenge: cognito.UserPoolOperation.CREATE_AUTH_CHALLENGE,
|
|
10
10
|
customEmailSender: cognito.UserPoolOperation.CUSTOM_EMAIL_SENDER,
|
|
@@ -17,7 +17,7 @@ const CognitoUserPoolTriggerOperationMapping = {
|
|
|
17
17
|
preSignUp: cognito.UserPoolOperation.PRE_SIGN_UP,
|
|
18
18
|
preTokenGeneration: cognito.UserPoolOperation.PRE_TOKEN_GENERATION,
|
|
19
19
|
userMigration: cognito.UserPoolOperation.USER_MIGRATION,
|
|
20
|
-
verifyAuthChallengeResponse: cognito.UserPoolOperation.VERIFY_AUTH_CHALLENGE_RESPONSE
|
|
20
|
+
verifyAuthChallengeResponse: cognito.UserPoolOperation.VERIFY_AUTH_CHALLENGE_RESPONSE,
|
|
21
21
|
};
|
|
22
22
|
/////////////////////
|
|
23
23
|
// Construct
|
|
@@ -79,7 +79,7 @@ export class Cognito extends Construct {
|
|
|
79
79
|
return this.attachPermissionsForUsers(this.cdk.unauthRole, arg1, arg2);
|
|
80
80
|
}
|
|
81
81
|
bindForTriggers(constructs) {
|
|
82
|
-
Object.values(this.functions).forEach(fn => fn.bind(constructs));
|
|
82
|
+
Object.values(this.functions).forEach((fn) => fn.bind(constructs));
|
|
83
83
|
}
|
|
84
84
|
bindForTrigger(triggerKey, constructs) {
|
|
85
85
|
const fn = this.getFunction(triggerKey);
|
|
@@ -89,7 +89,7 @@ export class Cognito extends Construct {
|
|
|
89
89
|
fn.bind(constructs);
|
|
90
90
|
}
|
|
91
91
|
attachPermissionsForTriggers(permissions) {
|
|
92
|
-
Object.values(this.functions).forEach(fn => fn.attachPermissions(permissions));
|
|
92
|
+
Object.values(this.functions).forEach((fn) => fn.attachPermissions(permissions));
|
|
93
93
|
}
|
|
94
94
|
attachPermissionsForTrigger(triggerKey, permissions) {
|
|
95
95
|
const fn = this.getFunction(triggerKey);
|
|
@@ -109,9 +109,9 @@ export class Cognito extends Construct {
|
|
|
109
109
|
userPoolId: this.cdk.userPool.userPoolId,
|
|
110
110
|
triggers: Object.entries(this.functions).map(([name, fun]) => ({
|
|
111
111
|
name,
|
|
112
|
-
fn: getFunctionRef(fun)
|
|
113
|
-
}))
|
|
114
|
-
}
|
|
112
|
+
fn: getFunctionRef(fun),
|
|
113
|
+
})),
|
|
114
|
+
},
|
|
115
115
|
};
|
|
116
116
|
}
|
|
117
117
|
/** @internal */
|
|
@@ -169,7 +169,7 @@ export class Cognito extends Construct {
|
|
|
169
169
|
selfSignUpEnabled: true,
|
|
170
170
|
signInCaseSensitive: false,
|
|
171
171
|
signInAliases: this.buildSignInAliases(login),
|
|
172
|
-
...cognitoUserPoolProps
|
|
172
|
+
...cognitoUserPoolProps,
|
|
173
173
|
});
|
|
174
174
|
}
|
|
175
175
|
}
|
|
@@ -183,7 +183,7 @@ export class Cognito extends Construct {
|
|
|
183
183
|
{});
|
|
184
184
|
this.cdk.userPoolClient = new cognito.UserPoolClient(this, "UserPoolClient", {
|
|
185
185
|
userPool: this.cdk.userPool,
|
|
186
|
-
...clientProps
|
|
186
|
+
...clientProps,
|
|
187
187
|
});
|
|
188
188
|
}
|
|
189
189
|
}
|
|
@@ -203,7 +203,7 @@ export class Cognito extends Construct {
|
|
|
203
203
|
const urlSuffix = Stack.of(this).urlSuffix;
|
|
204
204
|
cognitoIdentityProviders.push({
|
|
205
205
|
providerName: `cognito-idp.${app.region}.${urlSuffix}/${this.cdk.userPool.userPoolId}`,
|
|
206
|
-
clientId: this.cdk.userPoolClient.userPoolClientId
|
|
206
|
+
clientId: this.cdk.userPoolClient.userPoolClientId,
|
|
207
207
|
});
|
|
208
208
|
if (typeof identityPoolFederation === "object") {
|
|
209
209
|
const { auth0, amazon, apple, facebook, google, twitter } = identityPoolFederation;
|
|
@@ -221,7 +221,7 @@ export class Cognito extends Construct {
|
|
|
221
221
|
url: auth0.domain.startsWith("https://")
|
|
222
222
|
? auth0.domain
|
|
223
223
|
: `https://${auth0.domain}`,
|
|
224
|
-
clientIds: [auth0.clientId]
|
|
224
|
+
clientIds: [auth0.clientId],
|
|
225
225
|
});
|
|
226
226
|
openIdConnectProviderArns.push(provider.openIdConnectProviderArn);
|
|
227
227
|
}
|
|
@@ -272,7 +272,7 @@ export class Cognito extends Construct {
|
|
|
272
272
|
cognitoIdentityProviders,
|
|
273
273
|
supportedLoginProviders,
|
|
274
274
|
openIdConnectProviderArns,
|
|
275
|
-
...identityPoolProps
|
|
275
|
+
...identityPoolProps,
|
|
276
276
|
});
|
|
277
277
|
this.cdk.authRole = this.createAuthRole(this.cdk.cfnIdentityPool);
|
|
278
278
|
this.cdk.unauthRole = this.createUnauthRole(this.cdk.cfnIdentityPool);
|
|
@@ -281,8 +281,8 @@ export class Cognito extends Construct {
|
|
|
281
281
|
identityPoolId: this.cdk.cfnIdentityPool.ref,
|
|
282
282
|
roles: {
|
|
283
283
|
authenticated: this.cdk.authRole.roleArn,
|
|
284
|
-
unauthenticated: this.cdk.unauthRole.roleArn
|
|
285
|
-
}
|
|
284
|
+
unauthenticated: this.cdk.unauthRole.roleArn,
|
|
285
|
+
},
|
|
286
286
|
});
|
|
287
287
|
}
|
|
288
288
|
addTriggers() {
|
|
@@ -315,21 +315,21 @@ export class Cognito extends Construct {
|
|
|
315
315
|
const role = new iam.Role(this, "IdentityPoolAuthRole", {
|
|
316
316
|
assumedBy: new iam.FederatedPrincipal("cognito-identity.amazonaws.com", {
|
|
317
317
|
StringEquals: {
|
|
318
|
-
"cognito-identity.amazonaws.com:aud": identityPool.ref
|
|
318
|
+
"cognito-identity.amazonaws.com:aud": identityPool.ref,
|
|
319
319
|
},
|
|
320
320
|
"ForAnyValue:StringLike": {
|
|
321
|
-
"cognito-identity.amazonaws.com:amr": "authenticated"
|
|
322
|
-
}
|
|
323
|
-
}, "sts:AssumeRoleWithWebIdentity")
|
|
321
|
+
"cognito-identity.amazonaws.com:amr": "authenticated",
|
|
322
|
+
},
|
|
323
|
+
}, "sts:AssumeRoleWithWebIdentity"),
|
|
324
324
|
});
|
|
325
325
|
role.addToPolicy(new iam.PolicyStatement({
|
|
326
326
|
effect: iam.Effect.ALLOW,
|
|
327
327
|
actions: [
|
|
328
328
|
"mobileanalytics:PutEvents",
|
|
329
329
|
"cognito-sync:*",
|
|
330
|
-
"cognito-identity:*"
|
|
330
|
+
"cognito-identity:*",
|
|
331
331
|
],
|
|
332
|
-
resources: ["*"]
|
|
332
|
+
resources: ["*"],
|
|
333
333
|
}));
|
|
334
334
|
return role;
|
|
335
335
|
}
|
|
@@ -337,17 +337,17 @@ export class Cognito extends Construct {
|
|
|
337
337
|
const role = new iam.Role(this, "IdentityPoolUnauthRole", {
|
|
338
338
|
assumedBy: new iam.FederatedPrincipal("cognito-identity.amazonaws.com", {
|
|
339
339
|
StringEquals: {
|
|
340
|
-
"cognito-identity.amazonaws.com:aud": identityPool.ref
|
|
340
|
+
"cognito-identity.amazonaws.com:aud": identityPool.ref,
|
|
341
341
|
},
|
|
342
342
|
"ForAnyValue:StringLike": {
|
|
343
|
-
"cognito-identity.amazonaws.com:amr": "unauthenticated"
|
|
344
|
-
}
|
|
345
|
-
}, "sts:AssumeRoleWithWebIdentity")
|
|
343
|
+
"cognito-identity.amazonaws.com:amr": "unauthenticated",
|
|
344
|
+
},
|
|
345
|
+
}, "sts:AssumeRoleWithWebIdentity"),
|
|
346
346
|
});
|
|
347
347
|
role.addToPolicy(new iam.PolicyStatement({
|
|
348
348
|
effect: iam.Effect.ALLOW,
|
|
349
349
|
actions: ["mobileanalytics:PutEvents", "cognito-sync:*"],
|
|
350
|
-
resources: ["*"]
|
|
350
|
+
resources: ["*"],
|
|
351
351
|
}));
|
|
352
352
|
return role;
|
|
353
353
|
}
|
|
@@ -359,7 +359,7 @@ export class Cognito extends Construct {
|
|
|
359
359
|
email: login.includes("email"),
|
|
360
360
|
phone: login.includes("phone"),
|
|
361
361
|
username: login.includes("username"),
|
|
362
|
-
preferredUsername: login.includes("preferredUsername")
|
|
362
|
+
preferredUsername: login.includes("preferredUsername"),
|
|
363
363
|
};
|
|
364
364
|
}
|
|
365
365
|
}
|
|
@@ -7,7 +7,7 @@ import * as iam from "aws-cdk-lib/aws-iam";
|
|
|
7
7
|
import * as lambda from "aws-cdk-lib/aws-lambda";
|
|
8
8
|
import * as s3Assets from "aws-cdk-lib/aws-s3-assets";
|
|
9
9
|
import { AwsCliLayer } from "aws-cdk-lib/lambda-layer-awscli";
|
|
10
|
-
import { Lazy, Duration, CustomResource
|
|
10
|
+
import { Lazy, Duration, CustomResource } from "aws-cdk-lib";
|
|
11
11
|
import { Stack } from "./Stack.js";
|
|
12
12
|
import { attachPermissionsToRole } from "./util/permission.js";
|
|
13
13
|
const __dirname = path.dirname(url.fileURLToPath(import.meta.url));
|
|
@@ -171,7 +171,9 @@ ${exports}
|
|
|
171
171
|
provider.role?.addToPrincipalPolicy(new iam.PolicyStatement({
|
|
172
172
|
effect: iam.Effect.ALLOW,
|
|
173
173
|
actions: ["s3:*"],
|
|
174
|
-
resources: [
|
|
174
|
+
resources: [
|
|
175
|
+
`arn:${stack.partition}:s3:::${asset.s3BucketName}/${asset.s3ObjectKey}`,
|
|
176
|
+
],
|
|
175
177
|
}));
|
|
176
178
|
// Create custom resource to replace the code
|
|
177
179
|
const resource = new CustomResource(this.scope, resId, {
|
|
@@ -182,11 +184,13 @@ ${exports}
|
|
|
182
184
|
BucketName: asset.s3BucketName,
|
|
183
185
|
ObjectKey: asset.s3ObjectKey,
|
|
184
186
|
},
|
|
185
|
-
ReplaceValues: [
|
|
187
|
+
ReplaceValues: [
|
|
188
|
+
{
|
|
186
189
|
files: `index-wrapper.${format === "esm" ? "mjs" : "cjs"}`,
|
|
187
190
|
search: '"{{ _SST_EDGE_FUNCTION_ENVIRONMENT_ }}"',
|
|
188
191
|
replace: JSON.stringify(this.props.environment || {}),
|
|
189
|
-
}
|
|
192
|
+
},
|
|
193
|
+
],
|
|
190
194
|
},
|
|
191
195
|
});
|
|
192
196
|
return resource;
|
package/constructs/NextjsSite.js
CHANGED
|
@@ -2,7 +2,7 @@ import fs from "fs";
|
|
|
2
2
|
import url from "url";
|
|
3
3
|
import path from "path";
|
|
4
4
|
import spawn from "cross-spawn";
|
|
5
|
-
import { Fn, Duration, RemovalPolicy
|
|
5
|
+
import { Fn, Duration, RemovalPolicy } from "aws-cdk-lib";
|
|
6
6
|
import * as logs from "aws-cdk-lib/aws-logs";
|
|
7
7
|
import * as lambda from "aws-cdk-lib/aws-lambda";
|
|
8
8
|
import * as cloudfront from "aws-cdk-lib/aws-cloudfront";
|
|
@@ -84,7 +84,7 @@ export class NextjsSite extends SsrSite {
|
|
|
84
84
|
timeout: Duration.seconds(defaults?.function?.timeout || 10),
|
|
85
85
|
environment: {
|
|
86
86
|
BUCKET_NAME: this.cdk.bucket.bucketName,
|
|
87
|
-
}
|
|
87
|
+
},
|
|
88
88
|
});
|
|
89
89
|
}
|
|
90
90
|
createMiddlewareEdgeFunctionForRegional() {
|
|
@@ -129,10 +129,12 @@ export class NextjsSite extends SsrSite {
|
|
|
129
129
|
cachePolicy: cdk?.cachePolicies?.serverRequests ??
|
|
130
130
|
this.createCloudFrontServerCachePolicy(),
|
|
131
131
|
edgeLambdas: isMiddlewareEnabled
|
|
132
|
-
? [
|
|
132
|
+
? [
|
|
133
|
+
{
|
|
133
134
|
eventType: cloudfront.LambdaEdgeEventType.VIEWER_REQUEST,
|
|
134
135
|
functionVersion: middlewareFn.currentVersion,
|
|
135
|
-
}
|
|
136
|
+
},
|
|
137
|
+
]
|
|
136
138
|
: undefined,
|
|
137
139
|
};
|
|
138
140
|
// Create image optimization behavior
|
package/constructs/Queue.js
CHANGED
|
@@ -2,7 +2,7 @@ import { Construct } from "constructs";
|
|
|
2
2
|
import * as sqs from "aws-cdk-lib/aws-sqs";
|
|
3
3
|
import * as lambdaEventSources from "aws-cdk-lib/aws-lambda-event-sources";
|
|
4
4
|
import { getFunctionRef, isCDKConstruct } from "./Construct.js";
|
|
5
|
-
import { Function as Fn } from "./Function.js";
|
|
5
|
+
import { Function as Fn, } from "./Function.js";
|
|
6
6
|
import { toCdkDuration } from "./util/duration.js";
|
|
7
7
|
/////////////////////
|
|
8
8
|
// Construct
|
|
@@ -105,7 +105,7 @@ export class Queue extends Construct {
|
|
|
105
105
|
const fn = Fn.fromDefinition(scope, `Consumer_${this.node.id}`, functionDefinition);
|
|
106
106
|
fn.addEventSource(new lambdaEventSources.SqsEventSource(this.cdk.queue, eventSourceProps));
|
|
107
107
|
// Attach permissions
|
|
108
|
-
this.permissionsAttachedForAllConsumers.forEach(permissions => {
|
|
108
|
+
this.permissionsAttachedForAllConsumers.forEach((permissions) => {
|
|
109
109
|
fn.attachPermissions(permissions);
|
|
110
110
|
});
|
|
111
111
|
fn.bind(this.bindingForAllConsumers);
|
|
@@ -151,8 +151,8 @@ export class Queue extends Construct {
|
|
|
151
151
|
data: {
|
|
152
152
|
name: this.cdk.queue.queueName,
|
|
153
153
|
url: this.cdk.queue.queueUrl,
|
|
154
|
-
consumer: getFunctionRef(this.consumerFunction)
|
|
155
|
-
}
|
|
154
|
+
consumer: getFunctionRef(this.consumerFunction),
|
|
155
|
+
},
|
|
156
156
|
};
|
|
157
157
|
}
|
|
158
158
|
/** @internal */
|
|
@@ -162,12 +162,12 @@ export class Queue extends Construct {
|
|
|
162
162
|
variables: {
|
|
163
163
|
queueUrl: {
|
|
164
164
|
environment: this.queueUrl,
|
|
165
|
-
parameter: this.queueUrl
|
|
166
|
-
}
|
|
165
|
+
parameter: this.queueUrl,
|
|
166
|
+
},
|
|
167
167
|
},
|
|
168
168
|
permissions: {
|
|
169
|
-
"sqs:*": [this.queueArn]
|
|
170
|
-
}
|
|
169
|
+
"sqs:*": [this.queueArn],
|
|
170
|
+
},
|
|
171
171
|
};
|
|
172
172
|
}
|
|
173
173
|
createQueue() {
|
|
@@ -191,7 +191,7 @@ export class Queue extends Construct {
|
|
|
191
191
|
// TODO
|
|
192
192
|
console.log(toCdkDuration("900 seconds"));
|
|
193
193
|
debugOverrideProps = {
|
|
194
|
-
visibilityTimeout: toCdkDuration("900 seconds")
|
|
194
|
+
visibilityTimeout: toCdkDuration("900 seconds"),
|
|
195
195
|
};
|
|
196
196
|
}
|
|
197
197
|
}
|
|
@@ -199,7 +199,7 @@ export class Queue extends Construct {
|
|
|
199
199
|
this.cdk.queue = new sqs.Queue(this, "Queue", {
|
|
200
200
|
queueName: name,
|
|
201
201
|
...sqsQueueProps,
|
|
202
|
-
...debugOverrideProps
|
|
202
|
+
...debugOverrideProps,
|
|
203
203
|
});
|
|
204
204
|
}
|
|
205
205
|
}
|
package/constructs/Secret.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
2
|
import { Stack } from "./Stack.js";
|
|
3
|
-
import { ENVIRONMENT_PLACEHOLDER, getParameterPath, getParameterFallbackPath } from "./util/functionBinding.js";
|
|
3
|
+
import { ENVIRONMENT_PLACEHOLDER, getParameterPath, getParameterFallbackPath, } from "./util/functionBinding.js";
|
|
4
4
|
/**
|
|
5
5
|
* The `Secret` construct is a higher level CDK construct that makes it easy to manage app secrets.
|
|
6
6
|
*
|
|
@@ -46,7 +46,7 @@ export class Secret extends Construct {
|
|
|
46
46
|
permissions: {
|
|
47
47
|
"ssm:GetParameters": [
|
|
48
48
|
`arn:${partition}:ssm:${app.region}:${app.account}:parameter${getParameterPath(this, "value")}`,
|
|
49
|
-
`arn:${partition}:ssm:${app.region}:${app.account}:parameter${getParameterFallbackPath(this, "value")}
|
|
49
|
+
`arn:${partition}:ssm:${app.region}:${app.account}:parameter${getParameterFallbackPath(this, "value")}`,
|
|
50
50
|
],
|
|
51
51
|
},
|
|
52
52
|
};
|
|
@@ -54,7 +54,9 @@ export class SolidStartSite extends SsrSite {
|
|
|
54
54
|
const outputPath = path.resolve(path.join(useProject().paths.artifacts, `SolidStartSiteFunction-${this.node.id}-${this.node.addr}`));
|
|
55
55
|
// Bundle code
|
|
56
56
|
const result = esbuild.buildSync({
|
|
57
|
-
entryPoints: [
|
|
57
|
+
entryPoints: [
|
|
58
|
+
path.join(this.props.path, this.buildConfig.serverBuildOutputFile),
|
|
59
|
+
],
|
|
58
60
|
target: "esnext",
|
|
59
61
|
format: "esm",
|
|
60
62
|
platform: "node",
|
package/constructs/SsrSite.js
CHANGED
|
@@ -143,7 +143,6 @@ export class SsrSite extends Construct {
|
|
|
143
143
|
if (this.doNotDeploy) {
|
|
144
144
|
throw new VisibleError(`Cannot access CDK resources for the "${this.node.id}" site in dev mode`);
|
|
145
145
|
}
|
|
146
|
-
;
|
|
147
146
|
return {
|
|
148
147
|
function: this.serverLambdaForRegional,
|
|
149
148
|
bucket: this.bucket,
|