sst 2.40.1 → 2.40.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/cdk/deploy-stack.js +2 -0
  2. package/cli/commands/bind.js +1 -1
  3. package/cli/commands/secrets/list.js +1 -1
  4. package/constructs/Api.d.ts +4 -4
  5. package/constructs/Api.js +1 -1
  6. package/constructs/ApiGatewayV1Api.d.ts +4 -4
  7. package/constructs/ApiGatewayV1Api.js +1 -1
  8. package/constructs/App.d.ts +2 -1
  9. package/constructs/App.js +7 -11
  10. package/constructs/AppSyncApi.d.ts +4 -4
  11. package/constructs/AppSyncApi.js +1 -1
  12. package/constructs/Auth.d.ts +2 -2
  13. package/constructs/Auth.js +3 -3
  14. package/constructs/Bucket.d.ts +5 -5
  15. package/constructs/Bucket.js +1 -1
  16. package/constructs/Cognito.d.ts +4 -3
  17. package/constructs/Cognito.js +1 -1
  18. package/constructs/Construct.d.ts +2 -2
  19. package/constructs/Cron.d.ts +3 -2
  20. package/constructs/Cron.js +1 -1
  21. package/constructs/EdgeFunction.d.ts +2 -2
  22. package/constructs/EdgeFunction.js +6 -9
  23. package/constructs/EventBus.d.ts +4 -4
  24. package/constructs/EventBus.js +1 -1
  25. package/constructs/Function.d.ts +42 -6
  26. package/constructs/Function.js +19 -14
  27. package/constructs/Job.d.ts +43 -4
  28. package/constructs/Job.js +11 -14
  29. package/constructs/KinesisStream.d.ts +4 -4
  30. package/constructs/KinesisStream.js +1 -1
  31. package/constructs/Parameter.d.ts +2 -2
  32. package/constructs/Parameter.js +1 -1
  33. package/constructs/Queue.d.ts +3 -3
  34. package/constructs/Queue.js +1 -1
  35. package/constructs/RDS.d.ts +2 -2
  36. package/constructs/RDS.js +1 -1
  37. package/constructs/Script.d.ts +3 -2
  38. package/constructs/Script.js +2 -2
  39. package/constructs/Secret.d.ts +2 -2
  40. package/constructs/Secret.js +2 -2
  41. package/constructs/Service.d.ts +43 -4
  42. package/constructs/Service.js +31 -15
  43. package/constructs/SsrFunction.d.ts +3 -2
  44. package/constructs/SsrFunction.js +7 -13
  45. package/constructs/SsrSite.d.ts +3 -3
  46. package/constructs/SsrSite.js +2 -2
  47. package/constructs/Stack.d.ts +2 -2
  48. package/constructs/StaticSite.d.ts +2 -2
  49. package/constructs/StaticSite.js +2 -2
  50. package/constructs/Table.d.ts +4 -4
  51. package/constructs/Table.js +1 -1
  52. package/constructs/Topic.d.ts +4 -4
  53. package/constructs/Topic.js +1 -1
  54. package/constructs/WebSocketApi.d.ts +4 -4
  55. package/constructs/WebSocketApi.js +1 -1
  56. package/constructs/deprecated/NextjsSite.d.ts +2 -2
  57. package/constructs/deprecated/NextjsSite.js +2 -2
  58. package/constructs/future/Auth.d.ts +2 -2
  59. package/constructs/future/Auth.js +2 -2
  60. package/constructs/util/{functionBinding.d.ts → binding.d.ts} +14 -6
  61. package/constructs/util/{functionBinding.js → binding.js} +28 -14
  62. package/package.json +2 -2
  63. package/runtime/handlers/container.js +42 -0
  64. package/runtime/handlers/rust.js +3 -2
@@ -264,6 +264,8 @@ class FullCloudFormationDeployment {
264
264
  }
265
265
  throw err;
266
266
  }
267
+ if (this.options.noMonitor)
268
+ return;
267
269
  return this.monitorDeployment(startTime, undefined);
268
270
  }
269
271
  else {
@@ -30,7 +30,7 @@ export const bind = (program) => program
30
30
  import("../../constructs/StaticSite.js"),
31
31
  import("../../constructs/deprecated/NextjsSite.js"),
32
32
  import("../../constructs/Config.js"),
33
- import("../../constructs/util/functionBinding.js"),
33
+ import("../../constructs/util/binding.js"),
34
34
  ]);
35
35
  try {
36
36
  // Handle deprecated "env" command
@@ -18,7 +18,7 @@ export const list = (program) => program.command("list [format]", "Fetch all the
18
18
  }), {});
19
19
  if (Object.entries(secrets).length === 0) {
20
20
  Colors.line("No secrets set");
21
- return;
21
+ await exit();
22
22
  }
23
23
  switch (args.format || "table") {
24
24
  case "json":
@@ -5,7 +5,7 @@ import { HttpJwtAuthorizer, HttpLambdaAuthorizer, HttpLambdaResponseType, HttpUs
5
5
  import { HttpAwsIntegrationProps } from "./cdk/HttpAwsIntegration.js";
6
6
  import { SSTConstruct } from "./Construct.js";
7
7
  import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
8
- import { FunctionBindingProps } from "./util/functionBinding.js";
8
+ import { BindingResource, BindingProps } from "./util/binding.js";
9
9
  import { Duration } from "./util/duration.js";
10
10
  import { Permissions } from "./util/permission.js";
11
11
  import * as apigV2Cors from "./util/apiGatewayV2Cors.js";
@@ -699,7 +699,7 @@ export declare class Api<Authorizers extends Record<string, ApiAuthorizer> = Rec
699
699
  * api.bind([STRIPE_KEY, bucket]);
700
700
  * ```
701
701
  */
702
- bind(constructs: SSTConstruct[]): void;
702
+ bind(constructs: BindingResource[]): void;
703
703
  /**
704
704
  * Binds the given list of resources to a specific route.
705
705
  *
@@ -715,7 +715,7 @@ export declare class Api<Authorizers extends Record<string, ApiAuthorizer> = Rec
715
715
  * ```
716
716
  *
717
717
  */
718
- bindToRoute(routeKey: string, constructs: SSTConstruct[]): void;
718
+ bindToRoute(routeKey: string, constructs: BindingResource[]): void;
719
719
  /**
720
720
  * Attaches the given list of permissions to all the routes. This allows the functions to access other AWS resources.
721
721
  *
@@ -783,7 +783,7 @@ export declare class Api<Authorizers extends Record<string, ApiAuthorizer> = Rec
783
783
  };
784
784
  };
785
785
  /** @internal */
786
- getFunctionBinding(): FunctionBindingProps;
786
+ getBindings(): BindingProps;
787
787
  private createHttpApi;
788
788
  private addAuthorizers;
789
789
  private addRoute;
package/constructs/Api.js CHANGED
@@ -243,7 +243,7 @@ export class Api extends Construct {
243
243
  };
244
244
  }
245
245
  /** @internal */
246
- getFunctionBinding() {
246
+ getBindings() {
247
247
  return {
248
248
  clientPackage: "api",
249
249
  variables: {
@@ -7,7 +7,7 @@ import * as lambda from "aws-cdk-lib/aws-lambda";
7
7
  import * as apig from "aws-cdk-lib/aws-apigateway";
8
8
  import * as apigV1AccessLog from "./util/apiGatewayV1AccessLog.js";
9
9
  import { Bucket } from "./Bucket.js";
10
- import { FunctionBindingProps } from "./util/functionBinding.js";
10
+ import { BindingResource, BindingProps } from "./util/binding.js";
11
11
  import { Duration } from "./util/duration.js";
12
12
  import { SSTConstruct } from "./Construct.js";
13
13
  import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
@@ -567,7 +567,7 @@ export declare class ApiGatewayV1Api<Authorizers extends Record<string, ApiGatew
567
567
  * api.bind([STRIPE_KEY, bucket]);
568
568
  * ```
569
569
  */
570
- bind(constructs: SSTConstruct[]): void;
570
+ bind(constructs: BindingResource[]): void;
571
571
  /**
572
572
  * Binds the given list of resources to a specific route.
573
573
  *
@@ -583,7 +583,7 @@ export declare class ApiGatewayV1Api<Authorizers extends Record<string, ApiGatew
583
583
  * ```
584
584
  *
585
585
  */
586
- bindToRoute(routeKey: string, constructs: SSTConstruct[]): void;
586
+ bindToRoute(routeKey: string, constructs: BindingResource[]): void;
587
587
  /**
588
588
  * Attaches the given list of permissions to all the routes. This allows the functions to access other AWS resources.
589
589
  *
@@ -626,7 +626,7 @@ export declare class ApiGatewayV1Api<Authorizers extends Record<string, ApiGatew
626
626
  };
627
627
  };
628
628
  /** @internal */
629
- getFunctionBinding(): FunctionBindingProps;
629
+ getBindings(): BindingProps;
630
630
  private createRestApi;
631
631
  private buildCorsConfig;
632
632
  private createGatewayResponseForCors;
@@ -233,7 +233,7 @@ export class ApiGatewayV1Api extends Construct {
233
233
  };
234
234
  }
235
235
  /** @internal */
236
- getFunctionBinding() {
236
+ getBindings() {
237
237
  return {
238
238
  clientPackage: "api",
239
239
  variables: {
@@ -2,6 +2,7 @@ import { Stack } from "./Stack.js";
2
2
  import { SSTConstruct } from "./Construct.js";
3
3
  import { FunctionProps } from "./Function.js";
4
4
  import { Permissions } from "./util/permission.js";
5
+ import { BindingResource } from "./util/binding.js";
5
6
  import { StackProps } from "./Stack.js";
6
7
  import { FunctionalStack } from "./FunctionalStack.js";
7
8
  import { AppProps as CDKAppProps, App as CDKApp, Stack as CDKStack, RemovalPolicy } from "aws-cdk-lib/core";
@@ -144,7 +145,7 @@ export declare class App extends CDKApp {
144
145
  * app.addDefaultFunctionBinding([STRIPE_KEY, bucket]);
145
146
  * ```
146
147
  */
147
- addDefaultFunctionBinding(bind: SSTConstruct[]): void;
148
+ addDefaultFunctionBinding(bind: BindingResource[]): void;
148
149
  /**
149
150
  * Adds additional default layers to be applied to all Lambda functions in the stack.
150
151
  */
package/constructs/App.js CHANGED
@@ -3,7 +3,7 @@ import fs from "fs";
3
3
  import { Stack } from "./Stack.js";
4
4
  import { isSSTConstruct, isStackConstruct, } from "./Construct.js";
5
5
  import { useFunctions } from "./Function.js";
6
- import { bindParameters, bindType } from "./util/functionBinding.js";
6
+ import { getBindingParameters, getBindingType, } from "./util/binding.js";
7
7
  import { stack } from "./FunctionalStack.js";
8
8
  import { Auth } from "./Auth.js";
9
9
  import { useDeferredTasks } from "./deferred_task.js";
@@ -203,7 +203,7 @@ export class App extends CDKApp {
203
203
  if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind) {
204
204
  return;
205
205
  }
206
- const binding = bindType(c);
206
+ const binding = getBindingType(c);
207
207
  if (!binding) {
208
208
  return;
209
209
  }
@@ -325,13 +325,11 @@ export class App extends CDKApp {
325
325
  createBindingSsmParameters() {
326
326
  class CreateSsmParameters {
327
327
  visit(c) {
328
- if (!isSSTConstruct(c)) {
328
+ if (!isSSTConstruct(c))
329
329
  return;
330
- }
331
- if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind) {
330
+ if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind)
332
331
  return;
333
- }
334
- bindParameters(c);
332
+ getBindingParameters(c);
335
333
  }
336
334
  }
337
335
  Aspects.of(this).add(new CreateSsmParameters());
@@ -423,12 +421,10 @@ export class App extends CDKApp {
423
421
  const ids = {};
424
422
  class EnsureUniqueConstructIds {
425
423
  visit(c) {
426
- if (!isSSTConstruct(c)) {
424
+ if (!isSSTConstruct(c))
427
425
  return;
428
- }
429
- if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind) {
426
+ if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind)
430
427
  return;
431
- }
432
428
  const className = c.constructor.name;
433
429
  const id = c.id;
434
430
  const normId = id.replace(/-/g, "_");
@@ -5,7 +5,7 @@ import { RDS } from "./RDS.js";
5
5
  import * as appSyncApiDomain from "./util/appSyncApiDomain.js";
6
6
  import { SSTConstruct } from "./Construct.js";
7
7
  import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
8
- import { FunctionBindingProps } from "./util/functionBinding.js";
8
+ import { BindingResource, BindingProps } from "./util/binding.js";
9
9
  import { Permissions } from "./util/permission.js";
10
10
  import { Table as CDKTable } from "aws-cdk-lib/aws-dynamodb";
11
11
  import { IServerlessCluster } from "aws-cdk-lib/aws-rds";
@@ -491,7 +491,7 @@ export declare class AppSyncApi extends Construct implements SSTConstruct {
491
491
  * api.bind([STRIPE_KEY, bucket]);
492
492
  * ```
493
493
  */
494
- bind(constructs: SSTConstruct[]): void;
494
+ bind(constructs: BindingResource[]): void;
495
495
  /**
496
496
  * Binds the given list of resources to a specific function data source.
497
497
  *
@@ -501,7 +501,7 @@ export declare class AppSyncApi extends Construct implements SSTConstruct {
501
501
  * ```
502
502
  *
503
503
  */
504
- bindToDataSource(key: string, constructs: SSTConstruct[]): void;
504
+ bindToDataSource(key: string, constructs: BindingResource[]): void;
505
505
  /**
506
506
  * Attaches the given list of permissions to all function data sources
507
507
  *
@@ -537,7 +537,7 @@ export declare class AppSyncApi extends Construct implements SSTConstruct {
537
537
  };
538
538
  };
539
539
  /** @internal */
540
- getFunctionBinding(): FunctionBindingProps | undefined;
540
+ getBindings(): BindingProps | undefined;
541
541
  private createGraphApi;
542
542
  private addDataSource;
543
543
  private addResolver;
@@ -253,7 +253,7 @@ export class AppSyncApi extends Construct {
253
253
  };
254
254
  }
255
255
  /** @internal */
256
- getFunctionBinding() {
256
+ getBindings() {
257
257
  // Do not bind imported AppSync APIs b/c we don't know the API URL
258
258
  if (!this.url) {
259
259
  return;
@@ -2,7 +2,7 @@ import { Construct } from "constructs";
2
2
  import { Api } from "./Api.js";
3
3
  import { FunctionDefinition } from "./Function.js";
4
4
  import { SSTConstruct } from "./Construct.js";
5
- import { FunctionBindingProps } from "./util/functionBinding.js";
5
+ import { BindingProps } from "./util/binding.js";
6
6
  export interface AuthProps {
7
7
  /**
8
8
  * The function that will handle authentication
@@ -73,7 +73,7 @@ export declare class Auth extends Construct implements SSTConstruct {
73
73
  data: {};
74
74
  };
75
75
  /** @internal */
76
- getFunctionBinding(): FunctionBindingProps;
76
+ getBindings(): BindingProps;
77
77
  /**
78
78
  * Attaches auth construct to an API
79
79
  *
@@ -2,7 +2,7 @@ import * as ssm from "aws-cdk-lib/aws-ssm";
2
2
  import { Effect, Policy, PolicyStatement } from "aws-cdk-lib/aws-iam";
3
3
  import { Construct } from "constructs";
4
4
  import { Stack } from "./Stack.js";
5
- import { getEnvironmentKey, getParameterPath, placeholderSecretValue, } from "./util/functionBinding.js";
5
+ import { getEnvironmentKey, getParameterPath, placeholderSecretValue, } from "./util/binding.js";
6
6
  import { CustomResource } from "aws-cdk-lib/core";
7
7
  const PUBLIC_KEY_PROP = "publicKey";
8
8
  const PRIVATE_KEY_PROP = "privateKey";
@@ -72,7 +72,7 @@ export class Auth extends Construct {
72
72
  };
73
73
  }
74
74
  /** @internal */
75
- getFunctionBinding() {
75
+ getBindings() {
76
76
  const app = this.node.root;
77
77
  return {
78
78
  clientPackage: "auth",
@@ -127,7 +127,7 @@ export class Auth extends Construct {
127
127
  },
128
128
  });
129
129
  // Auth construct has two types of Function bindinds:
130
- // - Api routes: bindings defined in `getFunctionBinding()`
130
+ // - Api routes: bindings defined in `getBindings()`
131
131
  // ie. calling `bind([auth])` will grant functions access to the public key
132
132
  // - Auth authenticator: binds manually. Need to grant access to the prefix and private key
133
133
  const fn = props.api.getFunction(path);
@@ -3,7 +3,7 @@ import { Queue } from "./Queue.js";
3
3
  import { Topic } from "./Topic.js";
4
4
  import { SSTConstruct } from "./Construct.js";
5
5
  import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
6
- import { FunctionBindingProps } from "./util/functionBinding.js";
6
+ import { BindingResource, BindingProps } from "./util/binding.js";
7
7
  import { Permissions } from "./util/permission.js";
8
8
  import { Duration } from "./util/duration.js";
9
9
  import { BucketProps as CDKBucketProps, IBucket, EventType, HttpMethods } from "aws-cdk-lib/aws-s3";
@@ -253,7 +253,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
253
253
  bucket: IBucket;
254
254
  };
255
255
  readonly notifications: Record<string, Fn | Queue | Topic>;
256
- readonly bindingForAllNotifications: SSTConstruct[];
256
+ readonly bindingForAllNotifications: BindingResource[];
257
257
  readonly permissionsAttachedForAllNotifications: Permissions[];
258
258
  readonly props: BucketProps;
259
259
  constructor(scope: Construct, id: string, props?: BucketProps);
@@ -294,7 +294,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
294
294
  * bucket.bind([STRIPE_KEY, bucket]);
295
295
  * ```
296
296
  */
297
- bind(constructs: SSTConstruct[]): void;
297
+ bind(constructs: BindingResource[]): void;
298
298
  /**
299
299
  * Binds the given list of resources to a specific bucket notification
300
300
  *
@@ -309,7 +309,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
309
309
  * bucket.bindToNotification("myNotification", ["s3"]);
310
310
  * ```
311
311
  */
312
- bindToNotification(notificationName: string, constructs: SSTConstruct[]): void;
312
+ bindToNotification(notificationName: string, constructs: BindingResource[]): void;
313
313
  /**
314
314
  * Attaches additional permissions to all bucket notifications
315
315
  * @example
@@ -351,7 +351,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
351
351
  };
352
352
  };
353
353
  /** @internal */
354
- getFunctionBinding(): FunctionBindingProps;
354
+ getBindings(): BindingProps;
355
355
  private createBucket;
356
356
  private addNotification;
357
357
  private addQueueNotification;
@@ -158,7 +158,7 @@ export class Bucket extends Construct {
158
158
  };
159
159
  }
160
160
  /** @internal */
161
- getFunctionBinding() {
161
+ getBindings() {
162
162
  return {
163
163
  clientPackage: "bucket",
164
164
  variables: {
@@ -4,6 +4,7 @@ import { Function as Fn, FunctionProps, FunctionDefinition } from "./Function.js
4
4
  import { Permissions } from "./util/permission.js";
5
5
  import { CfnIdentityPool, CfnIdentityPoolProps, CfnIdentityPoolRoleAttachment, IUserPool, IUserPoolClient, UserPoolClientOptions, UserPoolProps } from "aws-cdk-lib/aws-cognito";
6
6
  import { Role } from "aws-cdk-lib/aws-iam";
7
+ import { BindingResource } from "./util/binding.js";
7
8
  export interface CognitoUserPoolTriggers {
8
9
  createAuthChallenge?: FunctionDefinition;
9
10
  customEmailSender?: FunctionDefinition;
@@ -198,8 +199,8 @@ export declare class Cognito extends Construct implements SSTConstruct {
198
199
  * ```
199
200
  */
200
201
  attachPermissionsForUnauthUsers(permissions: Permissions): void;
201
- bindForTriggers(constructs: SSTConstruct[]): void;
202
- bindForTrigger(triggerKey: keyof CognitoUserPoolTriggers, constructs: SSTConstruct[]): void;
202
+ bindForTriggers(constructs: BindingResource[]): void;
203
+ bindForTrigger(triggerKey: keyof CognitoUserPoolTriggers, constructs: BindingResource[]): void;
203
204
  attachPermissionsForTriggers(permissions: Permissions): void;
204
205
  attachPermissionsForTrigger(triggerKey: keyof CognitoUserPoolTriggers, permissions: Permissions): void;
205
206
  getFunction(triggerKey: keyof CognitoUserPoolTriggers): Fn | undefined;
@@ -218,7 +219,7 @@ export declare class Cognito extends Construct implements SSTConstruct {
218
219
  };
219
220
  };
220
221
  /** @internal */
221
- getFunctionBinding(): undefined;
222
+ getBindings(): undefined;
222
223
  private attachPermissionsForUsers;
223
224
  private createUserPool;
224
225
  private createUserPoolClient;
@@ -117,7 +117,7 @@ export class Cognito extends Construct {
117
117
  };
118
118
  }
119
119
  /** @internal */
120
- getFunctionBinding() {
120
+ getBindings() {
121
121
  return undefined;
122
122
  }
123
123
  attachPermissionsForUsers(role, arg1, arg2) {
@@ -1,6 +1,6 @@
1
1
  import { Construct } from "constructs";
2
2
  import { Stack as CDKStack } from "aws-cdk-lib/core";
3
- import { FunctionBindingProps } from "./util/functionBinding.js";
3
+ import { BindingProps } from "./util/binding.js";
4
4
  export interface SSTConstructMetadata<T extends string = string, D extends Record<string, any> = Record<string, any>, L extends Record<string, any> = Record<string, any>> {
5
5
  type: T;
6
6
  data: D;
@@ -9,7 +9,7 @@ export interface SSTConstructMetadata<T extends string = string, D extends Recor
9
9
  export interface SSTConstruct extends Construct {
10
10
  id: string;
11
11
  getConstructMetadata(): SSTConstructMetadata;
12
- getFunctionBinding(): FunctionBindingProps | undefined;
12
+ getBindings(): BindingProps | undefined;
13
13
  }
14
14
  export declare function getFunctionRef(fn?: any): {
15
15
  node: string;
@@ -3,6 +3,7 @@ import * as events from "aws-cdk-lib/aws-events";
3
3
  import * as eventsTargets from "aws-cdk-lib/aws-events-targets";
4
4
  import { SSTConstruct } from "./Construct.js";
5
5
  import { Function as Func, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
6
+ import { BindingResource } from "./util/binding.js";
6
7
  import { Permissions } from "./util/permission.js";
7
8
  export interface CronJobProps {
8
9
  /**
@@ -134,7 +135,7 @@ export declare class Cron extends Construct implements SSTConstruct {
134
135
  * ```
135
136
  *
136
137
  */
137
- bind(constructs: SSTConstruct[]): void;
138
+ bind(constructs: BindingResource[]): void;
138
139
  /**
139
140
  * Attaches the given list of permissions to the cron job. This allows the function to access other AWS resources.
140
141
  *
@@ -158,7 +159,7 @@ export declare class Cron extends Construct implements SSTConstruct {
158
159
  };
159
160
  };
160
161
  /** @internal */
161
- getFunctionBinding(): undefined;
162
+ getBindings(): undefined;
162
163
  private createEventsRule;
163
164
  private createRuleTarget;
164
165
  }
@@ -76,7 +76,7 @@ export class Cron extends Construct {
76
76
  };
77
77
  }
78
78
  /** @internal */
79
- getFunctionBinding() {
79
+ getBindings() {
80
80
  return undefined;
81
81
  }
82
82
  createEventsRule() {
@@ -1,8 +1,8 @@
1
1
  import { Construct, IConstruct } from "constructs";
2
2
  import { Role } from "aws-cdk-lib/aws-iam";
3
3
  import { IVersion, IFunction as CdkIFunction } from "aws-cdk-lib/aws-lambda";
4
- import { SSTConstruct } from "./Construct.js";
5
4
  import { NodeJSProps, FunctionCopyFilesProps } from "./Function.js";
5
+ import { BindingResource } from "./util/binding.js";
6
6
  import { Size } from "./util/size.js";
7
7
  import { Duration } from "./util/duration.js";
8
8
  import { Permissions } from "./util/permission.js";
@@ -14,7 +14,7 @@ export interface EdgeFunctionProps {
14
14
  memorySize?: number | Size;
15
15
  permissions?: Permissions;
16
16
  environment?: Record<string, string>;
17
- bind?: SSTConstruct[];
17
+ bind?: BindingResource[];
18
18
  nodejs?: NodeJSProps;
19
19
  copyFiles?: FunctionCopyFilesProps[];
20
20
  scopeOverride?: IConstruct;
@@ -13,7 +13,7 @@ import { useProject } from "../project.js";
13
13
  import { useRuntimeHandlers } from "../runtime/handlers.js";
14
14
  import { Stack } from "./Stack.js";
15
15
  import { useFunctions, } from "./Function.js";
16
- import { bindEnvironment, bindPermissions, getReferencedSecrets, } from "./util/functionBinding.js";
16
+ import { getBindingEnvironments, getBindingPermissions, getBindingReferencedSecrets, } from "./util/binding.js";
17
17
  import { toCdkSize } from "./util/size.js";
18
18
  import { toCdkDuration } from "./util/duration.js";
19
19
  import { attachPermissionsToRole } from "./util/permission.js";
@@ -186,20 +186,17 @@ export class EdgeFunction extends Construct {
186
186
  };
187
187
  // Get referenced secrets
188
188
  const referencedSecrets = [];
189
- constructs.forEach((c) => referencedSecrets.push(...getReferencedSecrets(c)));
190
- [...constructs, ...referencedSecrets].forEach((c) => {
189
+ constructs.forEach((r) => referencedSecrets.push(...getBindingReferencedSecrets(r)));
190
+ [...constructs, ...referencedSecrets].forEach((r) => {
191
191
  // Bind environment
192
192
  this.bindingEnvs = {
193
193
  ...this.bindingEnvs,
194
- ...bindEnvironment(c),
194
+ ...getBindingEnvironments(r),
195
195
  };
196
196
  // Bind permissions
197
197
  if (this.props.permissions !== "*") {
198
- this.props.permissions.push(...Object.entries(bindPermissions(c)).map(([action, resources]) => new PolicyStatement({
199
- actions: [action],
200
- effect: Effect.ALLOW,
201
- resources,
202
- })));
198
+ const policyStatements = getBindingPermissions(r);
199
+ this.props.permissions.push(...policyStatements);
203
200
  }
204
201
  });
205
202
  }
@@ -6,7 +6,7 @@ import { ILogGroup } from "aws-cdk-lib/aws-logs";
6
6
  import { Queue } from "./Queue.js";
7
7
  import { SSTConstruct } from "./Construct.js";
8
8
  import { FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
9
- import { FunctionBindingProps } from "./util/functionBinding.js";
9
+ import { BindingResource, BindingProps } from "./util/binding.js";
10
10
  import { Permissions } from "./util/permission.js";
11
11
  /**
12
12
  * Used to configure an EventBus function target
@@ -356,7 +356,7 @@ export declare class EventBus extends Construct implements SSTConstruct {
356
356
  * bus.bind([STRIPE_KEY, bucket]);
357
357
  * ```
358
358
  */
359
- bind(constructs: SSTConstruct[]): void;
359
+ bind(constructs: BindingResource[]): void;
360
360
  /**
361
361
  * Binds the given list of resources to a specific event bus rule target
362
362
  *
@@ -377,7 +377,7 @@ export declare class EventBus extends Construct implements SSTConstruct {
377
377
  * bus.bindToTarget("myRule", 0, [STRIPE_KEY, bucket]);
378
378
  * ```
379
379
  */
380
- bindToTarget(ruleKey: string, targetName: string, constructs: SSTConstruct[]): void;
380
+ bindToTarget(ruleKey: string, targetName: string, constructs: BindingResource[]): void;
381
381
  /**
382
382
  * Add permissions to all event targets in this EventBus.
383
383
  *
@@ -423,7 +423,7 @@ export declare class EventBus extends Construct implements SSTConstruct {
423
423
  };
424
424
  };
425
425
  /** @internal */
426
- getFunctionBinding(): FunctionBindingProps;
426
+ getBindings(): BindingProps;
427
427
  private retrierQueue;
428
428
  private retrierFn;
429
429
  private getRetrier;
@@ -222,7 +222,7 @@ export class EventBus extends Construct {
222
222
  };
223
223
  }
224
224
  /** @internal */
225
- getFunctionBinding() {
225
+ getBindings() {
226
226
  return {
227
227
  clientPackage: "event-bus",
228
228
  variables: {
@@ -4,7 +4,7 @@ import { Stack } from "./Stack.js";
4
4
  import { SSTConstruct } from "./Construct.js";
5
5
  import { Size } from "./util/size.js";
6
6
  import { Duration } from "./util/duration.js";
7
- import { FunctionBindingProps } from "./util/functionBinding.js";
7
+ import { BindingResource, BindingProps } from "./util/binding.js";
8
8
  import { Permissions } from "./util/permission.js";
9
9
  import * as functionUrlCors from "./util/functionUrlCors.js";
10
10
  import { Architecture, Function as CDKFunction, FunctionOptions, ILayerVersion, Runtime as CDKRuntime, Tracing } from "aws-cdk-lib/aws-lambda";
@@ -42,7 +42,7 @@ export interface FunctionDockerBuildCacheProps extends DockerCacheOption {
42
42
  export interface FunctionDockerBuildProps {
43
43
  /**
44
44
  * Cache from options to pass to the `docker build` command.
45
- * @default - no cache from args are passed
45
+ * @default No cache from args are passed
46
46
  * @example
47
47
  * ```js
48
48
  * cacheFrom: [{type: "gha"}],
@@ -51,7 +51,7 @@ export interface FunctionDockerBuildProps {
51
51
  cacheFrom?: FunctionDockerBuildCacheProps[];
52
52
  /**
53
53
  * Cache to options to pass to the `docker build` command.
54
- * @default - no cache to args are passed
54
+ * @default No cache to args are passed
55
55
  * @example
56
56
  * ```js
57
57
  * cacheTo: {type: "gha"},
@@ -251,7 +251,7 @@ export interface FunctionProps extends Omit<FunctionOptions, "functionName" | "m
251
251
  * })
252
252
  * ```
253
253
  */
254
- bind?: SSTConstruct[];
254
+ bind?: BindingResource[];
255
255
  /**
256
256
  * Attaches the given list of permissions to the function. Configuring this property is equivalent to calling `attachPermissions()` after the function is created.
257
257
  *
@@ -686,6 +686,42 @@ export interface ContainerProps {
686
686
  * ```
687
687
  */
688
688
  buildArgs?: Record<string, string>;
689
+ /**
690
+ * SSH agent socket or keys to pass to the docker build command.
691
+ * Docker BuildKit must be enabled to use the ssh flag
692
+ * @default No --ssh flag is passed to the build command
693
+ * @example
694
+ * ```js
695
+ * container: {
696
+ * buildSsh: "default"
697
+ * }
698
+ * ```
699
+ */
700
+ buildSsh?: string;
701
+ /**
702
+ * Cache from options to pass to the docker build command.
703
+ * [DockerCacheOption](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerCacheOption.html)[].
704
+ * @default No cache from options are passed to the build command
705
+ * @example
706
+ * ```js
707
+ * container: {
708
+ * cacheFrom: [{ type: 'registry', params: { ref: 'ghcr.io/myorg/myimage:cache' }}],
709
+ * }
710
+ * ```
711
+ */
712
+ cacheFrom?: FunctionDockerBuildCacheProps[];
713
+ /**
714
+ * Cache to options to pass to the docker build command.
715
+ * [DockerCacheOption](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerCacheOption.html)[].
716
+ * @default No cache to options are passed to the build command
717
+ * @example
718
+ * ```js
719
+ * container: {
720
+ * cacheTo: { type: 'registry', params: { ref: 'ghcr.io/myorg/myimage:cache', mode: 'max', compression: 'zstd' }},
721
+ * }
722
+ * ```
723
+ */
724
+ cacheTo?: FunctionDockerBuildCacheProps;
689
725
  }
690
726
  /**
691
727
  * Used to configure additional files to copy into the function bundle
@@ -744,7 +780,7 @@ export declare class Function extends CDKFunction implements SSTConstruct {
744
780
  * fn.bind([STRIPE_KEY, bucket]);
745
781
  * ```
746
782
  */
747
- bind(constructs: SSTConstruct[]): void;
783
+ bind(constructs: BindingResource[]): void;
748
784
  /**
749
785
  * Attaches additional permissions to function.
750
786
  *
@@ -768,7 +804,7 @@ export declare class Function extends CDKFunction implements SSTConstruct {
768
804
  };
769
805
  };
770
806
  /** @internal */
771
- getFunctionBinding(): FunctionBindingProps;
807
+ getBindings(): BindingProps;
772
808
  private createUrl;
773
809
  private createSecretPrefetcher;
774
810
  private disableCloudWatchLogs;