sst 2.40.3 → 2.40.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/commands/bind.js +1 -1
- package/cli/commands/secrets/list.js +1 -1
- package/constructs/Api.d.ts +4 -4
- package/constructs/Api.js +1 -1
- package/constructs/ApiGatewayV1Api.d.ts +4 -4
- package/constructs/ApiGatewayV1Api.js +1 -1
- package/constructs/App.d.ts +2 -1
- package/constructs/App.js +7 -11
- package/constructs/AppSyncApi.d.ts +4 -4
- package/constructs/AppSyncApi.js +1 -1
- package/constructs/Auth.d.ts +2 -2
- package/constructs/Auth.js +3 -3
- package/constructs/Bucket.d.ts +5 -5
- package/constructs/Bucket.js +1 -1
- package/constructs/Cognito.d.ts +4 -3
- package/constructs/Cognito.js +1 -1
- package/constructs/Construct.d.ts +2 -2
- package/constructs/Cron.d.ts +3 -2
- package/constructs/Cron.js +1 -1
- package/constructs/EdgeFunction.d.ts +2 -2
- package/constructs/EdgeFunction.js +6 -9
- package/constructs/EventBus.d.ts +4 -4
- package/constructs/EventBus.js +1 -1
- package/constructs/Function.d.ts +42 -6
- package/constructs/Function.js +19 -14
- package/constructs/Job.d.ts +43 -4
- package/constructs/Job.js +11 -14
- package/constructs/KinesisStream.d.ts +4 -4
- package/constructs/KinesisStream.js +1 -1
- package/constructs/Parameter.d.ts +2 -2
- package/constructs/Parameter.js +1 -1
- package/constructs/Queue.d.ts +3 -3
- package/constructs/Queue.js +1 -1
- package/constructs/RDS.d.ts +2 -2
- package/constructs/RDS.js +1 -1
- package/constructs/Script.d.ts +3 -2
- package/constructs/Script.js +2 -2
- package/constructs/Secret.d.ts +2 -2
- package/constructs/Secret.js +2 -2
- package/constructs/Service.d.ts +43 -4
- package/constructs/Service.js +31 -15
- package/constructs/SsrFunction.d.ts +3 -2
- package/constructs/SsrFunction.js +7 -13
- package/constructs/SsrSite.d.ts +3 -3
- package/constructs/SsrSite.js +2 -2
- package/constructs/Stack.d.ts +2 -2
- package/constructs/StaticSite.d.ts +2 -2
- package/constructs/StaticSite.js +2 -2
- package/constructs/Table.d.ts +4 -4
- package/constructs/Table.js +1 -1
- package/constructs/Topic.d.ts +4 -4
- package/constructs/Topic.js +1 -1
- package/constructs/WebSocketApi.d.ts +4 -4
- package/constructs/WebSocketApi.js +1 -1
- package/constructs/deprecated/NextjsSite.d.ts +2 -2
- package/constructs/deprecated/NextjsSite.js +2 -2
- package/constructs/future/Auth.d.ts +2 -2
- package/constructs/future/Auth.js +2 -2
- package/constructs/util/{functionBinding.d.ts → binding.d.ts} +14 -6
- package/constructs/util/{functionBinding.js → binding.js} +28 -14
- package/package.json +2 -2
- package/runtime/handlers/container.js +42 -0
- package/runtime/handlers/rust.js +3 -2
package/cli/commands/bind.js
CHANGED
|
@@ -30,7 +30,7 @@ export const bind = (program) => program
|
|
|
30
30
|
import("../../constructs/StaticSite.js"),
|
|
31
31
|
import("../../constructs/deprecated/NextjsSite.js"),
|
|
32
32
|
import("../../constructs/Config.js"),
|
|
33
|
-
import("../../constructs/util/
|
|
33
|
+
import("../../constructs/util/binding.js"),
|
|
34
34
|
]);
|
|
35
35
|
try {
|
|
36
36
|
// Handle deprecated "env" command
|
package/constructs/Api.d.ts
CHANGED
|
@@ -5,7 +5,7 @@ import { HttpJwtAuthorizer, HttpLambdaAuthorizer, HttpLambdaResponseType, HttpUs
|
|
|
5
5
|
import { HttpAwsIntegrationProps } from "./cdk/HttpAwsIntegration.js";
|
|
6
6
|
import { SSTConstruct } from "./Construct.js";
|
|
7
7
|
import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
|
|
8
|
-
import {
|
|
8
|
+
import { BindingResource, BindingProps } from "./util/binding.js";
|
|
9
9
|
import { Duration } from "./util/duration.js";
|
|
10
10
|
import { Permissions } from "./util/permission.js";
|
|
11
11
|
import * as apigV2Cors from "./util/apiGatewayV2Cors.js";
|
|
@@ -699,7 +699,7 @@ export declare class Api<Authorizers extends Record<string, ApiAuthorizer> = Rec
|
|
|
699
699
|
* api.bind([STRIPE_KEY, bucket]);
|
|
700
700
|
* ```
|
|
701
701
|
*/
|
|
702
|
-
bind(constructs:
|
|
702
|
+
bind(constructs: BindingResource[]): void;
|
|
703
703
|
/**
|
|
704
704
|
* Binds the given list of resources to a specific route.
|
|
705
705
|
*
|
|
@@ -715,7 +715,7 @@ export declare class Api<Authorizers extends Record<string, ApiAuthorizer> = Rec
|
|
|
715
715
|
* ```
|
|
716
716
|
*
|
|
717
717
|
*/
|
|
718
|
-
bindToRoute(routeKey: string, constructs:
|
|
718
|
+
bindToRoute(routeKey: string, constructs: BindingResource[]): void;
|
|
719
719
|
/**
|
|
720
720
|
* Attaches the given list of permissions to all the routes. This allows the functions to access other AWS resources.
|
|
721
721
|
*
|
|
@@ -783,7 +783,7 @@ export declare class Api<Authorizers extends Record<string, ApiAuthorizer> = Rec
|
|
|
783
783
|
};
|
|
784
784
|
};
|
|
785
785
|
/** @internal */
|
|
786
|
-
|
|
786
|
+
getBindings(): BindingProps;
|
|
787
787
|
private createHttpApi;
|
|
788
788
|
private addAuthorizers;
|
|
789
789
|
private addRoute;
|
package/constructs/Api.js
CHANGED
|
@@ -7,7 +7,7 @@ import * as lambda from "aws-cdk-lib/aws-lambda";
|
|
|
7
7
|
import * as apig from "aws-cdk-lib/aws-apigateway";
|
|
8
8
|
import * as apigV1AccessLog from "./util/apiGatewayV1AccessLog.js";
|
|
9
9
|
import { Bucket } from "./Bucket.js";
|
|
10
|
-
import {
|
|
10
|
+
import { BindingResource, BindingProps } from "./util/binding.js";
|
|
11
11
|
import { Duration } from "./util/duration.js";
|
|
12
12
|
import { SSTConstruct } from "./Construct.js";
|
|
13
13
|
import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
|
|
@@ -567,7 +567,7 @@ export declare class ApiGatewayV1Api<Authorizers extends Record<string, ApiGatew
|
|
|
567
567
|
* api.bind([STRIPE_KEY, bucket]);
|
|
568
568
|
* ```
|
|
569
569
|
*/
|
|
570
|
-
bind(constructs:
|
|
570
|
+
bind(constructs: BindingResource[]): void;
|
|
571
571
|
/**
|
|
572
572
|
* Binds the given list of resources to a specific route.
|
|
573
573
|
*
|
|
@@ -583,7 +583,7 @@ export declare class ApiGatewayV1Api<Authorizers extends Record<string, ApiGatew
|
|
|
583
583
|
* ```
|
|
584
584
|
*
|
|
585
585
|
*/
|
|
586
|
-
bindToRoute(routeKey: string, constructs:
|
|
586
|
+
bindToRoute(routeKey: string, constructs: BindingResource[]): void;
|
|
587
587
|
/**
|
|
588
588
|
* Attaches the given list of permissions to all the routes. This allows the functions to access other AWS resources.
|
|
589
589
|
*
|
|
@@ -626,7 +626,7 @@ export declare class ApiGatewayV1Api<Authorizers extends Record<string, ApiGatew
|
|
|
626
626
|
};
|
|
627
627
|
};
|
|
628
628
|
/** @internal */
|
|
629
|
-
|
|
629
|
+
getBindings(): BindingProps;
|
|
630
630
|
private createRestApi;
|
|
631
631
|
private buildCorsConfig;
|
|
632
632
|
private createGatewayResponseForCors;
|
package/constructs/App.d.ts
CHANGED
|
@@ -2,6 +2,7 @@ import { Stack } from "./Stack.js";
|
|
|
2
2
|
import { SSTConstruct } from "./Construct.js";
|
|
3
3
|
import { FunctionProps } from "./Function.js";
|
|
4
4
|
import { Permissions } from "./util/permission.js";
|
|
5
|
+
import { BindingResource } from "./util/binding.js";
|
|
5
6
|
import { StackProps } from "./Stack.js";
|
|
6
7
|
import { FunctionalStack } from "./FunctionalStack.js";
|
|
7
8
|
import { AppProps as CDKAppProps, App as CDKApp, Stack as CDKStack, RemovalPolicy } from "aws-cdk-lib/core";
|
|
@@ -144,7 +145,7 @@ export declare class App extends CDKApp {
|
|
|
144
145
|
* app.addDefaultFunctionBinding([STRIPE_KEY, bucket]);
|
|
145
146
|
* ```
|
|
146
147
|
*/
|
|
147
|
-
addDefaultFunctionBinding(bind:
|
|
148
|
+
addDefaultFunctionBinding(bind: BindingResource[]): void;
|
|
148
149
|
/**
|
|
149
150
|
* Adds additional default layers to be applied to all Lambda functions in the stack.
|
|
150
151
|
*/
|
package/constructs/App.js
CHANGED
|
@@ -3,7 +3,7 @@ import fs from "fs";
|
|
|
3
3
|
import { Stack } from "./Stack.js";
|
|
4
4
|
import { isSSTConstruct, isStackConstruct, } from "./Construct.js";
|
|
5
5
|
import { useFunctions } from "./Function.js";
|
|
6
|
-
import {
|
|
6
|
+
import { getBindingParameters, getBindingType, } from "./util/binding.js";
|
|
7
7
|
import { stack } from "./FunctionalStack.js";
|
|
8
8
|
import { Auth } from "./Auth.js";
|
|
9
9
|
import { useDeferredTasks } from "./deferred_task.js";
|
|
@@ -203,7 +203,7 @@ export class App extends CDKApp {
|
|
|
203
203
|
if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind) {
|
|
204
204
|
return;
|
|
205
205
|
}
|
|
206
|
-
const binding =
|
|
206
|
+
const binding = getBindingType(c);
|
|
207
207
|
if (!binding) {
|
|
208
208
|
return;
|
|
209
209
|
}
|
|
@@ -325,13 +325,11 @@ export class App extends CDKApp {
|
|
|
325
325
|
createBindingSsmParameters() {
|
|
326
326
|
class CreateSsmParameters {
|
|
327
327
|
visit(c) {
|
|
328
|
-
if (!isSSTConstruct(c))
|
|
328
|
+
if (!isSSTConstruct(c))
|
|
329
329
|
return;
|
|
330
|
-
|
|
331
|
-
if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind) {
|
|
330
|
+
if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind)
|
|
332
331
|
return;
|
|
333
|
-
|
|
334
|
-
bindParameters(c);
|
|
332
|
+
getBindingParameters(c);
|
|
335
333
|
}
|
|
336
334
|
}
|
|
337
335
|
Aspects.of(this).add(new CreateSsmParameters());
|
|
@@ -423,12 +421,10 @@ export class App extends CDKApp {
|
|
|
423
421
|
const ids = {};
|
|
424
422
|
class EnsureUniqueConstructIds {
|
|
425
423
|
visit(c) {
|
|
426
|
-
if (!isSSTConstruct(c))
|
|
424
|
+
if (!isSSTConstruct(c))
|
|
427
425
|
return;
|
|
428
|
-
|
|
429
|
-
if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind) {
|
|
426
|
+
if ("_doNotAllowOthersToBind" in c && c._doNotAllowOthersToBind)
|
|
430
427
|
return;
|
|
431
|
-
}
|
|
432
428
|
const className = c.constructor.name;
|
|
433
429
|
const id = c.id;
|
|
434
430
|
const normId = id.replace(/-/g, "_");
|
|
@@ -5,7 +5,7 @@ import { RDS } from "./RDS.js";
|
|
|
5
5
|
import * as appSyncApiDomain from "./util/appSyncApiDomain.js";
|
|
6
6
|
import { SSTConstruct } from "./Construct.js";
|
|
7
7
|
import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
|
|
8
|
-
import {
|
|
8
|
+
import { BindingResource, BindingProps } from "./util/binding.js";
|
|
9
9
|
import { Permissions } from "./util/permission.js";
|
|
10
10
|
import { Table as CDKTable } from "aws-cdk-lib/aws-dynamodb";
|
|
11
11
|
import { IServerlessCluster } from "aws-cdk-lib/aws-rds";
|
|
@@ -491,7 +491,7 @@ export declare class AppSyncApi extends Construct implements SSTConstruct {
|
|
|
491
491
|
* api.bind([STRIPE_KEY, bucket]);
|
|
492
492
|
* ```
|
|
493
493
|
*/
|
|
494
|
-
bind(constructs:
|
|
494
|
+
bind(constructs: BindingResource[]): void;
|
|
495
495
|
/**
|
|
496
496
|
* Binds the given list of resources to a specific function data source.
|
|
497
497
|
*
|
|
@@ -501,7 +501,7 @@ export declare class AppSyncApi extends Construct implements SSTConstruct {
|
|
|
501
501
|
* ```
|
|
502
502
|
*
|
|
503
503
|
*/
|
|
504
|
-
bindToDataSource(key: string, constructs:
|
|
504
|
+
bindToDataSource(key: string, constructs: BindingResource[]): void;
|
|
505
505
|
/**
|
|
506
506
|
* Attaches the given list of permissions to all function data sources
|
|
507
507
|
*
|
|
@@ -537,7 +537,7 @@ export declare class AppSyncApi extends Construct implements SSTConstruct {
|
|
|
537
537
|
};
|
|
538
538
|
};
|
|
539
539
|
/** @internal */
|
|
540
|
-
|
|
540
|
+
getBindings(): BindingProps | undefined;
|
|
541
541
|
private createGraphApi;
|
|
542
542
|
private addDataSource;
|
|
543
543
|
private addResolver;
|
package/constructs/AppSyncApi.js
CHANGED
package/constructs/Auth.d.ts
CHANGED
|
@@ -2,7 +2,7 @@ import { Construct } from "constructs";
|
|
|
2
2
|
import { Api } from "./Api.js";
|
|
3
3
|
import { FunctionDefinition } from "./Function.js";
|
|
4
4
|
import { SSTConstruct } from "./Construct.js";
|
|
5
|
-
import {
|
|
5
|
+
import { BindingProps } from "./util/binding.js";
|
|
6
6
|
export interface AuthProps {
|
|
7
7
|
/**
|
|
8
8
|
* The function that will handle authentication
|
|
@@ -73,7 +73,7 @@ export declare class Auth extends Construct implements SSTConstruct {
|
|
|
73
73
|
data: {};
|
|
74
74
|
};
|
|
75
75
|
/** @internal */
|
|
76
|
-
|
|
76
|
+
getBindings(): BindingProps;
|
|
77
77
|
/**
|
|
78
78
|
* Attaches auth construct to an API
|
|
79
79
|
*
|
package/constructs/Auth.js
CHANGED
|
@@ -2,7 +2,7 @@ import * as ssm from "aws-cdk-lib/aws-ssm";
|
|
|
2
2
|
import { Effect, Policy, PolicyStatement } from "aws-cdk-lib/aws-iam";
|
|
3
3
|
import { Construct } from "constructs";
|
|
4
4
|
import { Stack } from "./Stack.js";
|
|
5
|
-
import { getEnvironmentKey, getParameterPath, placeholderSecretValue, } from "./util/
|
|
5
|
+
import { getEnvironmentKey, getParameterPath, placeholderSecretValue, } from "./util/binding.js";
|
|
6
6
|
import { CustomResource } from "aws-cdk-lib/core";
|
|
7
7
|
const PUBLIC_KEY_PROP = "publicKey";
|
|
8
8
|
const PRIVATE_KEY_PROP = "privateKey";
|
|
@@ -72,7 +72,7 @@ export class Auth extends Construct {
|
|
|
72
72
|
};
|
|
73
73
|
}
|
|
74
74
|
/** @internal */
|
|
75
|
-
|
|
75
|
+
getBindings() {
|
|
76
76
|
const app = this.node.root;
|
|
77
77
|
return {
|
|
78
78
|
clientPackage: "auth",
|
|
@@ -127,7 +127,7 @@ export class Auth extends Construct {
|
|
|
127
127
|
},
|
|
128
128
|
});
|
|
129
129
|
// Auth construct has two types of Function bindinds:
|
|
130
|
-
// - Api routes: bindings defined in `
|
|
130
|
+
// - Api routes: bindings defined in `getBindings()`
|
|
131
131
|
// ie. calling `bind([auth])` will grant functions access to the public key
|
|
132
132
|
// - Auth authenticator: binds manually. Need to grant access to the prefix and private key
|
|
133
133
|
const fn = props.api.getFunction(path);
|
package/constructs/Bucket.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import { Queue } from "./Queue.js";
|
|
|
3
3
|
import { Topic } from "./Topic.js";
|
|
4
4
|
import { SSTConstruct } from "./Construct.js";
|
|
5
5
|
import { Function as Fn, FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
|
|
6
|
-
import {
|
|
6
|
+
import { BindingResource, BindingProps } from "./util/binding.js";
|
|
7
7
|
import { Permissions } from "./util/permission.js";
|
|
8
8
|
import { Duration } from "./util/duration.js";
|
|
9
9
|
import { BucketProps as CDKBucketProps, IBucket, EventType, HttpMethods } from "aws-cdk-lib/aws-s3";
|
|
@@ -253,7 +253,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
|
|
|
253
253
|
bucket: IBucket;
|
|
254
254
|
};
|
|
255
255
|
readonly notifications: Record<string, Fn | Queue | Topic>;
|
|
256
|
-
readonly bindingForAllNotifications:
|
|
256
|
+
readonly bindingForAllNotifications: BindingResource[];
|
|
257
257
|
readonly permissionsAttachedForAllNotifications: Permissions[];
|
|
258
258
|
readonly props: BucketProps;
|
|
259
259
|
constructor(scope: Construct, id: string, props?: BucketProps);
|
|
@@ -294,7 +294,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
|
|
|
294
294
|
* bucket.bind([STRIPE_KEY, bucket]);
|
|
295
295
|
* ```
|
|
296
296
|
*/
|
|
297
|
-
bind(constructs:
|
|
297
|
+
bind(constructs: BindingResource[]): void;
|
|
298
298
|
/**
|
|
299
299
|
* Binds the given list of resources to a specific bucket notification
|
|
300
300
|
*
|
|
@@ -309,7 +309,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
|
|
|
309
309
|
* bucket.bindToNotification("myNotification", ["s3"]);
|
|
310
310
|
* ```
|
|
311
311
|
*/
|
|
312
|
-
bindToNotification(notificationName: string, constructs:
|
|
312
|
+
bindToNotification(notificationName: string, constructs: BindingResource[]): void;
|
|
313
313
|
/**
|
|
314
314
|
* Attaches additional permissions to all bucket notifications
|
|
315
315
|
* @example
|
|
@@ -351,7 +351,7 @@ export declare class Bucket extends Construct implements SSTConstruct {
|
|
|
351
351
|
};
|
|
352
352
|
};
|
|
353
353
|
/** @internal */
|
|
354
|
-
|
|
354
|
+
getBindings(): BindingProps;
|
|
355
355
|
private createBucket;
|
|
356
356
|
private addNotification;
|
|
357
357
|
private addQueueNotification;
|
package/constructs/Bucket.js
CHANGED
package/constructs/Cognito.d.ts
CHANGED
|
@@ -4,6 +4,7 @@ import { Function as Fn, FunctionProps, FunctionDefinition } from "./Function.js
|
|
|
4
4
|
import { Permissions } from "./util/permission.js";
|
|
5
5
|
import { CfnIdentityPool, CfnIdentityPoolProps, CfnIdentityPoolRoleAttachment, IUserPool, IUserPoolClient, UserPoolClientOptions, UserPoolProps } from "aws-cdk-lib/aws-cognito";
|
|
6
6
|
import { Role } from "aws-cdk-lib/aws-iam";
|
|
7
|
+
import { BindingResource } from "./util/binding.js";
|
|
7
8
|
export interface CognitoUserPoolTriggers {
|
|
8
9
|
createAuthChallenge?: FunctionDefinition;
|
|
9
10
|
customEmailSender?: FunctionDefinition;
|
|
@@ -198,8 +199,8 @@ export declare class Cognito extends Construct implements SSTConstruct {
|
|
|
198
199
|
* ```
|
|
199
200
|
*/
|
|
200
201
|
attachPermissionsForUnauthUsers(permissions: Permissions): void;
|
|
201
|
-
bindForTriggers(constructs:
|
|
202
|
-
bindForTrigger(triggerKey: keyof CognitoUserPoolTriggers, constructs:
|
|
202
|
+
bindForTriggers(constructs: BindingResource[]): void;
|
|
203
|
+
bindForTrigger(triggerKey: keyof CognitoUserPoolTriggers, constructs: BindingResource[]): void;
|
|
203
204
|
attachPermissionsForTriggers(permissions: Permissions): void;
|
|
204
205
|
attachPermissionsForTrigger(triggerKey: keyof CognitoUserPoolTriggers, permissions: Permissions): void;
|
|
205
206
|
getFunction(triggerKey: keyof CognitoUserPoolTriggers): Fn | undefined;
|
|
@@ -218,7 +219,7 @@ export declare class Cognito extends Construct implements SSTConstruct {
|
|
|
218
219
|
};
|
|
219
220
|
};
|
|
220
221
|
/** @internal */
|
|
221
|
-
|
|
222
|
+
getBindings(): undefined;
|
|
222
223
|
private attachPermissionsForUsers;
|
|
223
224
|
private createUserPool;
|
|
224
225
|
private createUserPoolClient;
|
package/constructs/Cognito.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { Construct } from "constructs";
|
|
2
2
|
import { Stack as CDKStack } from "aws-cdk-lib/core";
|
|
3
|
-
import {
|
|
3
|
+
import { BindingProps } from "./util/binding.js";
|
|
4
4
|
export interface SSTConstructMetadata<T extends string = string, D extends Record<string, any> = Record<string, any>, L extends Record<string, any> = Record<string, any>> {
|
|
5
5
|
type: T;
|
|
6
6
|
data: D;
|
|
@@ -9,7 +9,7 @@ export interface SSTConstructMetadata<T extends string = string, D extends Recor
|
|
|
9
9
|
export interface SSTConstruct extends Construct {
|
|
10
10
|
id: string;
|
|
11
11
|
getConstructMetadata(): SSTConstructMetadata;
|
|
12
|
-
|
|
12
|
+
getBindings(): BindingProps | undefined;
|
|
13
13
|
}
|
|
14
14
|
export declare function getFunctionRef(fn?: any): {
|
|
15
15
|
node: string;
|
package/constructs/Cron.d.ts
CHANGED
|
@@ -3,6 +3,7 @@ import * as events from "aws-cdk-lib/aws-events";
|
|
|
3
3
|
import * as eventsTargets from "aws-cdk-lib/aws-events-targets";
|
|
4
4
|
import { SSTConstruct } from "./Construct.js";
|
|
5
5
|
import { Function as Func, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
|
|
6
|
+
import { BindingResource } from "./util/binding.js";
|
|
6
7
|
import { Permissions } from "./util/permission.js";
|
|
7
8
|
export interface CronJobProps {
|
|
8
9
|
/**
|
|
@@ -134,7 +135,7 @@ export declare class Cron extends Construct implements SSTConstruct {
|
|
|
134
135
|
* ```
|
|
135
136
|
*
|
|
136
137
|
*/
|
|
137
|
-
bind(constructs:
|
|
138
|
+
bind(constructs: BindingResource[]): void;
|
|
138
139
|
/**
|
|
139
140
|
* Attaches the given list of permissions to the cron job. This allows the function to access other AWS resources.
|
|
140
141
|
*
|
|
@@ -158,7 +159,7 @@ export declare class Cron extends Construct implements SSTConstruct {
|
|
|
158
159
|
};
|
|
159
160
|
};
|
|
160
161
|
/** @internal */
|
|
161
|
-
|
|
162
|
+
getBindings(): undefined;
|
|
162
163
|
private createEventsRule;
|
|
163
164
|
private createRuleTarget;
|
|
164
165
|
}
|
package/constructs/Cron.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import { Construct, IConstruct } from "constructs";
|
|
2
2
|
import { Role } from "aws-cdk-lib/aws-iam";
|
|
3
3
|
import { IVersion, IFunction as CdkIFunction } from "aws-cdk-lib/aws-lambda";
|
|
4
|
-
import { SSTConstruct } from "./Construct.js";
|
|
5
4
|
import { NodeJSProps, FunctionCopyFilesProps } from "./Function.js";
|
|
5
|
+
import { BindingResource } from "./util/binding.js";
|
|
6
6
|
import { Size } from "./util/size.js";
|
|
7
7
|
import { Duration } from "./util/duration.js";
|
|
8
8
|
import { Permissions } from "./util/permission.js";
|
|
@@ -14,7 +14,7 @@ export interface EdgeFunctionProps {
|
|
|
14
14
|
memorySize?: number | Size;
|
|
15
15
|
permissions?: Permissions;
|
|
16
16
|
environment?: Record<string, string>;
|
|
17
|
-
bind?:
|
|
17
|
+
bind?: BindingResource[];
|
|
18
18
|
nodejs?: NodeJSProps;
|
|
19
19
|
copyFiles?: FunctionCopyFilesProps[];
|
|
20
20
|
scopeOverride?: IConstruct;
|
|
@@ -13,7 +13,7 @@ import { useProject } from "../project.js";
|
|
|
13
13
|
import { useRuntimeHandlers } from "../runtime/handlers.js";
|
|
14
14
|
import { Stack } from "./Stack.js";
|
|
15
15
|
import { useFunctions, } from "./Function.js";
|
|
16
|
-
import {
|
|
16
|
+
import { getBindingEnvironments, getBindingPermissions, getBindingReferencedSecrets, } from "./util/binding.js";
|
|
17
17
|
import { toCdkSize } from "./util/size.js";
|
|
18
18
|
import { toCdkDuration } from "./util/duration.js";
|
|
19
19
|
import { attachPermissionsToRole } from "./util/permission.js";
|
|
@@ -186,20 +186,17 @@ export class EdgeFunction extends Construct {
|
|
|
186
186
|
};
|
|
187
187
|
// Get referenced secrets
|
|
188
188
|
const referencedSecrets = [];
|
|
189
|
-
constructs.forEach((
|
|
190
|
-
[...constructs, ...referencedSecrets].forEach((
|
|
189
|
+
constructs.forEach((r) => referencedSecrets.push(...getBindingReferencedSecrets(r)));
|
|
190
|
+
[...constructs, ...referencedSecrets].forEach((r) => {
|
|
191
191
|
// Bind environment
|
|
192
192
|
this.bindingEnvs = {
|
|
193
193
|
...this.bindingEnvs,
|
|
194
|
-
...
|
|
194
|
+
...getBindingEnvironments(r),
|
|
195
195
|
};
|
|
196
196
|
// Bind permissions
|
|
197
197
|
if (this.props.permissions !== "*") {
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
effect: Effect.ALLOW,
|
|
201
|
-
resources,
|
|
202
|
-
})));
|
|
198
|
+
const policyStatements = getBindingPermissions(r);
|
|
199
|
+
this.props.permissions.push(...policyStatements);
|
|
203
200
|
}
|
|
204
201
|
});
|
|
205
202
|
}
|
package/constructs/EventBus.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ import { ILogGroup } from "aws-cdk-lib/aws-logs";
|
|
|
6
6
|
import { Queue } from "./Queue.js";
|
|
7
7
|
import { SSTConstruct } from "./Construct.js";
|
|
8
8
|
import { FunctionProps, FunctionInlineDefinition, FunctionDefinition } from "./Function.js";
|
|
9
|
-
import {
|
|
9
|
+
import { BindingResource, BindingProps } from "./util/binding.js";
|
|
10
10
|
import { Permissions } from "./util/permission.js";
|
|
11
11
|
/**
|
|
12
12
|
* Used to configure an EventBus function target
|
|
@@ -356,7 +356,7 @@ export declare class EventBus extends Construct implements SSTConstruct {
|
|
|
356
356
|
* bus.bind([STRIPE_KEY, bucket]);
|
|
357
357
|
* ```
|
|
358
358
|
*/
|
|
359
|
-
bind(constructs:
|
|
359
|
+
bind(constructs: BindingResource[]): void;
|
|
360
360
|
/**
|
|
361
361
|
* Binds the given list of resources to a specific event bus rule target
|
|
362
362
|
*
|
|
@@ -377,7 +377,7 @@ export declare class EventBus extends Construct implements SSTConstruct {
|
|
|
377
377
|
* bus.bindToTarget("myRule", 0, [STRIPE_KEY, bucket]);
|
|
378
378
|
* ```
|
|
379
379
|
*/
|
|
380
|
-
bindToTarget(ruleKey: string, targetName: string, constructs:
|
|
380
|
+
bindToTarget(ruleKey: string, targetName: string, constructs: BindingResource[]): void;
|
|
381
381
|
/**
|
|
382
382
|
* Add permissions to all event targets in this EventBus.
|
|
383
383
|
*
|
|
@@ -423,7 +423,7 @@ export declare class EventBus extends Construct implements SSTConstruct {
|
|
|
423
423
|
};
|
|
424
424
|
};
|
|
425
425
|
/** @internal */
|
|
426
|
-
|
|
426
|
+
getBindings(): BindingProps;
|
|
427
427
|
private retrierQueue;
|
|
428
428
|
private retrierFn;
|
|
429
429
|
private getRetrier;
|
package/constructs/EventBus.js
CHANGED
package/constructs/Function.d.ts
CHANGED
|
@@ -4,7 +4,7 @@ import { Stack } from "./Stack.js";
|
|
|
4
4
|
import { SSTConstruct } from "./Construct.js";
|
|
5
5
|
import { Size } from "./util/size.js";
|
|
6
6
|
import { Duration } from "./util/duration.js";
|
|
7
|
-
import {
|
|
7
|
+
import { BindingResource, BindingProps } from "./util/binding.js";
|
|
8
8
|
import { Permissions } from "./util/permission.js";
|
|
9
9
|
import * as functionUrlCors from "./util/functionUrlCors.js";
|
|
10
10
|
import { Architecture, Function as CDKFunction, FunctionOptions, ILayerVersion, Runtime as CDKRuntime, Tracing } from "aws-cdk-lib/aws-lambda";
|
|
@@ -42,7 +42,7 @@ export interface FunctionDockerBuildCacheProps extends DockerCacheOption {
|
|
|
42
42
|
export interface FunctionDockerBuildProps {
|
|
43
43
|
/**
|
|
44
44
|
* Cache from options to pass to the `docker build` command.
|
|
45
|
-
* @default
|
|
45
|
+
* @default No cache from args are passed
|
|
46
46
|
* @example
|
|
47
47
|
* ```js
|
|
48
48
|
* cacheFrom: [{type: "gha"}],
|
|
@@ -51,7 +51,7 @@ export interface FunctionDockerBuildProps {
|
|
|
51
51
|
cacheFrom?: FunctionDockerBuildCacheProps[];
|
|
52
52
|
/**
|
|
53
53
|
* Cache to options to pass to the `docker build` command.
|
|
54
|
-
* @default
|
|
54
|
+
* @default No cache to args are passed
|
|
55
55
|
* @example
|
|
56
56
|
* ```js
|
|
57
57
|
* cacheTo: {type: "gha"},
|
|
@@ -251,7 +251,7 @@ export interface FunctionProps extends Omit<FunctionOptions, "functionName" | "m
|
|
|
251
251
|
* })
|
|
252
252
|
* ```
|
|
253
253
|
*/
|
|
254
|
-
bind?:
|
|
254
|
+
bind?: BindingResource[];
|
|
255
255
|
/**
|
|
256
256
|
* Attaches the given list of permissions to the function. Configuring this property is equivalent to calling `attachPermissions()` after the function is created.
|
|
257
257
|
*
|
|
@@ -686,6 +686,42 @@ export interface ContainerProps {
|
|
|
686
686
|
* ```
|
|
687
687
|
*/
|
|
688
688
|
buildArgs?: Record<string, string>;
|
|
689
|
+
/**
|
|
690
|
+
* SSH agent socket or keys to pass to the docker build command.
|
|
691
|
+
* Docker BuildKit must be enabled to use the ssh flag
|
|
692
|
+
* @default No --ssh flag is passed to the build command
|
|
693
|
+
* @example
|
|
694
|
+
* ```js
|
|
695
|
+
* container: {
|
|
696
|
+
* buildSsh: "default"
|
|
697
|
+
* }
|
|
698
|
+
* ```
|
|
699
|
+
*/
|
|
700
|
+
buildSsh?: string;
|
|
701
|
+
/**
|
|
702
|
+
* Cache from options to pass to the docker build command.
|
|
703
|
+
* [DockerCacheOption](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerCacheOption.html)[].
|
|
704
|
+
* @default No cache from options are passed to the build command
|
|
705
|
+
* @example
|
|
706
|
+
* ```js
|
|
707
|
+
* container: {
|
|
708
|
+
* cacheFrom: [{ type: 'registry', params: { ref: 'ghcr.io/myorg/myimage:cache' }}],
|
|
709
|
+
* }
|
|
710
|
+
* ```
|
|
711
|
+
*/
|
|
712
|
+
cacheFrom?: FunctionDockerBuildCacheProps[];
|
|
713
|
+
/**
|
|
714
|
+
* Cache to options to pass to the docker build command.
|
|
715
|
+
* [DockerCacheOption](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets.DockerCacheOption.html)[].
|
|
716
|
+
* @default No cache to options are passed to the build command
|
|
717
|
+
* @example
|
|
718
|
+
* ```js
|
|
719
|
+
* container: {
|
|
720
|
+
* cacheTo: { type: 'registry', params: { ref: 'ghcr.io/myorg/myimage:cache', mode: 'max', compression: 'zstd' }},
|
|
721
|
+
* }
|
|
722
|
+
* ```
|
|
723
|
+
*/
|
|
724
|
+
cacheTo?: FunctionDockerBuildCacheProps;
|
|
689
725
|
}
|
|
690
726
|
/**
|
|
691
727
|
* Used to configure additional files to copy into the function bundle
|
|
@@ -744,7 +780,7 @@ export declare class Function extends CDKFunction implements SSTConstruct {
|
|
|
744
780
|
* fn.bind([STRIPE_KEY, bucket]);
|
|
745
781
|
* ```
|
|
746
782
|
*/
|
|
747
|
-
bind(constructs:
|
|
783
|
+
bind(constructs: BindingResource[]): void;
|
|
748
784
|
/**
|
|
749
785
|
* Attaches additional permissions to function.
|
|
750
786
|
*
|
|
@@ -768,7 +804,7 @@ export declare class Function extends CDKFunction implements SSTConstruct {
|
|
|
768
804
|
};
|
|
769
805
|
};
|
|
770
806
|
/** @internal */
|
|
771
|
-
|
|
807
|
+
getBindings(): BindingProps;
|
|
772
808
|
private createUrl;
|
|
773
809
|
private createSecretPrefetcher;
|
|
774
810
|
private disableCloudWatchLogs;
|