npm - terraconstructs - Versions diffs - 0.1.4 → 0.1.5 - Mend

terraconstructs 0.1.4 → 0.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (269) hide show

package/.jsii +459 -268
package/lib/asset-staging.js +1 -1
package/lib/aws/arn.js +1 -1
package/lib/aws/aws-asset-manager.js +1 -1
package/lib/aws/aws-construct.js +1 -1
package/lib/aws/aws-stack.js +1 -1
package/lib/aws/aws-tags.js +2 -2
package/lib/aws/cloudwatch/actions/appscaling.js +1 -1
package/lib/aws/cloudwatch/actions/ec2.js +1 -1
package/lib/aws/cloudwatch/actions/lambda.js +1 -1
package/lib/aws/cloudwatch/actions/sns.js +1 -1
package/lib/aws/cloudwatch/actions/ssm.js +2 -2
package/lib/aws/cloudwatch/alarm-base.js +1 -1
package/lib/aws/cloudwatch/alarm-rule.js +1 -1
package/lib/aws/cloudwatch/alarm-status-widget.js +1 -1
package/lib/aws/cloudwatch/alarm.js +1 -1
package/lib/aws/cloudwatch/composite-alarm.js +1 -1
package/lib/aws/cloudwatch/dashboard.js +1 -1
package/lib/aws/cloudwatch/data-protection-policy.js +3 -3
package/lib/aws/cloudwatch/graph.js +8 -8
package/lib/aws/cloudwatch/layout.js +3 -3
package/lib/aws/cloudwatch/log-destinations/kinesis.js +1 -1
package/lib/aws/cloudwatch/log-destinations/lambda.js +1 -1
package/lib/aws/cloudwatch/log-group.js +1 -1
package/lib/aws/cloudwatch/log-query.js +1 -1
package/lib/aws/cloudwatch/log-stream.js +1 -1
package/lib/aws/cloudwatch/metric-filter.js +1 -1
package/lib/aws/cloudwatch/metric.js +2 -2
package/lib/aws/cloudwatch/pattern.js +3 -3
package/lib/aws/cloudwatch/policy.js +1 -1
package/lib/aws/cloudwatch/query-definition.js +2 -2
package/lib/aws/cloudwatch/stats.js +1 -1
package/lib/aws/cloudwatch/subscription-filter.js +1 -1
package/lib/aws/cloudwatch/text.js +1 -1
package/lib/aws/cloudwatch/variable.js +3 -3
package/lib/aws/cloudwatch/widget.js +1 -1
package/lib/aws/compute/access-log.js +4 -4
package/lib/aws/compute/activity.js +1 -1
package/lib/aws/compute/alb/application-listener-action.js +1 -1
package/lib/aws/compute/alb/application-listener-certificate.js +1 -1
package/lib/aws/compute/alb/application-listener-rule.js +1 -1
package/lib/aws/compute/alb/application-listener.js +1 -1
package/lib/aws/compute/alb/application-load-balancer.js +1 -1
package/lib/aws/compute/alb/application-target-group.js +1 -1
package/lib/aws/compute/alb/conditions.js +1 -1
package/lib/aws/compute/alb/trust-store-revocation.js +1 -1
package/lib/aws/compute/alb/trust-store.js +1 -1
package/lib/aws/compute/api-definition.js +3 -3
package/lib/aws/compute/api-key.js +2 -2
package/lib/aws/compute/architecture.js +1 -1
package/lib/aws/compute/aspects/require-imdsv2-aspect.js +2 -2
package/lib/aws/compute/authorizer.js +1 -1
package/lib/aws/compute/authorizers/identity-source.js +1 -1
package/lib/aws/compute/authorizers/lambda.js +2 -2
package/lib/aws/compute/base-path-mapping.js +1 -1
package/lib/aws/compute/base-scalable-attribute.js +1 -1
package/lib/aws/compute/bastion-host.js +1 -1
package/lib/aws/compute/chain.js +1 -1
package/lib/aws/compute/client-vpn-authorization-rule.js +1 -1
package/lib/aws/compute/client-vpn-endpoint.js +2 -2
package/lib/aws/compute/client-vpn-route.js +2 -2
package/lib/aws/compute/code.js +44 -11
package/lib/aws/compute/condition.js +1 -1
package/lib/aws/compute/connections.js +1 -1
package/lib/aws/compute/cors.js +1 -1
package/lib/aws/compute/deployment.js +1 -1
package/lib/aws/compute/domain-name.js +1 -1
package/lib/aws/compute/event-invoke-config.js +1 -1
package/lib/aws/compute/event-source-filter.js +2 -2
package/lib/aws/compute/event-source-mapping.js +1 -1
package/lib/aws/compute/event-sources/s3-onfailure-destination.js +1 -1
package/lib/aws/compute/event-sources/s3.js +1 -1
package/lib/aws/compute/event-sources/sqs-dlq.js +1 -1
package/lib/aws/compute/event-sources/sqs.js +1 -1
package/lib/aws/compute/fields.js +4 -4
package/lib/aws/compute/function-alias.js +1 -1
package/lib/aws/compute/function-base.d.ts +20 -0
package/lib/aws/compute/function-base.js +23 -3
package/lib/aws/compute/function-destinations/event-bridge.js +1 -1
package/lib/aws/compute/function-destinations/function.js +1 -1
package/lib/aws/compute/function-destinations/sqs.js +1 -1
package/lib/aws/compute/function-nodejs/function.js +1 -1
package/lib/aws/compute/function-url.js +1 -1
package/lib/aws/compute/function.d.ts +88 -1
package/lib/aws/compute/function.js +108 -18
package/lib/aws/compute/gateway-response.js +2 -2
package/lib/aws/compute/handler.js +1 -1
package/lib/aws/compute/instance-types.js +1 -1
package/lib/aws/compute/instance.js +1 -1
package/lib/aws/compute/integration.js +1 -1
package/lib/aws/compute/integrations/aws.js +1 -1
package/lib/aws/compute/integrations/http.js +1 -1
package/lib/aws/compute/integrations/lambda.js +1 -1
package/lib/aws/compute/integrations/mock.js +1 -1
package/lib/aws/compute/integrations/stepfunctions.js +1 -1
package/lib/aws/compute/ip-addresses.js +2 -2
package/lib/aws/compute/ipam.js +1 -1
package/lib/aws/compute/key-pair.js +1 -1
package/lib/aws/compute/lambda-api.js +1 -1
package/lib/aws/compute/launch-template.js +2 -2
package/lib/aws/compute/lb-shared/base-listener.js +1 -1
package/lib/aws/compute/lb-shared/base-load-balancer.js +2 -2
package/lib/aws/compute/lb-shared/base-target-group.js +1 -1
package/lib/aws/compute/lb-shared/listener-certificate.js +1 -1
package/lib/aws/compute/lb-shared/load-balancer-targets.js +2 -2
package/lib/aws/compute/lb-targets/alb-target.js +3 -3
package/lib/aws/compute/lb-targets/instance-target.js +2 -2
package/lib/aws/compute/lb-targets/ip-target.js +1 -1
package/lib/aws/compute/lb-targets/lambda-target.js +1 -1
package/lib/aws/compute/load-balancer.js +3 -3
package/lib/aws/compute/machine-image/amazon-linux-2022.js +2 -2
package/lib/aws/compute/machine-image/amazon-linux-2023.js +2 -2
package/lib/aws/compute/machine-image/amazon-linux2.js +2 -2
package/lib/aws/compute/machine-image/common.js +1 -1
package/lib/aws/compute/machine-image/machine-image.js +8 -8
package/lib/aws/compute/method.js +1 -1
package/lib/aws/compute/model.js +3 -3
package/lib/aws/compute/nat.js +5 -5
package/lib/aws/compute/network-acl-types.js +2 -2
package/lib/aws/compute/network-acl.js +3 -3
package/lib/aws/compute/nlb/network-listener-action.js +1 -1
package/lib/aws/compute/nlb/network-listener.js +1 -1
package/lib/aws/compute/nlb/network-load-balancer.js +1 -1
package/lib/aws/compute/nlb/network-target-group.js +1 -1
package/lib/aws/compute/peer.js +1 -1
package/lib/aws/compute/placement-group.js +1 -1
package/lib/aws/compute/port.js +1 -1
package/lib/aws/compute/prefix-list.js +1 -1
package/lib/aws/compute/requestvalidator.js +1 -1
package/lib/aws/compute/resource.js +3 -3
package/lib/aws/compute/restapi.js +3 -3
package/lib/aws/compute/route.js +8 -8
package/lib/aws/compute/runtime.js +1 -1
package/lib/aws/compute/scalable-target.js +1 -1
package/lib/aws/compute/schedule.js +1 -1
package/lib/aws/compute/security-group.js +1 -1
package/lib/aws/compute/stage.js +2 -2
package/lib/aws/compute/state-graph.js +1 -1
package/lib/aws/compute/state-machine-fragment.js +1 -1
package/lib/aws/compute/state-machine.js +4 -4
package/lib/aws/compute/states/choice.js +1 -1
package/lib/aws/compute/states/custom-state.js +1 -1
package/lib/aws/compute/states/distributed-map/item-batcher.js +1 -1
package/lib/aws/compute/states/distributed-map/item-reader.js +5 -5
package/lib/aws/compute/states/distributed-map/result-writer.js +1 -1
package/lib/aws/compute/states/distributed-map.js +1 -1
package/lib/aws/compute/states/fail.js +1 -1
package/lib/aws/compute/states/map-base.js +1 -1
package/lib/aws/compute/states/map.js +1 -1
package/lib/aws/compute/states/parallel.js +1 -1
package/lib/aws/compute/states/pass.js +2 -2
package/lib/aws/compute/states/state.js +1 -1
package/lib/aws/compute/states/succeed.js +1 -1
package/lib/aws/compute/states/task-base.js +2 -2
package/lib/aws/compute/states/task.js +1 -1
package/lib/aws/compute/states/wait.js +2 -2
package/lib/aws/compute/step-scaling-action.js +1 -1
package/lib/aws/compute/step-scaling-policy.js +1 -1
package/lib/aws/compute/stepfunctions-api.js +1 -1
package/lib/aws/compute/subnet-v2.js +2 -2
package/lib/aws/compute/subnet.js +1 -1
package/lib/aws/compute/target-tracking-scaling-policy.js +1 -1
package/lib/aws/compute/task-credentials.js +1 -1
package/lib/aws/compute/task-input.js +1 -1
package/lib/aws/compute/tasks/aws-sdk/call-aws-service.js +1 -1
package/lib/aws/compute/tasks/eventbridge/put-events.js +1 -1
package/lib/aws/compute/tasks/http/invoke.js +1 -1
package/lib/aws/compute/tasks/lambda/invoke.js +1 -1
package/lib/aws/compute/tasks/sqs/send-message.js +1 -1
package/lib/aws/compute/tasks/stepfunctions/invoke-activity.js +1 -1
package/lib/aws/compute/tasks/stepfunctions/start-execution.js +1 -1
package/lib/aws/compute/types.js +1 -1
package/lib/aws/compute/usage-plan.js +1 -1
package/lib/aws/compute/user-data.js +3 -3
package/lib/aws/compute/volume.js +2 -2
package/lib/aws/compute/vpc-endpoint-service.js +1 -1
package/lib/aws/compute/vpc-endpoint.js +6 -6
package/lib/aws/compute/vpc-flow-logs.js +4 -4
package/lib/aws/compute/vpc-link.js +1 -1
package/lib/aws/compute/vpc-v2-base.js +1 -1
package/lib/aws/compute/vpc-v2.js +2 -2
package/lib/aws/compute/vpc.js +4 -4
package/lib/aws/compute/vpn.js +3 -3
package/lib/aws/edge/certificate.js +1 -1
package/lib/aws/edge/distribution.js +3 -3
package/lib/aws/edge/dns-alias-record-targets.js +3 -3
package/lib/aws/edge/dns-record.js +13 -13
package/lib/aws/edge/dns-zone.js +1 -1
package/lib/aws/edge/function.js +2 -2
package/lib/aws/edge/key-value-store.js +4 -4
package/lib/aws/edge/origin.js +3 -3
package/lib/aws/edge/response-headers-policy.js +1 -1
package/lib/aws/encryption/alias.js +1 -1
package/lib/aws/encryption/key.js +1 -1
package/lib/aws/encryption/via-service-principal.js +1 -1
package/lib/aws/iam/grant.js +2 -2
package/lib/aws/iam/group.js +1 -1
package/lib/aws/iam/instance-profile.js +1 -1
package/lib/aws/iam/managed-policy.js +1 -1
package/lib/aws/iam/oidc-provider.js +1 -1
package/lib/aws/iam/policy-document.js +1 -1
package/lib/aws/iam/policy-statement.js +1 -1
package/lib/aws/iam/policy.js +1 -1
package/lib/aws/iam/principals.js +20 -20
package/lib/aws/iam/role.js +1 -1
package/lib/aws/iam/saml-provider.js +2 -2
package/lib/aws/iam/unknown-principal.js +1 -1
package/lib/aws/iam/user.js +1 -1
package/lib/aws/network/simple-ipv4-vpc.d.ts +1 -0
package/lib/aws/network/simple-ipv4-vpc.js +3 -2
package/lib/aws/network/subnet-group.js +3 -3
package/lib/aws/network/subnet.d.ts +9 -0
package/lib/aws/network/subnet.js +14 -5
package/lib/aws/notify/archive.js +1 -1
package/lib/aws/notify/connection.js +3 -3
package/lib/aws/notify/event-bus.js +3 -3
package/lib/aws/notify/event-pattern.js +1 -1
package/lib/aws/notify/input.js +2 -2
package/lib/aws/notify/kinesis-stream.js +1 -1
package/lib/aws/notify/notification-rule.js +1 -1
package/lib/aws/notify/policy.js +1 -1
package/lib/aws/notify/queue-policy.js +1 -1
package/lib/aws/notify/queue.js +1 -1
package/lib/aws/notify/resource-policy.js +1 -1
package/lib/aws/notify/rule.js +1 -1
package/lib/aws/notify/schedule.js +1 -1
package/lib/aws/notify/subscription-filter.js +1 -1
package/lib/aws/notify/subscription.js +4 -4
package/lib/aws/notify/subscriptions/email.js +1 -1
package/lib/aws/notify/subscriptions/lambda.js +1 -1
package/lib/aws/notify/subscriptions/sms.js +1 -1
package/lib/aws/notify/subscriptions/sqs.js +1 -1
package/lib/aws/notify/subscriptions/url.js +1 -1
package/lib/aws/notify/targets/event-bus.js +1 -1
package/lib/aws/notify/targets/function.js +1 -1
package/lib/aws/notify/targets/log-group.js +2 -2
package/lib/aws/notify/targets/sqs.js +1 -1
package/lib/aws/notify/targets/state-machine.js +1 -1
package/lib/aws/notify/topic-base.js +1 -1
package/lib/aws/notify/topic.js +1 -1
package/lib/aws/storage/assets/image-asset.js +3 -3
package/lib/aws/storage/assets/s3.js +1 -1
package/lib/aws/storage/auth-token.js +2 -2
package/lib/aws/storage/billing.js +1 -1
package/lib/aws/storage/bucket-notifications.js +1 -1
package/lib/aws/storage/bucket-policy.js +1 -1
package/lib/aws/storage/bucket-source.js +1 -1
package/lib/aws/storage/bucket.js +2 -2
package/lib/aws/storage/capacity.js +1 -1
package/lib/aws/storage/ecr-repository.js +3 -3
package/lib/aws/storage/encryption.js +6 -14
package/lib/aws/storage/notification-targets/function.js +1 -1
package/lib/aws/storage/notification-targets/queue.js +1 -1
package/lib/aws/storage/origin-access-identity.js +1 -1
package/lib/aws/storage/parameter.js +2 -2
package/lib/aws/storage/table.js +3 -3
package/lib/bundling.js +3 -3
package/lib/construct-base.js +2 -2
package/lib/duration.js +1 -1
package/lib/errors.d.ts +118 -0
package/lib/errors.js +215 -0
package/lib/expiration.js +1 -1
package/lib/fs/ignore.js +4 -4
package/lib/fs/index.js +1 -1
package/lib/size.js +1 -1
package/lib/stack-base.js +1 -1
package/lib/terra-func.js +1 -1
package/lib/time-zone.js +1 -1
package/package.json +1 -1

package/lib/aws/compute/function.d.ts CHANGED Viewed

@@ -10,10 +10,12 @@ import { AliasOptions, Alias } from "./function-alias";
 import { LambdaFunctionBase, IFunction, FunctionAttributes, IEventSource } from "./function-base";
 import { FunctionUrl, FunctionUrlOptions } from "./function-url";
 import { VpcConfig } from "./function-vpc-config.generated";
+import { Runtime } from "./runtime";
+import { ISecurityGroup } from "./security-group";
+import { IVpc, SubnetSelection } from "./vpc";
 import { Duration } from "../../duration";
 import * as iam from "../iam";
 import { IQueue } from "../notify";
-import { Runtime } from "./runtime";
 export interface FunctionOutputs {
     /**
      * AWS Lambda function name
@@ -131,6 +133,14 @@ export interface FunctionOptions extends EventInvokeConfigOptions {
      * Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
      */
     readonly role?: iam.IRole;
+    /**
+     * Lambda Functions in a public subnet can NOT access the internet.
+     * Use this property to acknowledge this limitation and still place the function in a public subnet.
+     * @see https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841
+     *
+     * @default false
+     */
+    readonly allowPublicSubnet?: boolean;
     /**
      * Config for network connectivity to AWS resources in a VPC, specify a list
      * of subnet, and optionally security groups, in the VPC.
@@ -141,8 +151,74 @@ export interface FunctionOptions extends EventInvokeConfigOptions {
      * When you connect a function to a VPC, it can only access resources and the internet through that VPC.
      *
      * See [VPC Settings](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).
+     *
+     * @deprecated - This property is deprecated, use vpc and other related properties instead
      */
     readonly networkConfig?: VpcConfig;
+    /**
+     * VPC network to place Lambda network interfaces
+     *
+     * Specify this if the Lambda function needs to access resources in a VPC.
+     * This is required when `vpcSubnets` is specified.
+     *
+     * @default - Function is not placed within a VPC.
+     */
+    readonly vpc?: IVpc;
+    /**
+     * Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
+     *
+     * Only used if 'vpc' is supplied.
+     *
+     * @default false
+     */
+    readonly ipv6AllowedForDualStack?: boolean;
+    /**
+     * Where to place the network interfaces within the VPC.
+     *
+     * This requires `vpc` to be specified in order for interfaces to actually be
+     * placed in the subnets. If `vpc` is not specify, this will raise an error.
+     *
+     * Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
+     * public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
+     *
+     * @default - the Vpc default strategy if not specified
+     */
+    readonly vpcSubnets?: SubnetSelection;
+    /**
+     * The list of security groups to associate with the Lambda's network interfaces.
+     *
+     * Only used if 'vpc' is supplied.
+     *
+     * @default - If the function is placed within a VPC and a security group is
+     * not specified, either by this or securityGroup prop, a dedicated security
+     * group will be created for this function.
+     */
+    readonly securityGroups?: ISecurityGroup[];
+    /**
+     * Whether to allow the Lambda to send all network traffic (except ipv6)
+     *
+     * If set to false, you must individually add traffic rules to allow the
+     * Lambda to connect to network targets.
+     *
+     * Do not specify this property if the `securityGroups` or `securityGroup` property is set.
+     * Instead, configure `allowAllOutbound` directly on the security group.
+     *
+     * @default true
+     */
+    readonly allowAllOutbound?: boolean;
+    /**
+     * Whether to allow the Lambda to send all ipv6 network traffic
+     *
+     * If set to true, there will only be a single egress rule which allows all
+     * outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the
+     * Lambda to connect to network targets using ipv6.
+     *
+     * Do not specify this property if the `securityGroups` or `securityGroup` property is set.
+     * Instead, configure `allowAllIpv6Outbound` directly on the security group.
+     *
+     * @default false
+     */
+    readonly allowAllIpv6Outbound?: boolean;
     /**
      * The SQS DLQ.
      *
@@ -327,6 +403,10 @@ export declare class LambdaFunction extends LambdaFunctionBase implements IFunct
      * Undefined if the function was imported without a role.
      */
     readonly role?: iam.IRole;
+    /**
+     * The runtime configured for this lambda.
+     */
+    readonly runtime: Runtime;
     /**
      * The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
      */
@@ -415,6 +495,13 @@ export declare class LambdaFunction extends LambdaFunctionBase implements IFunct
      * Optionally create LambdaFunctionVpcConfig
      */
     private parseVpcConfig;
+    /**
+     * If configured, set up the VPC-related properties
+     *
+     * Returns the VpcConfig that should be added to the
+     * Lambda creation properties.
+     */
+    private configureVpc;
     private isQueue;
     private buildDeadLetterQueue;
     /**