terruvim-core-test 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/core/config.js +2 -0
- package/dist/src/core/configMerge.js +266 -0
- package/dist/src/core/configUtils.js +72 -0
- package/dist/src/core/dependencyResolver.js +17 -0
- package/dist/src/core/deployUtils.js +73 -0
- package/dist/src/core/dynamicResourceManager.js +709 -0
- package/dist/src/core/entrypoint.js +56 -0
- package/dist/src/core/generateFinalConfig.js +45 -0
- package/dist/src/core/index.js +24 -0
- package/dist/src/core/resourceMap.js +99 -0
- package/dist/src/factories/accountPermissions.js +134 -0
- package/dist/src/factories/acmFactory.js +30 -0
- package/dist/src/factories/albFactory.js +331 -0
- package/dist/src/factories/attachSecretAccessPolicy.js +56 -0
- package/dist/src/factories/auroraFactory.js +619 -0
- package/dist/src/factories/backupPolicy.js +152 -0
- package/dist/src/factories/bastionFactory.js +91 -0
- package/dist/src/factories/bedrockFactory.js +334 -0
- package/dist/src/factories/budgetFactory.js +64 -0
- package/dist/src/factories/buildAlbCloudWatchAlarmsHelper.js +79 -0
- package/dist/src/factories/buildAlbCloudWatchDashboardHelper.js +106 -0
- package/dist/src/factories/buildAlbListenerRulesHelper.js +45 -0
- package/dist/src/factories/buildAlbListenersHelper.js +64 -0
- package/dist/src/factories/buildAlbResourceHelper.js +54 -0
- package/dist/src/factories/buildAlbRoute53RecordHelper.js +49 -0
- package/dist/src/factories/buildAlbTargetGroupsHelper.js +47 -0
- package/dist/src/factories/buildAlbWafAssociationHelper.js +43 -0
- package/dist/src/factories/buildAndPushDockerImage.js +57 -0
- package/dist/src/factories/buildAwsCloudWatchAlarmsHelper.js +118 -0
- package/dist/src/factories/buildCloudFrontRoute53RecordHelper.js +49 -0
- package/dist/src/factories/buildEcsClusterArgs.js +32 -0
- package/dist/src/factories/buildEcsSecrets.js +48 -0
- package/dist/src/factories/buildForceRedeployEnv.js +8 -0
- package/dist/src/factories/buildResourceOptions.js +11 -0
- package/dist/src/factories/buildS3StaticHostingCicdHelper.js +142 -0
- package/dist/src/factories/buildS3StaticHostingCloudWatchDashboardHelper.js +122 -0
- package/dist/src/factories/cloudTrailFactory.js +22 -0
- package/dist/src/factories/cloudWatchCompositeAlarmFactory.js +91 -0
- package/dist/src/factories/cloudWatchInsightsQueryFactory.js +83 -0
- package/dist/src/factories/cloudWatchLogGroupFactory.js +84 -0
- package/dist/src/factories/cloudfrontCodePipelineFactory.js +357 -0
- package/dist/src/factories/cloudwatchAlarmsFactory.js +121 -0
- package/dist/src/factories/codePipelineNotificationFactory.js +193 -0
- package/dist/src/factories/codePipelineNotificationRulesFactory.js +117 -0
- package/dist/src/factories/codeStarConnectionFactory.js +56 -0
- package/dist/src/factories/collectSecretKeys.js +18 -0
- package/dist/src/factories/comprehensiveNotificationFactory.js +250 -0
- package/dist/src/factories/costAndUsageReportFactory.js +32 -0
- package/dist/src/factories/createAwsAcmCertificate.js +40 -0
- package/dist/src/factories/createAwsBudget.js +40 -0
- package/dist/src/factories/createAwsCloudTrail.js +59 -0
- package/dist/src/factories/createAwsCloudwatchDashboard.js +59 -0
- package/dist/src/factories/createAwsEc2Instance.js +40 -0
- package/dist/src/factories/createAwsEventBridgeEventBus.js +40 -0
- package/dist/src/factories/createAwsGuardDutyDetector.js +40 -0
- package/dist/src/factories/createAwsGuardDutyDetectorFeature.js +45 -0
- package/dist/src/factories/createAwsGuardDutyFilter.js +46 -0
- package/dist/src/factories/createAwsGuardDutyPublishingDestination.js +50 -0
- package/dist/src/factories/createAwsHostedZone.js +40 -0
- package/dist/src/factories/createAwsIamRole.js +49 -0
- package/dist/src/factories/createAwsIamRoleInlinePolicies.js +48 -0
- package/dist/src/factories/createAwsIdentitystoreGroup.js +44 -0
- package/dist/src/factories/createAwsIdentitystoreGroupMembership.js +56 -0
- package/dist/src/factories/createAwsIdentitystoreUser.js +47 -0
- package/dist/src/factories/createAwsInspectorAssessmentTarget.js +47 -0
- package/dist/src/factories/createAwsInspectorDelegatedAdminAccount.js +47 -0
- package/dist/src/factories/createAwsInspectorEnabler.js +49 -0
- package/dist/src/factories/createAwsInspectorOrganizationConfiguration.js +55 -0
- package/dist/src/factories/createAwsKmsAliases.js +47 -0
- package/dist/src/factories/createAwsKmsKey.js +51 -0
- package/dist/src/factories/createAwsMacieAccount.js +45 -0
- package/dist/src/factories/createAwsMacieClassificationJob.js +53 -0
- package/dist/src/factories/createAwsMacieMember.js +49 -0
- package/dist/src/factories/createAwsMacieOrganizationConfiguration.js +44 -0
- package/dist/src/factories/createAwsRdsCluster.js +40 -0
- package/dist/src/factories/createAwsRdsClusterInstance.js +40 -0
- package/dist/src/factories/createAwsRdsInstance.js +40 -0
- package/dist/src/factories/createAwsRdsSubnetGroup.js +40 -0
- package/dist/src/factories/createAwsRoute53Record.js +40 -0
- package/dist/src/factories/createAwsSecret.js +40 -0
- package/dist/src/factories/createAwsSecretRotation.js +40 -0
- package/dist/src/factories/createAwsSecretVersion.js +40 -0
- package/dist/src/factories/createAwsSecurityGroup.js +40 -0
- package/dist/src/factories/createAwsSecurityGroupRule.js +40 -0
- package/dist/src/factories/createAwsSecurityHubAccount.js +40 -0
- package/dist/src/factories/createAwsSecurityHubAutomationRule.js +48 -0
- package/dist/src/factories/createAwsSecurityHubStandardsControl.js +44 -0
- package/dist/src/factories/createAwsSecurityHubStandardsSubscription.js +42 -0
- package/dist/src/factories/createAwsSesDomainDkim.js +40 -0
- package/dist/src/factories/createAwsSesDomainIdentity.js +40 -0
- package/dist/src/factories/createAwsSesEmailIdentity.js +40 -0
- package/dist/src/factories/createAwsSnsSubscription.js +62 -0
- package/dist/src/factories/createAwsSnsTopic.js +41 -0
- package/dist/src/factories/createAwsSqsQueue.js +40 -0
- package/dist/src/factories/createAwsSsmParameters.js +66 -0
- package/dist/src/factories/createAwsSsoAccountAssignment.js +66 -0
- package/dist/src/factories/createAwsSsoPermissionSet.js +64 -0
- package/dist/src/factories/createAwsStepFunctionsStateMachine.js +40 -0
- package/dist/src/factories/createBudget.js +56 -0
- package/dist/src/factories/createBudgetWithSnsAlert.js +79 -0
- package/dist/src/factories/createCostAndUsageReport.js +40 -0
- package/dist/src/factories/createEcrRepo.js +69 -0
- package/dist/src/factories/createEcsRolesAndPolicies.js +84 -0
- package/dist/src/factories/createEcsService.js +71 -0
- package/dist/src/factories/createEnvSecret.js +60 -0
- package/dist/src/factories/createGithubCodeStarConnection.js +44 -0
- package/dist/src/factories/createIamUserWithAccessKey.js +44 -0
- package/dist/src/factories/createLambdaFunction.js +89 -0
- package/dist/src/factories/createLambdaPermission.js +57 -0
- package/dist/src/factories/createListenerRule.js +68 -0
- package/dist/src/factories/createLogGroup.js +44 -0
- package/dist/src/factories/createSlackChannelConfiguration.js +49 -0
- package/dist/src/factories/createTargetGroup.js +50 -0
- package/dist/src/factories/createTaskDefinition.js +49 -0
- package/dist/src/factories/createVpcEndpoint.js +49 -0
- package/dist/src/factories/dashboardFactory.js +94 -0
- package/dist/src/factories/dataProtectionPolicyBuilder.js +103 -0
- package/dist/src/factories/ec2Factory.js +67 -0
- package/dist/src/factories/ecsClusterFactory.js +90 -0
- package/dist/src/factories/ecsCodePipelineFactory.js +308 -0
- package/dist/src/factories/ecsServiceFactory.js +350 -0
- package/dist/src/factories/enhancedCloudFrontCodePipelineFactory.js +205 -0
- package/dist/src/factories/enhancedEcsCodePipelineFactory.js +189 -0
- package/dist/src/factories/eventBridgeBusFactory.js +84 -0
- package/dist/src/factories/eventBridgeFactory.js +26 -0
- package/dist/src/factories/eventBridgeRuleFactory.js +114 -0
- package/dist/src/factories/fetchAllSecrets.js +51 -0
- package/dist/src/factories/getDeterministicPriority.js +13 -0
- package/dist/src/factories/getOrCreateSshKeyPair.js +57 -0
- package/dist/src/factories/guardDutyFactory.js +151 -0
- package/dist/src/factories/hostedZoneFactory.js +30 -0
- package/dist/src/factories/iamRoleFactory.js +29 -0
- package/dist/src/factories/inspectorFactory.js +109 -0
- package/dist/src/factories/kmsKeyFactory.js +32 -0
- package/dist/src/factories/lambdaFactory.js +133 -0
- package/dist/src/factories/lambdaPermissionFactory.js +32 -0
- package/dist/src/factories/logDataProtectionPolicyFactory.js +81 -0
- package/dist/src/factories/macieFactory.js +85 -0
- package/dist/src/factories/networkingFactory.js +429 -0
- package/dist/src/factories/opensearchCollectionFactory.js +109 -0
- package/dist/src/factories/organizationFactory.js +221 -0
- package/dist/src/factories/processReservedInstances.js +6 -0
- package/dist/src/factories/processSavingsPlans.js +43 -0
- package/dist/src/factories/rdsFactory.js +40 -0
- package/dist/src/factories/recordFactory.js +36 -0
- package/dist/src/factories/resolveEnvSecrets.js +14 -0
- package/dist/src/factories/resourceFactory.js +12 -0
- package/dist/src/factories/s3Factory.js +262 -0
- package/dist/src/factories/s3StaticHostingFactory.backup.js +424 -0
- package/dist/src/factories/s3StaticHostingFactory.js +348 -0
- package/dist/src/factories/s3StaticHostingFactory.refactored.js +334 -0
- package/dist/src/factories/savingsPlanFactory.js +26 -0
- package/dist/src/factories/secretsManagerFactory.js +107 -0
- package/dist/src/factories/securityGroupFactory.js +28 -0
- package/dist/src/factories/securityGroupRuleFactory.js +43 -0
- package/dist/src/factories/securityHubFactory.js +96 -0
- package/dist/src/factories/sesDomainDkimFactory.js +25 -0
- package/dist/src/factories/sesFactory.js +25 -0
- package/dist/src/factories/sesIdentitiesFactory.js +134 -0
- package/dist/src/factories/simpleNotificationFactory.js +112 -0
- package/dist/src/factories/smtpUserFactory.js +108 -0
- package/dist/src/factories/snsFactory.js +87 -0
- package/dist/src/factories/sqsFactory.js +41 -0
- package/dist/src/factories/ssmParameterFactory.js +67 -0
- package/dist/src/factories/ssoFactory.js +32 -0
- package/dist/src/factories/ssoGroupFactory.js +41 -0
- package/dist/src/factories/ssoPermissionSetFactory.js +29 -0
- package/dist/src/factories/ssoUserFactory.js +30 -0
- package/dist/src/factories/stepFunctionsFactory.js +32 -0
- package/dist/src/factories/tagPolicies.js +99 -0
- package/dist/src/factories/transformBudgetCostFilters.js +8 -0
- package/dist/src/factories/transformBudgetNotifications.js +12 -0
- package/dist/src/factories/transformBudgetPlannedLimits.js +8 -0
- package/dist/src/factories/types.js +2 -0
- package/dist/src/factories/validateAcmConfig.js +26 -0
- package/dist/src/factories/validateAuroraConfig.js +8 -0
- package/dist/src/factories/validateBedrockConfig.js +124 -0
- package/dist/src/factories/validateDashboardConfig.js +28 -0
- package/dist/src/factories/validateEventBridgeConfig.js +14 -0
- package/dist/src/factories/validateHostedZoneConfig.js +26 -0
- package/dist/src/factories/validateIamRoleConfig.js +8 -0
- package/dist/src/factories/validateKmsKeyConfig.js +8 -0
- package/dist/src/factories/validateRdsConfig.js +17 -0
- package/dist/src/factories/validateRoute53RecordConfig.js +41 -0
- package/dist/src/factories/validateS3Config.js +8 -0
- package/dist/src/factories/validateSecretsManagerConfig.js +8 -0
- package/dist/src/factories/validateSecurityGroupConfig.js +8 -0
- package/dist/src/factories/validateSecurityGroupRuleConfig.js +8 -0
- package/dist/src/factories/validateSesDomainDkimConfig.js +8 -0
- package/dist/src/factories/validateSesDomainIdentityConfig.js +8 -0
- package/dist/src/factories/validateSesIdentitiesConfig.js +40 -0
- package/dist/src/factories/validateSnsConfig.js +11 -0
- package/dist/src/factories/validateSqsConfig.js +11 -0
- package/dist/src/factories/validateSsmParameterFactoryConfig.js +9 -0
- package/dist/src/factories/validateStepFunctionsConfig.js +8 -0
- package/dist/src/factories/vpcEndpointFactory.js +98 -0
- package/dist/src/factories/wafFactory.js +499 -0
- package/package.json +71 -0
- package/scripts/copy-assets.js +136 -0
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateBedrockConfig = validateBedrockConfig;
|
|
4
|
+
function validateBedrockConfig(config) {
|
|
5
|
+
if (!config.id) {
|
|
6
|
+
throw new Error("Bedrock config must include an id");
|
|
7
|
+
}
|
|
8
|
+
if (!config.configuration) {
|
|
9
|
+
throw new Error("Bedrock config must include configuration");
|
|
10
|
+
}
|
|
11
|
+
const { configuration } = config;
|
|
12
|
+
if (!configuration.foundationModel) {
|
|
13
|
+
throw new Error("Bedrock config must include foundationModel");
|
|
14
|
+
}
|
|
15
|
+
if (!configuration.foundationModel.modelId) {
|
|
16
|
+
throw new Error("Foundation model must have a modelId");
|
|
17
|
+
}
|
|
18
|
+
if (!configuration.foundationModel.region) {
|
|
19
|
+
throw new Error("Foundation model must have a region");
|
|
20
|
+
}
|
|
21
|
+
const supportedModels = [
|
|
22
|
+
'eu.anthropic.claude-3-7-sonnet-20250219-v1:0',
|
|
23
|
+
'anthropic.claude-3-sonnet-20240229-v1:0',
|
|
24
|
+
'anthropic.claude-3-haiku-20240307-v1:0',
|
|
25
|
+
'anthropic.claude-3-opus-20240229-v1:0',
|
|
26
|
+
'anthropic.claude-v2:1',
|
|
27
|
+
'anthropic.claude-v2',
|
|
28
|
+
'amazon.titan-text-express-v1',
|
|
29
|
+
'amazon.titan-text-lite-v1',
|
|
30
|
+
'amazon.titan-embed-text-v1',
|
|
31
|
+
'cohere.command-text-v14',
|
|
32
|
+
'cohere.command-light-text-v14',
|
|
33
|
+
'ai21.j2-ultra-v1',
|
|
34
|
+
'ai21.j2-mid-v1',
|
|
35
|
+
'meta.llama2-13b-chat-v1',
|
|
36
|
+
'meta.llama2-70b-chat-v1'
|
|
37
|
+
];
|
|
38
|
+
if (!supportedModels.some(model => configuration.foundationModel.modelId.includes(model.split(':')[0]))) {
|
|
39
|
+
console.warn(`Model ID ${configuration.foundationModel.modelId} may not be supported. Supported models: ${supportedModels.join(', ')}`);
|
|
40
|
+
}
|
|
41
|
+
if (configuration.knowledgeBases) {
|
|
42
|
+
configuration.knowledgeBases.forEach((kb, index) => {
|
|
43
|
+
if (!kb.name) {
|
|
44
|
+
throw new Error(`Knowledge base at index ${index} must have a name`);
|
|
45
|
+
}
|
|
46
|
+
if (!kb.description) {
|
|
47
|
+
throw new Error(`Knowledge base '${kb.name}' must have a description`);
|
|
48
|
+
}
|
|
49
|
+
if (!kb.vectorDatabase.type) {
|
|
50
|
+
throw new Error(`Knowledge base '${kb.name}' must specify vector database type`);
|
|
51
|
+
}
|
|
52
|
+
if (kb.vectorDatabase.type === 'opensearch' && !kb.vectorDatabase.opensearchConfiguration) {
|
|
53
|
+
throw new Error(`Knowledge base '${kb.name}' with OpenSearch type must have opensearchConfiguration`);
|
|
54
|
+
}
|
|
55
|
+
if (!kb.embeddingModel.modelArn) {
|
|
56
|
+
throw new Error(`Knowledge base '${kb.name}' must have an embedding model ARN`);
|
|
57
|
+
}
|
|
58
|
+
if (kb.dataSource) {
|
|
59
|
+
if (kb.dataSource.type === 's3' && !kb.dataSource.s3Configuration?.bucketArn) {
|
|
60
|
+
throw new Error(`Knowledge base '${kb.name}' with S3 data source must have bucketArn`);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
});
|
|
64
|
+
}
|
|
65
|
+
if (configuration.agents) {
|
|
66
|
+
configuration.agents.forEach((agent, index) => {
|
|
67
|
+
if (!agent.name) {
|
|
68
|
+
throw new Error(`Agent at index ${index} must have a name`);
|
|
69
|
+
}
|
|
70
|
+
if (!agent.description) {
|
|
71
|
+
throw new Error(`Agent '${agent.name}' must have a description`);
|
|
72
|
+
}
|
|
73
|
+
if (!agent.foundationModel) {
|
|
74
|
+
throw new Error(`Agent '${agent.name}' must specify a foundation model`);
|
|
75
|
+
}
|
|
76
|
+
if (!agent.instruction) {
|
|
77
|
+
throw new Error(`Agent '${agent.name}' must have instructions`);
|
|
78
|
+
}
|
|
79
|
+
if (agent.actionGroups) {
|
|
80
|
+
agent.actionGroups.forEach((actionGroup, agIndex) => {
|
|
81
|
+
if (!actionGroup.actionGroupName) {
|
|
82
|
+
throw new Error(`Action group at index ${agIndex} for agent '${agent.name}' must have a name`);
|
|
83
|
+
}
|
|
84
|
+
if (!actionGroup.actionGroupExecutor.lambda) {
|
|
85
|
+
throw new Error(`Action group '${actionGroup.actionGroupName}' for agent '${agent.name}' must have a lambda executor`);
|
|
86
|
+
}
|
|
87
|
+
});
|
|
88
|
+
}
|
|
89
|
+
});
|
|
90
|
+
}
|
|
91
|
+
if (configuration.guardrails) {
|
|
92
|
+
configuration.guardrails.forEach((guardrail, index) => {
|
|
93
|
+
if (!guardrail.name) {
|
|
94
|
+
throw new Error(`Guardrail at index ${index} must have a name`);
|
|
95
|
+
}
|
|
96
|
+
if (!guardrail.description) {
|
|
97
|
+
throw new Error(`Guardrail '${guardrail.name}' must have a description`);
|
|
98
|
+
}
|
|
99
|
+
if (!guardrail.blockedInputMessaging) {
|
|
100
|
+
throw new Error(`Guardrail '${guardrail.name}' must have blockedInputMessaging`);
|
|
101
|
+
}
|
|
102
|
+
if (!guardrail.blockedOutputsMessaging) {
|
|
103
|
+
throw new Error(`Guardrail '${guardrail.name}' must have blockedOutputsMessaging`);
|
|
104
|
+
}
|
|
105
|
+
});
|
|
106
|
+
}
|
|
107
|
+
if (configuration.security?.enableVpcEndpoint && !configuration.security.vpcEndpointConfig) {
|
|
108
|
+
throw new Error("VPC endpoint configuration is required when enableVpcEndpoint is true");
|
|
109
|
+
}
|
|
110
|
+
if (configuration.security?.vpcEndpointConfig) {
|
|
111
|
+
if (!configuration.security.vpcEndpointConfig.subnetIds ||
|
|
112
|
+
configuration.security.vpcEndpointConfig.subnetIds.length === 0) {
|
|
113
|
+
throw new Error("VPC endpoint configuration must include subnet IDs");
|
|
114
|
+
}
|
|
115
|
+
if (!configuration.security.vpcEndpointConfig.securityGroupIds ||
|
|
116
|
+
configuration.security.vpcEndpointConfig.securityGroupIds.length === 0) {
|
|
117
|
+
throw new Error("VPC endpoint configuration must include security group IDs");
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
if (configuration.costOptimization?.enableProvisionedThroughput &&
|
|
121
|
+
!configuration.costOptimization.provisionedModelUnits) {
|
|
122
|
+
throw new Error("Provisioned model units must be specified when enabling provisioned throughput");
|
|
123
|
+
}
|
|
124
|
+
}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateDashboardConfig = validateDashboardConfig;
|
|
4
|
+
function validateDashboardConfig(config) {
|
|
5
|
+
if (!config.id || !config.name || !Array.isArray(config.widgets)) {
|
|
6
|
+
throw new Error("Dashboard config must include id, name, and widgets (array)");
|
|
7
|
+
}
|
|
8
|
+
if (config.widgets.length === 0) {
|
|
9
|
+
throw new Error("Dashboard widgets array must not be empty");
|
|
10
|
+
}
|
|
11
|
+
for (const widget of config.widgets) {
|
|
12
|
+
if (!widget.type || !widget.properties) {
|
|
13
|
+
throw new Error("Each widget must have a type and properties");
|
|
14
|
+
}
|
|
15
|
+
}
|
|
16
|
+
if (config.tags && typeof config.tags !== 'object') {
|
|
17
|
+
throw new Error("tags must be an object");
|
|
18
|
+
}
|
|
19
|
+
if (config.description && typeof config.description !== 'string') {
|
|
20
|
+
throw new Error("description must be a string");
|
|
21
|
+
}
|
|
22
|
+
if (config.notes && typeof config.notes !== 'string') {
|
|
23
|
+
throw new Error("notes must be a string");
|
|
24
|
+
}
|
|
25
|
+
if (config.meta && typeof config.meta !== 'object') {
|
|
26
|
+
throw new Error("meta must be an object");
|
|
27
|
+
}
|
|
28
|
+
}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateEventBridgeConfig = validateEventBridgeConfig;
|
|
4
|
+
function validateEventBridgeConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name) {
|
|
6
|
+
throw new Error("EventBridge config must include configuration with name");
|
|
7
|
+
}
|
|
8
|
+
if (config.configuration.tags && typeof config.configuration.tags !== "object") {
|
|
9
|
+
throw new Error("tags must be an object");
|
|
10
|
+
}
|
|
11
|
+
if (config.configuration.policy && typeof config.configuration.policy !== "object") {
|
|
12
|
+
throw new Error("policy must be an object");
|
|
13
|
+
}
|
|
14
|
+
}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateHostedZoneConfig = validateHostedZoneConfig;
|
|
4
|
+
function validateHostedZoneConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name) {
|
|
6
|
+
throw new Error("HostedZone config must include configuration with name");
|
|
7
|
+
}
|
|
8
|
+
if (config.configuration.comment && typeof config.configuration.comment !== "string") {
|
|
9
|
+
throw new Error("comment must be a string");
|
|
10
|
+
}
|
|
11
|
+
if (config.configuration.tags && typeof config.configuration.tags !== "object") {
|
|
12
|
+
throw new Error("tags must be an object");
|
|
13
|
+
}
|
|
14
|
+
if (config.configuration.forceDestroy && typeof config.configuration.forceDestroy !== "boolean") {
|
|
15
|
+
throw new Error("forceDestroy must be a boolean");
|
|
16
|
+
}
|
|
17
|
+
if (config.configuration.vpc && typeof config.configuration.vpc !== "object") {
|
|
18
|
+
throw new Error("vpc must be an object");
|
|
19
|
+
}
|
|
20
|
+
if (config.configuration.delegationSetId && typeof config.configuration.delegationSetId !== "string") {
|
|
21
|
+
throw new Error("delegationSetId must be a string");
|
|
22
|
+
}
|
|
23
|
+
if (config.configuration.queryLoggingConfig && typeof config.configuration.queryLoggingConfig !== "object") {
|
|
24
|
+
throw new Error("queryLoggingConfig must be an object");
|
|
25
|
+
}
|
|
26
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateIamRoleConfig = validateIamRoleConfig;
|
|
4
|
+
function validateIamRoleConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name || !config.configuration.assumeRolePolicy) {
|
|
6
|
+
throw new Error("IAM Role config must include configuration with name and assumeRolePolicy");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateKmsKeyConfig = validateKmsKeyConfig;
|
|
4
|
+
function validateKmsKeyConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.description) {
|
|
6
|
+
throw new Error("KMS Key config must include configuration with description");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateRdsConfig = validateRdsConfig;
|
|
4
|
+
function validateRdsConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.engine) {
|
|
6
|
+
throw new Error("RDS config must include configuration with engine");
|
|
7
|
+
}
|
|
8
|
+
if (config.configuration.storageEncrypted === false) {
|
|
9
|
+
console.warn("[WARN] RDS instance is not encrypted. This is not recommended for production.");
|
|
10
|
+
}
|
|
11
|
+
if (!config.configuration.deletionProtection) {
|
|
12
|
+
console.warn("[WARN] RDS instance does not have deletion protection enabled. This is not recommended for production.");
|
|
13
|
+
}
|
|
14
|
+
if (!config.inputs || !config.inputs.subnetIds || config.inputs.subnetIds.length === 0) {
|
|
15
|
+
throw new Error("RDS config must include at least one subnetId");
|
|
16
|
+
}
|
|
17
|
+
}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateRoute53RecordConfig = validateRoute53RecordConfig;
|
|
4
|
+
function validateRoute53RecordConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.zoneId || !config.configuration.name || !config.configuration.type) {
|
|
6
|
+
throw new Error("Record config must include configuration with zoneId, name, type");
|
|
7
|
+
}
|
|
8
|
+
if (config.configuration.ttl && typeof config.configuration.ttl !== "number") {
|
|
9
|
+
throw new Error("ttl must be a number");
|
|
10
|
+
}
|
|
11
|
+
if (config.configuration.records && !Array.isArray(config.configuration.records)) {
|
|
12
|
+
throw new Error("records must be an array");
|
|
13
|
+
}
|
|
14
|
+
if (config.configuration.alias && typeof config.configuration.alias !== "object") {
|
|
15
|
+
throw new Error("alias must be an object");
|
|
16
|
+
}
|
|
17
|
+
if (config.configuration.setIdentifier && typeof config.configuration.setIdentifier !== "string") {
|
|
18
|
+
throw new Error("setIdentifier must be a string");
|
|
19
|
+
}
|
|
20
|
+
if (config.configuration.failover && typeof config.configuration.failover !== "string") {
|
|
21
|
+
throw new Error("failover must be a string");
|
|
22
|
+
}
|
|
23
|
+
if (config.configuration.healthCheckId && typeof config.configuration.healthCheckId !== "string") {
|
|
24
|
+
throw new Error("healthCheckId must be a string");
|
|
25
|
+
}
|
|
26
|
+
if (config.configuration.multivalueAnswer && typeof config.configuration.multivalueAnswer !== "boolean") {
|
|
27
|
+
throw new Error("multivalueAnswer must be a boolean");
|
|
28
|
+
}
|
|
29
|
+
if (config.configuration.geoLocation && typeof config.configuration.geoLocation !== "object") {
|
|
30
|
+
throw new Error("geoLocation must be an object");
|
|
31
|
+
}
|
|
32
|
+
if (config.configuration.latencyRoutingRegion && typeof config.configuration.latencyRoutingRegion !== "string") {
|
|
33
|
+
throw new Error("latencyRoutingRegion must be a string");
|
|
34
|
+
}
|
|
35
|
+
if (config.configuration.cidrRoutingPolicy && typeof config.configuration.cidrRoutingPolicy !== "object") {
|
|
36
|
+
throw new Error("cidrRoutingPolicy must be an object");
|
|
37
|
+
}
|
|
38
|
+
if (config.configuration.comment && typeof config.configuration.comment !== "string") {
|
|
39
|
+
throw new Error("comment must be a string");
|
|
40
|
+
}
|
|
41
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateS3Config = validateS3Config;
|
|
4
|
+
function validateS3Config(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.bucket) {
|
|
6
|
+
throw new Error("S3 config must include configuration with bucket");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSecretsManagerConfig = validateSecretsManagerConfig;
|
|
4
|
+
function validateSecretsManagerConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name) {
|
|
6
|
+
throw new Error("SecretsManager config must include configuration with name");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSecurityGroupConfig = validateSecurityGroupConfig;
|
|
4
|
+
function validateSecurityGroupConfig(config) {
|
|
5
|
+
if (!(config.inputs.vpcId || config.configuration.vpcId)) {
|
|
6
|
+
throw new Error("SecurityGroup config must include vpcId");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSecurityGroupRuleConfig = validateSecurityGroupRuleConfig;
|
|
4
|
+
function validateSecurityGroupRuleConfig(config) {
|
|
5
|
+
if (!(config.inputs.securityGroupId || config.configuration.securityGroupId)) {
|
|
6
|
+
throw new Error("SecurityGroupRule config must include securityGroupId");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSesDomainDkimConfig = validateSesDomainDkimConfig;
|
|
4
|
+
function validateSesDomainDkimConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.domain) {
|
|
6
|
+
throw new Error("SES DomainDkim config must include configuration with domain");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSesDomainIdentityConfig = validateSesDomainIdentityConfig;
|
|
4
|
+
function validateSesDomainIdentityConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.domain) {
|
|
6
|
+
throw new Error("SES config must include configuration with domain");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSesIdentitiesConfig = validateSesIdentitiesConfig;
|
|
4
|
+
function validateSesIdentitiesConfig(config) {
|
|
5
|
+
if (!config.configuration) {
|
|
6
|
+
throw new Error("SES Identities configuration is required");
|
|
7
|
+
}
|
|
8
|
+
const { domains, emails } = config.configuration;
|
|
9
|
+
if (!domains && !emails) {
|
|
10
|
+
throw new Error("At least one domain or email identity must be specified");
|
|
11
|
+
}
|
|
12
|
+
if (domains) {
|
|
13
|
+
if (!Array.isArray(domains)) {
|
|
14
|
+
throw new Error("Domains configuration must be an array");
|
|
15
|
+
}
|
|
16
|
+
domains.forEach((domain, index) => {
|
|
17
|
+
if (!domain.domain || typeof domain.domain !== 'string') {
|
|
18
|
+
throw new Error(`Domain at index ${index} must have a valid domain string`);
|
|
19
|
+
}
|
|
20
|
+
const domainRegex = /^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]\.[a-zA-Z]{2,}$/;
|
|
21
|
+
if (!domainRegex.test(domain.domain)) {
|
|
22
|
+
throw new Error(`Domain at index ${index} has invalid format: ${domain.domain}`);
|
|
23
|
+
}
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
if (emails) {
|
|
27
|
+
if (!Array.isArray(emails)) {
|
|
28
|
+
throw new Error("Emails configuration must be an array");
|
|
29
|
+
}
|
|
30
|
+
emails.forEach((emailConfig, index) => {
|
|
31
|
+
if (!emailConfig.email || typeof emailConfig.email !== 'string') {
|
|
32
|
+
throw new Error(`Email at index ${index} must have a valid email string`);
|
|
33
|
+
}
|
|
34
|
+
const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
|
|
35
|
+
if (!emailRegex.test(emailConfig.email)) {
|
|
36
|
+
throw new Error(`Email at index ${index} has invalid format: ${emailConfig.email}`);
|
|
37
|
+
}
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSnsConfig = validateSnsConfig;
|
|
4
|
+
function validateSnsConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name) {
|
|
6
|
+
throw new Error("SNS config must include configuration with name");
|
|
7
|
+
}
|
|
8
|
+
if (config.configuration.tags && typeof config.configuration.tags !== "object") {
|
|
9
|
+
throw new Error("tags must be an object");
|
|
10
|
+
}
|
|
11
|
+
}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSqsConfig = validateSqsConfig;
|
|
4
|
+
function validateSqsConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name) {
|
|
6
|
+
throw new Error("SQS config must include configuration with name");
|
|
7
|
+
}
|
|
8
|
+
if (config.configuration.tags && typeof config.configuration.tags !== "object") {
|
|
9
|
+
throw new Error("tags must be an object");
|
|
10
|
+
}
|
|
11
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateSsmParameterFactoryConfig = validateSsmParameterFactoryConfig;
|
|
4
|
+
function validateSsmParameterFactoryConfig(config) {
|
|
5
|
+
if (!config.id)
|
|
6
|
+
throw new Error("SsmParameterFactoryConfig must include id");
|
|
7
|
+
if (!config.configuration || !config.configuration.parameters)
|
|
8
|
+
throw new Error("SsmParameterFactoryConfig must include parameters");
|
|
9
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.validateStepFunctionsConfig = validateStepFunctionsConfig;
|
|
4
|
+
function validateStepFunctionsConfig(config) {
|
|
5
|
+
if (!config.configuration || !config.configuration.name || !config.configuration.definition) {
|
|
6
|
+
throw new Error("StepFunctions config must include configuration with name and definition");
|
|
7
|
+
}
|
|
8
|
+
}
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.VpcEndpointFactory = void 0;
|
|
4
|
+
const resourceFactory_1 = require("./resourceFactory");
|
|
5
|
+
const createVpcEndpoint_1 = require("./createVpcEndpoint");
|
|
6
|
+
class VpcEndpointFactory extends resourceFactory_1.ResourceFactory {
|
|
7
|
+
async createResource(config, provider) {
|
|
8
|
+
if (config.inputs?.hooks?.preCreate) {
|
|
9
|
+
for (const hook of config.inputs.hooks.preCreate) {
|
|
10
|
+
await this.runHook(hook, config);
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
const actualConfig = config.configuration || config;
|
|
14
|
+
if (actualConfig.vpcEndpointType === "Gateway") {
|
|
15
|
+
if (actualConfig.subnetIds)
|
|
16
|
+
throw new Error("subnetIds not allowed for Gateway endpoint");
|
|
17
|
+
if (actualConfig.securityGroupIds)
|
|
18
|
+
throw new Error("securityGroupIds not allowed for Gateway endpoint");
|
|
19
|
+
if (actualConfig.privateDnsEnabled)
|
|
20
|
+
throw new Error("privateDnsEnabled not allowed for Gateway endpoint");
|
|
21
|
+
}
|
|
22
|
+
if (actualConfig.vpcEndpointType === "Interface") {
|
|
23
|
+
if (actualConfig.routeTableIds)
|
|
24
|
+
throw new Error("routeTableIds not allowed for Interface endpoint");
|
|
25
|
+
}
|
|
26
|
+
const resource = (0, createVpcEndpoint_1.createVpcEndpoint)({
|
|
27
|
+
name: actualConfig.name,
|
|
28
|
+
vpcId: actualConfig.vpcId,
|
|
29
|
+
serviceName: actualConfig.serviceName,
|
|
30
|
+
vpcEndpointType: actualConfig.vpcEndpointType,
|
|
31
|
+
subnetIds: actualConfig.subnetIds,
|
|
32
|
+
routeTableIds: actualConfig.routeTableIds,
|
|
33
|
+
securityGroupIds: actualConfig.securityGroupIds,
|
|
34
|
+
privateDnsEnabled: actualConfig.privateDnsEnabled,
|
|
35
|
+
tags: actualConfig.tags,
|
|
36
|
+
provider: config.inputs?.provider || config.provider,
|
|
37
|
+
policy: actualConfig.policy,
|
|
38
|
+
ipAddressType: actualConfig.ipAddressType,
|
|
39
|
+
dnsOptions: actualConfig.dnsOptions,
|
|
40
|
+
connectionNotification: actualConfig.connectionNotification,
|
|
41
|
+
timeouts: actualConfig.timeouts,
|
|
42
|
+
dependsOn: actualConfig.dependsOn,
|
|
43
|
+
});
|
|
44
|
+
if (config.inputs?.hooks?.postCreate) {
|
|
45
|
+
for (const hook of config.inputs.hooks.postCreate) {
|
|
46
|
+
await this.runHook(hook, config, resource);
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
return resource;
|
|
50
|
+
}
|
|
51
|
+
getOutputs(resource, config) {
|
|
52
|
+
const allOutputs = {
|
|
53
|
+
id: resource.id,
|
|
54
|
+
dnsEntries: resource.dnsEntries,
|
|
55
|
+
vpcEndpointType: resource.vpcEndpointType,
|
|
56
|
+
serviceName: resource.serviceName,
|
|
57
|
+
arn: resource.arn,
|
|
58
|
+
networkInterfaceIds: resource.networkInterfaceIds,
|
|
59
|
+
state: resource.state,
|
|
60
|
+
tags: resource.tags,
|
|
61
|
+
};
|
|
62
|
+
if (config?.outputs) {
|
|
63
|
+
const filtered = {};
|
|
64
|
+
Object.keys(config.outputs).forEach(key => {
|
|
65
|
+
if (config.outputs && config.outputs[key] && allOutputs[key] !== undefined) {
|
|
66
|
+
filtered[key] = allOutputs[key];
|
|
67
|
+
}
|
|
68
|
+
});
|
|
69
|
+
return filtered;
|
|
70
|
+
}
|
|
71
|
+
return allOutputs;
|
|
72
|
+
}
|
|
73
|
+
validateConfig(config) {
|
|
74
|
+
const actualConfig = config.configuration || config;
|
|
75
|
+
if (!actualConfig.serviceName || !actualConfig.vpcEndpointType || !actualConfig.vpcId) {
|
|
76
|
+
throw new Error("VpcEndpointConfig must include serviceName, vpcEndpointType, vpcId");
|
|
77
|
+
}
|
|
78
|
+
if (actualConfig.vpcEndpointType === "Gateway") {
|
|
79
|
+
if (actualConfig.subnetIds)
|
|
80
|
+
throw new Error("subnetIds not allowed for Gateway endpoint");
|
|
81
|
+
if (actualConfig.securityGroupIds)
|
|
82
|
+
throw new Error("securityGroupIds not allowed for Gateway endpoint");
|
|
83
|
+
if (actualConfig.privateDnsEnabled)
|
|
84
|
+
throw new Error("privateDnsEnabled not allowed for Gateway endpoint");
|
|
85
|
+
}
|
|
86
|
+
if (actualConfig.vpcEndpointType === "Interface") {
|
|
87
|
+
if (actualConfig.routeTableIds)
|
|
88
|
+
throw new Error("routeTableIds not allowed for Interface endpoint");
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
async runHook(hook, config, resource) {
|
|
92
|
+
if (hook.type === "lambda") {
|
|
93
|
+
}
|
|
94
|
+
else if (hook.type === "slack") {
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
exports.VpcEndpointFactory = VpcEndpointFactory;
|