truemark-cdk-lib 1.15.0 → 1.15.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/aws-cloudfront/lib/distribution-builder.d.ts +33 -2
  2. package/aws-cloudfront/lib/distribution-builder.js +37 -0
  3. package/aws-cloudfront/lib/distribution-builder.js.map +1 -1
  4. package/aws-s3/lib/cloud-front-bucket-v2.d.ts +191 -0
  5. package/aws-s3/lib/cloud-front-bucket-v2.js +198 -0
  6. package/aws-s3/lib/cloud-front-bucket-v2.js.map +1 -0
  7. package/aws-s3/lib/cloud-front-bucket.d.ts +7 -6
  8. package/aws-s3/lib/cloud-front-bucket.js +3 -14
  9. package/aws-s3/lib/cloud-front-bucket.js.map +1 -1
  10. package/aws-s3/lib/cors.d.ts +2 -0
  11. package/aws-s3/lib/cors.js +18 -0
  12. package/aws-s3/lib/cors.js.map +1 -0
  13. package/aws-s3/lib/index.d.ts +2 -0
  14. package/aws-s3/lib/index.js +2 -0
  15. package/aws-s3/lib/index.js.map +1 -1
  16. package/package.json +1 -1
package/aws-cloudfront/lib/distribution-builder.d.ts CHANGED
@@ -1,10 +1,10 @@
1
- import { Distribution, DistributionProps, ErrorResponse, GeoRestriction, HttpVersion, IOrigin, PriceClass, SecurityPolicyProtocol, SSLMethod } from 'aws-cdk-lib/aws-cloudfront';
1
+ import { AccessLevel, Distribution, DistributionProps, ErrorResponse, GeoRestriction, HttpVersion, IOrigin, PriceClass, SecurityPolicyProtocol, SSLMethod } from 'aws-cdk-lib/aws-cloudfront';
2
2
  import { ICertificate } from 'aws-cdk-lib/aws-certificatemanager';
3
3
  import { IBucket } from 'aws-cdk-lib/aws-s3';
4
4
  import { Construct } from 'constructs';
5
5
  import { BehaviorBuilder } from './behavior-builder';
6
6
  import { DomainName } from '../../aws-route53';
7
- import { CloudFrontBucket } from '../../aws-s3';
7
+ import { CloudFrontBucket, CloudFrontBucketV2 } from '../../aws-s3';
8
8
  import { ExtendedConstruct } from '../../aws-cdk';
9
9
  export declare class DistributionBuilder extends ExtendedConstruct {
10
10
  protected props: any;
@@ -14,8 +14,39 @@ export declare class DistributionBuilder extends ExtendedConstruct {
14
14
  getBehaviorPaths(): string[];
15
15
  getOrigins(): IOrigin[];
16
16
  behavior(origin: IOrigin, path?: string): BehaviorBuilder;
17
+ /**
18
+ * Creates a behavior from a bucket using an OriginAccessIdentity.
19
+ *
20
+ * @deprecated use behaviorFromBucketV2
21
+ *
22
+ * @param bucket the bucket
23
+ * @param path the path for the behavior
24
+ */
17
25
  behaviorFromBucket(bucket: IBucket, path?: string): BehaviorBuilder;
26
+ /**
27
+ * Creates a behavior from a bucket using an OriginAccessControl.
28
+ *
29
+ * @param bucket the bucket
30
+ * @param path the path for the behavior
31
+ * @param originAccessLevels The access levels for the origin. Default is [AccessLevel.READ]
32
+ */
33
+ behaviorFromBucketV2(bucket: IBucket, path?: string, originAccessLevels?: AccessLevel[]): BehaviorBuilder;
34
+ /**
35
+ * Creates a behavior from a CloudFrontBucket.
36
+ *
37
+ * @deprecated use behaviorFromCloudFromBucketV2
38
+ *
39
+ * @param bucket the bucket
40
+ * @param path the path for the behavior
41
+ */
18
42
  behaviorFromCloudFromBucket(bucket: CloudFrontBucket, path?: string): BehaviorBuilder;
43
+ /**
44
+ * Creates a behavior from a CloudFrontBucketV2.
45
+ *
46
+ * @param bucket the bucket
47
+ * @param path the path for the behavior
48
+ */
49
+ behaviorFromCloudFromBucketV2(bucket: CloudFrontBucketV2, path?: string): BehaviorBuilder;
19
50
  behaviorFromDomainName(domainName: string | DomainName, path?: string): BehaviorBuilder;
20
51
  addBehavior(builder: BehaviorBuilder, path: string | undefined): DistributionBuilder;
21
52
  certificate(certificate?: ICertificate): DistributionBuilder;
package/aws-cloudfront/lib/distribution-builder.js CHANGED
@@ -24,6 +24,14 @@ class DistributionBuilder extends aws_cdk_1.ExtendedConstruct {
24
24
  behavior(origin, path) {
25
25
  return new behavior_builder_1.BehaviorBuilder(this, origin, path);
26
26
  }
27
+ /**
28
+ * Creates a behavior from a bucket using an OriginAccessIdentity.
29
+ *
30
+ * @deprecated use behaviorFromBucketV2
31
+ *
32
+ * @param bucket the bucket
33
+ * @param path the path for the behavior
34
+ */
27
35
  behaviorFromBucket(bucket, path) {
28
36
  return new behavior_builder_1.BehaviorBuilder(this, new aws_cloudfront_origins_1.S3Origin(bucket, {
29
37
  originAccessIdentity: new aws_cloudfront_1.OriginAccessIdentity(this, `Access${bucket.node.id}`, {
@@ -31,9 +39,38 @@ class DistributionBuilder extends aws_cdk_1.ExtendedConstruct {
31
39
  }),
32
40
  }), path);
33
41
  }
42
+ /**
43
+ * Creates a behavior from a bucket using an OriginAccessControl.
44
+ *
45
+ * @param bucket the bucket
46
+ * @param path the path for the behavior
47
+ * @param originAccessLevels The access levels for the origin. Default is [AccessLevel.READ]
48
+ */
49
+ behaviorFromBucketV2(bucket, path, originAccessLevels) {
50
+ return new behavior_builder_1.BehaviorBuilder(this, aws_cloudfront_origins_1.S3BucketOrigin.withOriginAccessControl(bucket, {
51
+ originAccessLevels: originAccessLevels !== null && originAccessLevels !== void 0 ? originAccessLevels : [aws_cloudfront_1.AccessLevel.READ],
52
+ }), path);
53
+ }
54
+ /**
55
+ * Creates a behavior from a CloudFrontBucket.
56
+ *
57
+ * @deprecated use behaviorFromCloudFromBucketV2
58
+ *
59
+ * @param bucket the bucket
60
+ * @param path the path for the behavior
61
+ */
34
62
  behaviorFromCloudFromBucket(bucket, path) {
35
63
  return new behavior_builder_1.BehaviorBuilder(this, bucket.toOrigin(), path);
36
64
  }
65
+ /**
66
+ * Creates a behavior from a CloudFrontBucketV2.
67
+ *
68
+ * @param bucket the bucket
69
+ * @param path the path for the behavior
70
+ */
71
+ behaviorFromCloudFromBucketV2(bucket, path) {
72
+ return new behavior_builder_1.BehaviorBuilder(this, bucket.toOrigin(), path);
73
+ }
37
74
  behaviorFromDomainName(domainName, path) {
38
75
  return new behavior_builder_1.BehaviorBuilder(this, new aws_cloudfront_origins_1.HttpOrigin(domainName.toString()), path);
39
76
  }
package/aws-cloudfront/lib/distribution-builder.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"distribution-builder.js","sourceRoot":"","sources":["distribution-builder.ts"],"names":[],"mappings":";;;AAAA,+DAYoC;AAIpC,yDAAmD;AAGnD,2CAAgD;AAChD,+EAAwE;AAExE,MAAa,mBAAoB,SAAQ,2BAAiB;IAKxD,YAAY,KAAgB,EAAE,EAAU;QACtC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QALnB,+DAA+D;QACrD,UAAK,GAAQ,EAAE,CAAC;QAChB,cAAS,GAAoC,EAAE,CAAC;IAI1D,CAAC;IAED,WAAW,CAAC,IAAY;QACtB,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC9B,CAAC;IAED,gBAAgB;QACd,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAED,UAAU;QACR,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,QAAQ,CAAC,MAAe,EAAE,IAAa;QACrC,OAAO,IAAI,kCAAe,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC;IAED,kBAAkB,CAAC,MAAe,EAAE,IAAa;QAC/C,OAAO,IAAI,kCAAe,CACxB,IAAI,EACJ,IAAI,iCAAQ,CAAC,MAAM,EAAE;YACnB,oBAAoB,EAAE,IAAI,qCAAoB,CAC5C,IAAI,EACJ,SAAS,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EACzB;gBACE,OAAO,EAAE,aAAa,MAAM,CAAC,UAAU,EAAE;aAC1C,CACF;SACF,CAAC,EACF,IAAI,CACL,CAAC;IACJ,CAAC;IAED,2BAA2B,CACzB,MAAwB,EACxB,IAAa;QAEb,OAAO,IAAI,kCAAe,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;IAED,sBAAsB,CACpB,UAA+B,EAC/B,IAAa;QAEb,OAAO,IAAI,kCAAe,CACxB,IAAI,EACJ,IAAI,mCAAU,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,EACrC,IAAI,CACL,CAAC;IACJ,CAAC;IAED,WAAW,CACT,OAAwB,EACxB,IAAwB;QAExB,IAAI,CAAC,SAAS,CAAC,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC,GAAG,OAAO,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,WAA0B;QACpC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW;SACZ,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,OAAgB;QACtB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,OAAO;SACR,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iBAAiB,CAAC,iBAA0B;QAC1C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,iBAAiB;SAClB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,GAAG,WAAoC;QACjD,MAAM,cAAc,GAAG,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5E,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW,EAAE,cAAc;SAC5B,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,UAA+B;;QACxC,MAAM,WAAW,GAAa,MAAA,IAAI,CAAC,KAAK,CAAC,WAAW,mCAAI,EAAE,CAAC;QAC3D,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW;SACZ,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,OAAiB;QACvB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,OAAO;SACR,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,UAAoB;QAC7B,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,UAAU;SACX,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,aAAuB;QACnC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,aAAa;SACd,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,cAAc,CAAC,cAA+B;QAC5C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,cAAc;SACf,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,WAAyB;QACnC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW;SACZ,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,SAAS,CAAC,SAAmB;QAC3B,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,SAAS;SACV,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kBAAkB,CAAC,kBAA4B;QAC7C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,kBAAkB;SACnB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,aAAsB;QAClC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,aAAa;SACd,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,UAAuB;QAChC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,UAAU;SACX,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,QAAQ,CAAC,QAAiB;QACxB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,QAAQ;SACT,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,cAAc,CAAC,cAAgC;QAC7C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,cAAc;SACf,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,aAA4B;;QACxC,MAAM,cAAc,GAAoB,MAAA,IAAI,CAAC,KAAK,CAAC,cAAc,mCAAI,EAAE,CAAC;QACxE,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,cAAc;SACf,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sBAAsB,CACpB,sBAA+C;QAE/C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,sBAAsB;SACvB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gBAAgB,CAAC,gBAA4B;QAC3C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,gBAAgB;SACjB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK;QACH,IAAI,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACxB,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YACzC,IAAI,CAAC,WAAW,CAAC,4BAAW,CAAC,WAAW,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,UAAU,CAAC,2BAAU,CAAC,eAAe,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,sBAAsB,KAAK,SAAS,EAAE,CAAC;YACpD,IAAI,CAAC,sBAAsB,CAAC,uCAAsB,CAAC,aAAa,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC;QAC3D,MAAM,mBAAmB,GAAoC,MAAM,CAAC,MAAM,CACxE,IAAI,CAAC,SAAS,CACf;aACE,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS,CAAC;aAC/C,MAAM,CACL,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE;;YACtB,SAAS,CAAC,MAAA,QAAQ,CAAC,IAAI,mCAAI,EAAE,CAAC,GAAG,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC1D,OAAO,SAAS,CAAC;QACnB,CAAC,EACD,EAAqC,CACtC,CAAC;QAEJ,OAAO;YACL,GAAG,IAAI,CAAC,KAAK;YACb,eAAe;YACf,mBAAmB;SACpB,CAAC;IACJ,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,6BAAY,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC;CACF;AA9QD,kDA8QC"}
1
+ {"version":3,"file":"distribution-builder.js","sourceRoot":"","sources":["distribution-builder.ts"],"names":[],"mappings":";;;AAAA,+DAaoC;AAIpC,yDAAmD;AAGnD,2CAAgD;AAChD,+EAI4C;AAE5C,MAAa,mBAAoB,SAAQ,2BAAiB;IAKxD,YAAY,KAAgB,EAAE,EAAU;QACtC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QALnB,+DAA+D;QACrD,UAAK,GAAQ,EAAE,CAAC;QAChB,cAAS,GAAoC,EAAE,CAAC;IAI1D,CAAC;IAED,WAAW,CAAC,IAAY;QACtB,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC9B,CAAC;IAED,gBAAgB;QACd,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACrC,CAAC;IAED,UAAU;QACR,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,QAAQ,CAAC,MAAe,EAAE,IAAa;QACrC,OAAO,IAAI,kCAAe,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC;IAED;;;;;;;OAOG;IACH,kBAAkB,CAAC,MAAe,EAAE,IAAa;QAC/C,OAAO,IAAI,kCAAe,CACxB,IAAI,EACJ,IAAI,iCAAQ,CAAC,MAAM,EAAE;YACnB,oBAAoB,EAAE,IAAI,qCAAoB,CAC5C,IAAI,EACJ,SAAS,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,EACzB;gBACE,OAAO,EAAE,aAAa,MAAM,CAAC,UAAU,EAAE;aAC1C,CACF;SACF,CAAC,EACF,IAAI,CACL,CAAC;IACJ,CAAC;IAED;;;;;;OAMG;IACH,oBAAoB,CAClB,MAAe,EACf,IAAa,EACb,kBAAkC;QAElC,OAAO,IAAI,kCAAe,CACxB,IAAI,EACJ,uCAAc,CAAC,uBAAuB,CAAC,MAAM,EAAE;YAC7C,kBAAkB,EAAE,kBAAkB,aAAlB,kBAAkB,cAAlB,kBAAkB,GAAI,CAAC,4BAAW,CAAC,IAAI,CAAC;SAC7D,CAAC,EACF,IAAI,CACL,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,2BAA2B,CACzB,MAAwB,EACxB,IAAa;QAEb,OAAO,IAAI,kCAAe,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;OAKG;IACH,6BAA6B,CAC3B,MAA0B,EAC1B,IAAa;QAEb,OAAO,IAAI,kCAAe,CAAC,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,CAAC;IAC5D,CAAC;IAED,sBAAsB,CACpB,UAA+B,EAC/B,IAAa;QAEb,OAAO,IAAI,kCAAe,CACxB,IAAI,EACJ,IAAI,mCAAU,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,EACrC,IAAI,CACL,CAAC;IACJ,CAAC;IAED,WAAW,CACT,OAAwB,EACxB,IAAwB;QAExB,IAAI,CAAC,SAAS,CAAC,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC,GAAG,OAAO,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,WAA0B;QACpC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW;SACZ,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,OAAgB;QACtB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,OAAO;SACR,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iBAAiB,CAAC,iBAA0B;QAC1C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,iBAAiB;SAClB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,GAAG,WAAoC;QACjD,MAAM,cAAc,GAAG,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5E,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW,EAAE,cAAc;SAC5B,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,UAA+B;;QACxC,MAAM,WAAW,GAAa,MAAA,IAAI,CAAC,KAAK,CAAC,WAAW,mCAAI,EAAE,CAAC;QAC3D,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW;SACZ,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,OAAiB;QACvB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,OAAO;SACR,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,UAAoB;QAC7B,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,UAAU;SACX,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,aAAuB;QACnC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,aAAa;SACd,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,cAAc,CAAC,cAA+B;QAC5C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,cAAc;SACf,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,WAAW,CAAC,WAAyB;QACnC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,WAAW;SACZ,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,SAAS,CAAC,SAAmB;QAC3B,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,SAAS;SACV,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kBAAkB,CAAC,kBAA4B;QAC7C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,kBAAkB;SACnB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,aAAsB;QAClC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,aAAa;SACd,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,UAAU,CAAC,UAAuB;QAChC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,UAAU;SACX,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,QAAQ,CAAC,QAAiB;QACxB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,QAAQ;SACT,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,cAAc,CAAC,cAAgC;QAC7C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,cAAc;SACf,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa,CAAC,aAA4B;;QACxC,MAAM,cAAc,GAAoB,MAAA,IAAI,CAAC,KAAK,CAAC,cAAc,mCAAI,EAAE,CAAC;QACxE,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,cAAc;SACf,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sBAAsB,CACpB,sBAA+C;QAE/C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,sBAAsB;SACvB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,gBAAgB,CAAC,gBAA4B;QAC3C,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,IAAI,CAAC,KAAK;YACb,gBAAgB;SACjB,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK;QACH,IAAI,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACxB,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YACzC,IAAI,CAAC,WAAW,CAAC,4BAAW,CAAC,WAAW,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,UAAU,CAAC,2BAAU,CAAC,eAAe,CAAC,CAAC;QAC9C,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,sBAAsB,KAAK,SAAS,EAAE,CAAC;YACpD,IAAI,CAAC,sBAAsB,CAAC,uCAAsB,CAAC,aAAa,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,aAAa,EAAE,CAAC;QAC3D,MAAM,mBAAmB,GAAoC,MAAM,CAAC,MAAM,CACxE,IAAI,CAAC,SAAS,CACf;aACE,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS,CAAC;aAC/C,MAAM,CACL,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE;;YACtB,SAAS,CAAC,MAAA,QAAQ,CAAC,IAAI,mCAAI,EAAE,CAAC,GAAG,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC1D,OAAO,SAAS,CAAC;QACnB,CAAC,EACD,EAAqC,CACtC,CAAC;QAEJ,OAAO;YACL,GAAG,IAAI,CAAC,KAAK;YACb,eAAe;YACf,mBAAmB;SACpB,CAAC;IACJ,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,6BAAY,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC;CACF;AAhUD,kDAgUC"}
package/aws-s3/lib/cloud-front-bucket-v2.d.ts ADDED
@@ -0,0 +1,191 @@
1
+ import { Construct } from 'constructs';
2
+ import { Bucket, CorsRule } from 'aws-cdk-lib/aws-s3';
3
+ import { IOrigin, Signing } from 'aws-cdk-lib/aws-cloudfront';
4
+ import { CacheControl, ISource } from 'aws-cdk-lib/aws-s3-deployment';
5
+ import { Duration, RemovalPolicy } from 'aws-cdk-lib';
6
+ import { ExtendedConstruct, ExtendedConstructProps } from '../../aws-cdk';
7
+ import { Grant, IGrantable } from 'aws-cdk-lib/aws-iam';
8
+ import * as iam from 'aws-cdk-lib/aws-iam';
9
+ export interface CloudFrontBucketV2DeploymentConfig {
10
+ /**
11
+ * The paths or sources to deploy.
12
+ */
13
+ readonly source: string | string[] | ISource | ISource[];
14
+ /**
15
+ * Prefix to add to the deployment path in the bucket.
16
+ */
17
+ readonly prefix?: string;
18
+ /**
19
+ * Paths to exclude from the deployment.
20
+ */
21
+ readonly exclude?: string | string[];
22
+ /**
23
+ * Sets the max-age in the Cache-Control header. Default is 15 minutes.
24
+ */
25
+ readonly maxAge?: Duration;
26
+ /**
27
+ * Sets the s-maxage in the Cache-Control header. Default is 7 days.
28
+ */
29
+ readonly sMaxAge?: Duration;
30
+ /**
31
+ * Additional Cache-Control directives to set. Default is none.
32
+ */
33
+ readonly cacheControl?: CacheControl[];
34
+ /**
35
+ * Whether to prune objects that exist in the bucket but not in the assets. Default is false.
36
+ */
37
+ readonly prune?: boolean;
38
+ }
39
+ /**
40
+ * Properties for CloudFrontBucketV2.
41
+ */
42
+ export interface CloudFrontBucketV2Props extends ExtendedConstructProps {
43
+ /**
44
+ * Policy to apply when the bucket is removed from this stack.
45
+ * @default RemovalPolicy.RETAIN
46
+ */
47
+ readonly removalPolicy?: RemovalPolicy;
48
+ /**
49
+ * Whether all objects should be automatically deleted when the bucket is removed from the stack or when the stack is deleted.
50
+ * Requires the removalPolicy to be set to RemovalPolicy.DESTROY. Default is false.
51
+ *
52
+ * @default false
53
+ */
54
+ readonly autoDeleteObjects?: boolean;
55
+ /**
56
+ * Whether this bucket should have versioning turned on or not. Default is false.
57
+ *
58
+ * @default false
59
+ */
60
+ readonly versioned?: boolean;
61
+ /**
62
+ * Whether this bucket should have transfer acceleration turned on or not. Default is false.
63
+ *
64
+ * @default false
65
+ */
66
+ readonly transferAcceleration?: boolean;
67
+ /**
68
+ * Optional bucket name. If not provided, a name will be generated.
69
+ */
70
+ readonly bucketName?: string;
71
+ /**
72
+ * The CORS configuration of this bucket.
73
+ *
74
+ * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-cors.html
75
+ *
76
+ * @default - No CORS configuration.
77
+ */
78
+ readonly cors?: CorsRule[];
79
+ /**
80
+ * Whether to enable EventBridge for this bucket. Default is false.
81
+ */
82
+ readonly eventBridgeEnabled?: boolean;
83
+ /**
84
+ * Set how CloudFront signs requests. Default is Signing.SIGV4_NO_OVERRIDE.
85
+ */
86
+ readonly signing?: Signing;
87
+ }
88
+ /**
89
+ * Creates a bucket for use with CloudFront using Origin Access Control (OAC).
90
+ */
91
+ export declare class CloudFrontBucketV2 extends ExtendedConstruct {
92
+ private deployCount;
93
+ readonly bucket: Bucket;
94
+ readonly bucketName: string;
95
+ readonly bucketArn: string;
96
+ readonly originAccessControlId: string;
97
+ private nextDeployCount;
98
+ constructor(scope: Construct, id: string, props?: CloudFrontBucketV2Props);
99
+ deploy(config: CloudFrontBucketV2DeploymentConfig | CloudFrontBucketV2DeploymentConfig[]): void;
100
+ /**
101
+ * Helper method to return a CloudFront Origin for this bucket.
102
+ */
103
+ toOrigin(): IOrigin;
104
+ /**
105
+ * Grant read permissions for this bucket and it's contents to an IAM
106
+ * principal (Role/Group/User).
107
+ *
108
+ * If encryption is used, permission to use the key to decrypt the contents
109
+ * of the bucket will also be granted to the same principal.
110
+ *
111
+ * @param identity The principal
112
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
113
+ */
114
+ grantRead(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
115
+ /**
116
+ * Grant write permissions to this bucket to an IAM principal.
117
+ *
118
+ * If encryption is used, permission to use the key to encrypt the contents
119
+ * of written files will also be granted to the same principal.
120
+ *
121
+ * Before CDK version 1.85.0, this method granted the `s3:PutObject*` permission that included `s3:PutObjectAcl`,
122
+ * which could be used to grant read/write object access to IAM principals in other accounts.
123
+ * If you want to get rid of that behavior, update your CDK version to 1.85.0 or later,
124
+ * and make sure the `@aws-cdk/aws-s3:grantWriteWithoutAcl` feature flag is set to `true`
125
+ * in the `context` key of your cdk.json file.
126
+ * If you've already updated, but still need the principal to have permissions to modify the ACLs,
127
+ * use the `grantPutAcl` method.
128
+ *
129
+ * @param identity The principal
130
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
131
+ * @param allowedActionPatterns Restrict the permissions to certain list of action patterns
132
+ */
133
+ grantWrite(identity: IGrantable, objectsKeyPattern?: unknown, allowedActionPatterns?: string[]): Grant;
134
+ /**
135
+ * Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.
136
+ *
137
+ * If encryption is used, permission to use the key to encrypt the contents
138
+ * of written files will also be granted to the same principal.
139
+ * @param identity The principal
140
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
141
+ */
142
+ grantPut(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
143
+ /**
144
+ * Grants s3:DeleteObject* permission to an IAM principal for objects
145
+ * in this bucket.
146
+ *
147
+ * @param identity The principal
148
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
149
+ */
150
+ grantDelete(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
151
+ /**
152
+ * Grants read/write permissions for this bucket and it's contents to an IAM
153
+ * principal (Role/Group/User).
154
+ *
155
+ * If an encryption key is used, permission to use the key for
156
+ * encrypt/decrypt will also be granted.
157
+ *
158
+ * Before CDK version 1.85.0, this method granted the `s3:PutObject*` permission that included `s3:PutObjectAcl`,
159
+ * which could be used to grant read/write object access to IAM principals in other accounts.
160
+ * If you want to get rid of that behavior, update your CDK version to 1.85.0 or later,
161
+ * and make sure the `@aws-cdk/aws-s3:grantWriteWithoutAcl` feature flag is set to `true`
162
+ * in the `context` key of your cdk.json file.
163
+ * If you've already updated, but still need the principal to have permissions to modify the ACLs,
164
+ * use the `grantPutAcl` method.
165
+ *
166
+ * @param identity The principal
167
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
168
+ */
169
+ grantReadWrite(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
170
+ /**
171
+ * Adds a statement to the resource policy for a principal (i.e.
172
+ * account/role/service) to perform actions on this bucket and/or its
173
+ * contents. Use `bucketArn` and `arnForObjects(keys)` to obtain ARNs for
174
+ * this bucket or objects.
175
+ *
176
+ * Note that the policy statement may or may not be added to the policy.
177
+ * For example, when an `IBucket` is created from an existing bucket,
178
+ * it's not possible to tell whether the bucket already has a policy
179
+ * attached, let alone to re-use that policy to add more statements to it.
180
+ * So it's safest to do nothing in these cases.
181
+ *
182
+ * @param permission the policy statement to be added to the bucket's
183
+ * policy.
184
+ * @returns metadata about the execution of this method. If the policy
185
+ * was not added, the value of `statementAdded` will be `false`. You
186
+ * should always check this value to make sure that the operation was
187
+ * actually carried out. Otherwise, synthesis and deploy will terminate
188
+ * silently, which may be confusing.
189
+ */
190
+ addToResourcePolicy(permission: iam.PolicyStatement): iam.AddToResourcePolicyResult;
191
+ }
package/aws-s3/lib/cloud-front-bucket-v2.js ADDED
@@ -0,0 +1,198 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.CloudFrontBucketV2 = void 0;
4
+ const aws_s3_1 = require("aws-cdk-lib/aws-s3");
5
+ const aws_cloudfront_1 = require("aws-cdk-lib/aws-cloudfront");
6
+ const aws_s3_deployment_1 = require("aws-cdk-lib/aws-s3-deployment");
7
+ const aws_cdk_lib_1 = require("aws-cdk-lib");
8
+ const aws_cdk_1 = require("../../aws-cdk");
9
+ const truemark_1 = require("../../truemark");
10
+ const aws_cloudfront_origins_1 = require("aws-cdk-lib/aws-cloudfront-origins");
11
+ const aws_iam_1 = require("aws-cdk-lib/aws-iam");
12
+ const iam = require("aws-cdk-lib/aws-iam");
13
+ /**
14
+ * Creates a bucket for use with CloudFront using Origin Access Control (OAC).
15
+ */
16
+ class CloudFrontBucketV2 extends aws_cdk_1.ExtendedConstruct {
17
+ nextDeployCount() {
18
+ const current = this.deployCount++;
19
+ return current === 0 ? '' : `${current}`;
20
+ }
21
+ constructor(scope, id, props) {
22
+ var _a, _b, _c, _d, _e, _f;
23
+ super(scope, id, {
24
+ standardTags: aws_cdk_1.StandardTags.merge(props === null || props === void 0 ? void 0 : props.standardTags, truemark_1.LibStandardTags),
25
+ });
26
+ this.deployCount = 0;
27
+ const removalPolicy = (_a = props === null || props === void 0 ? void 0 : props.removalPolicy) !== null && _a !== void 0 ? _a : aws_cdk_lib_1.RemovalPolicy.RETAIN;
28
+ const autoDeleteObjects = ((_b = props === null || props === void 0 ? void 0 : props.autoDeleteObjects) !== null && _b !== void 0 ? _b : false) &&
29
+ removalPolicy === aws_cdk_lib_1.RemovalPolicy.DESTROY;
30
+ this.bucket = new aws_s3_1.Bucket(this, 'Default', {
31
+ bucketName: props === null || props === void 0 ? void 0 : props.bucketName,
32
+ // Do not allow public access
33
+ blockPublicAccess: aws_s3_1.BlockPublicAccess.BLOCK_ALL,
34
+ // Disables ACLs on the bucket and we use policies to define access
35
+ objectOwnership: aws_s3_1.ObjectOwnership.BUCKET_OWNER_ENFORCED,
36
+ // CloudFront cannot use KMS with S3
37
+ encryption: aws_s3_1.BucketEncryption.S3_MANAGED,
38
+ removalPolicy,
39
+ autoDeleteObjects,
40
+ versioned: (_c = props === null || props === void 0 ? void 0 : props.versioned) !== null && _c !== void 0 ? _c : false,
41
+ transferAcceleration: (_d = props === null || props === void 0 ? void 0 : props.transferAcceleration) !== null && _d !== void 0 ? _d : false,
42
+ eventBridgeEnabled: (_e = props === null || props === void 0 ? void 0 : props.eventBridgeEnabled) !== null && _e !== void 0 ? _e : false,
43
+ cors: props === null || props === void 0 ? void 0 : props.cors,
44
+ });
45
+ this.bucketName = this.bucket.bucketName;
46
+ this.bucketArn = this.bucket.bucketArn;
47
+ // Grant read access to CloudFront distributions in this account
48
+ this.bucket.addToResourcePolicy(new aws_iam_1.PolicyStatement({
49
+ effect: aws_iam_1.Effect.ALLOW,
50
+ principals: [new iam.ServicePrincipal('cloudfront.amazonaws.com')],
51
+ actions: ['s3:GetObject'],
52
+ resources: [this.bucket.arnForObjects('*')],
53
+ conditions: {
54
+ ArnLike: {
55
+ 'aws:SourceArn': `arn:aws:cloudfront::${aws_cdk_lib_1.Stack.of(this).account}:distribution/*`,
56
+ },
57
+ },
58
+ }));
59
+ const oac = new aws_cloudfront_1.S3OriginAccessControl(this, 'AccessControl', {
60
+ signing: (_f = props === null || props === void 0 ? void 0 : props.signing) !== null && _f !== void 0 ? _f : aws_cloudfront_1.Signing.SIGV4_NO_OVERRIDE,
61
+ });
62
+ this.originAccessControlId = oac.originAccessControlId;
63
+ }
64
+ deploy(config) {
65
+ var _a, _b, _c;
66
+ const configs = Array.isArray(config) ? config : [config];
67
+ for (const c of configs) {
68
+ const sources = (Array.isArray(c.source) ? c.source : [c.source]).map(s => (typeof s === 'string' ? aws_s3_deployment_1.Source.asset(s) : s));
69
+ const exclude = c.exclude
70
+ ? Array.isArray(c.exclude)
71
+ ? c.exclude
72
+ : [c.exclude]
73
+ : [];
74
+ const cacheControl = (_a = c.cacheControl) !== null && _a !== void 0 ? _a : [
75
+ aws_s3_deployment_1.CacheControl.maxAge((_b = c.maxAge) !== null && _b !== void 0 ? _b : aws_cdk_lib_1.Duration.minutes(15)),
76
+ aws_s3_deployment_1.CacheControl.sMaxAge((_c = c.sMaxAge) !== null && _c !== void 0 ? _c : aws_cdk_lib_1.Duration.days(7)),
77
+ ];
78
+ const deploy = new aws_s3_deployment_1.BucketDeployment(this, `Deploy${this.nextDeployCount()}`, {
79
+ sources,
80
+ destinationBucket: this.bucket,
81
+ destinationKeyPrefix: c.prefix,
82
+ prune: c.prune,
83
+ cacheControl,
84
+ exclude,
85
+ });
86
+ deploy.node.addDependency(this.bucket);
87
+ }
88
+ }
89
+ /**
90
+ * Helper method to return a CloudFront Origin for this bucket.
91
+ */
92
+ toOrigin() {
93
+ return aws_cloudfront_origins_1.S3BucketOrigin.withOriginAccessControl(this.bucket, {
94
+ originAccessControlId: this.originAccessControlId,
95
+ });
96
+ }
97
+ /**
98
+ * Grant read permissions for this bucket and it's contents to an IAM
99
+ * principal (Role/Group/User).
100
+ *
101
+ * If encryption is used, permission to use the key to decrypt the contents
102
+ * of the bucket will also be granted to the same principal.
103
+ *
104
+ * @param identity The principal
105
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
106
+ */
107
+ grantRead(identity, objectsKeyPattern) {
108
+ return this.bucket.grantRead(identity, objectsKeyPattern);
109
+ }
110
+ /**
111
+ * Grant write permissions to this bucket to an IAM principal.
112
+ *
113
+ * If encryption is used, permission to use the key to encrypt the contents
114
+ * of written files will also be granted to the same principal.
115
+ *
116
+ * Before CDK version 1.85.0, this method granted the `s3:PutObject*` permission that included `s3:PutObjectAcl`,
117
+ * which could be used to grant read/write object access to IAM principals in other accounts.
118
+ * If you want to get rid of that behavior, update your CDK version to 1.85.0 or later,
119
+ * and make sure the `@aws-cdk/aws-s3:grantWriteWithoutAcl` feature flag is set to `true`
120
+ * in the `context` key of your cdk.json file.
121
+ * If you've already updated, but still need the principal to have permissions to modify the ACLs,
122
+ * use the `grantPutAcl` method.
123
+ *
124
+ * @param identity The principal
125
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
126
+ * @param allowedActionPatterns Restrict the permissions to certain list of action patterns
127
+ */
128
+ grantWrite(identity, objectsKeyPattern, allowedActionPatterns) {
129
+ return this.bucket.grantWrite(identity, objectsKeyPattern, allowedActionPatterns);
130
+ }
131
+ /**
132
+ * Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.
133
+ *
134
+ * If encryption is used, permission to use the key to encrypt the contents
135
+ * of written files will also be granted to the same principal.
136
+ * @param identity The principal
137
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
138
+ */
139
+ grantPut(identity, objectsKeyPattern) {
140
+ return this.bucket.grantPut(identity, objectsKeyPattern);
141
+ }
142
+ /**
143
+ * Grants s3:DeleteObject* permission to an IAM principal for objects
144
+ * in this bucket.
145
+ *
146
+ * @param identity The principal
147
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
148
+ */
149
+ grantDelete(identity, objectsKeyPattern) {
150
+ return this.bucket.grantDelete(identity, objectsKeyPattern);
151
+ }
152
+ /**
153
+ * Grants read/write permissions for this bucket and it's contents to an IAM
154
+ * principal (Role/Group/User).
155
+ *
156
+ * If an encryption key is used, permission to use the key for
157
+ * encrypt/decrypt will also be granted.
158
+ *
159
+ * Before CDK version 1.85.0, this method granted the `s3:PutObject*` permission that included `s3:PutObjectAcl`,
160
+ * which could be used to grant read/write object access to IAM principals in other accounts.
161
+ * If you want to get rid of that behavior, update your CDK version to 1.85.0 or later,
162
+ * and make sure the `@aws-cdk/aws-s3:grantWriteWithoutAcl` feature flag is set to `true`
163
+ * in the `context` key of your cdk.json file.
164
+ * If you've already updated, but still need the principal to have permissions to modify the ACLs,
165
+ * use the `grantPutAcl` method.
166
+ *
167
+ * @param identity The principal
168
+ * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
169
+ */
170
+ grantReadWrite(identity, objectsKeyPattern) {
171
+ return this.bucket.grantReadWrite(identity, objectsKeyPattern);
172
+ }
173
+ /**
174
+ * Adds a statement to the resource policy for a principal (i.e.
175
+ * account/role/service) to perform actions on this bucket and/or its
176
+ * contents. Use `bucketArn` and `arnForObjects(keys)` to obtain ARNs for
177
+ * this bucket or objects.
178
+ *
179
+ * Note that the policy statement may or may not be added to the policy.
180
+ * For example, when an `IBucket` is created from an existing bucket,
181
+ * it's not possible to tell whether the bucket already has a policy
182
+ * attached, let alone to re-use that policy to add more statements to it.
183
+ * So it's safest to do nothing in these cases.
184
+ *
185
+ * @param permission the policy statement to be added to the bucket's
186
+ * policy.
187
+ * @returns metadata about the execution of this method. If the policy
188
+ * was not added, the value of `statementAdded` will be `false`. You
189
+ * should always check this value to make sure that the operation was
190
+ * actually carried out. Otherwise, synthesis and deploy will terminate
191
+ * silently, which may be confusing.
192
+ */
193
+ addToResourcePolicy(permission) {
194
+ return this.bucket.addToResourcePolicy(permission);
195
+ }
196
+ }
197
+ exports.CloudFrontBucketV2 = CloudFrontBucketV2;
198
+ //# sourceMappingURL=cloud-front-bucket-v2.js.map
package/aws-s3/lib/cloud-front-bucket-v2.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cloud-front-bucket-v2.js","sourceRoot":"","sources":["cloud-front-bucket-v2.ts"],"names":[],"mappings":";;;AACA,+CAM4B;AAC5B,+DAIoC;AACpC,qEAKuC;AACvC,6CAA2D;AAC3D,2CAIuB;AACvB,6CAA+C;AAC/C,+EAAkE;AAClE,iDAA+E;AAC/E,2CAA2C;AAgG3C;;GAEG;AACH,MAAa,kBAAmB,SAAQ,2BAAiB;IAQ/C,eAAe;QACrB,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACnC,OAAO,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC;IAC3C,CAAC;IAED,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA+B;;QACvE,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE;YACf,YAAY,EAAE,sBAAY,CAAC,KAAK,CAAC,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,YAAY,EAAE,0BAAe,CAAC;SACvE,CAAC,CAAC;QAfG,gBAAW,GAAG,CAAC,CAAC;QAiBtB,MAAM,aAAa,GAAG,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,aAAa,mCAAI,2BAAa,CAAC,MAAM,CAAC;QACnE,MAAM,iBAAiB,GACrB,CAAC,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,iBAAiB,mCAAI,KAAK,CAAC;YACnC,aAAa,KAAK,2BAAa,CAAC,OAAO,CAAC;QAE1C,IAAI,CAAC,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,EAAE,SAAS,EAAE;YACxC,UAAU,EAAE,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU;YAE7B,6BAA6B;YAC7B,iBAAiB,EAAE,0BAAiB,CAAC,SAAS;YAE9C,mEAAmE;YACnE,eAAe,EAAE,wBAAe,CAAC,qBAAqB;YAEtD,oCAAoC;YACpC,UAAU,EAAE,yBAAgB,CAAC,UAAU;YAEvC,aAAa;YACb,iBAAiB;YACjB,SAAS,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,SAAS,mCAAI,KAAK;YACpC,oBAAoB,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,oBAAoB,mCAAI,KAAK;YAC1D,kBAAkB,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,kBAAkB,mCAAI,KAAK;YACtD,IAAI,EAAE,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC;QACzC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QAEvC,gEAAgE;QAChE,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAC7B,IAAI,yBAAe,CAAC;YAClB,MAAM,EAAE,gBAAM,CAAC,KAAK;YACpB,UAAU,EAAE,CAAC,IAAI,GAAG,CAAC,gBAAgB,CAAC,0BAA0B,CAAC,CAAC;YAClE,OAAO,EAAE,CAAC,cAAc,CAAC;YACzB,SAAS,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;YAC3C,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,eAAe,EAAE,uBAAuB,mBAAK,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,iBAAiB;iBAChF;aACF;SACF,CAAC,CACH,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,sCAAqB,CAAC,IAAI,EAAE,eAAe,EAAE;YAC3D,OAAO,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,mCAAI,wBAAO,CAAC,iBAAiB;SACrD,CAAC,CAAC;QACH,IAAI,CAAC,qBAAqB,GAAG,GAAG,CAAC,qBAAqB,CAAC;IACzD,CAAC;IAED,MAAM,CACJ,MAEwC;;QAExC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC1D,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CACnE,CAAC,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,0BAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACnD,CAAC;YAEF,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO;gBACvB,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;oBACxB,CAAC,CAAC,CAAC,CAAC,OAAO;oBACX,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;gBACf,CAAC,CAAC,EAAE,CAAC;YACP,MAAM,YAAY,GAAG,MAAA,CAAC,CAAC,YAAY,mCAAI;gBACrC,gCAAY,CAAC,MAAM,CAAC,MAAA,CAAC,CAAC,MAAM,mCAAI,sBAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACrD,gCAAY,CAAC,OAAO,CAAC,MAAA,CAAC,CAAC,OAAO,mCAAI,sBAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aACpD,CAAC;YACF,MAAM,MAAM,GAAG,IAAI,oCAAgB,CACjC,IAAI,EACJ,SAAS,IAAI,CAAC,eAAe,EAAE,EAAE,EACjC;gBACE,OAAO;gBACP,iBAAiB,EAAE,IAAI,CAAC,MAAM;gBAC9B,oBAAoB,EAAE,CAAC,CAAC,MAAM;gBAC9B,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,YAAY;gBACZ,OAAO;aACR,CACF,CAAC;YACF,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,uCAAc,CAAC,uBAAuB,CAAC,IAAI,CAAC,MAAM,EAAE;YACzD,qBAAqB,EAAE,IAAI,CAAC,qBAAqB;SAClD,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,CAAC,QAAoB,EAAE,iBAA2B;QACzD,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,UAAU,CACR,QAAoB,EACpB,iBAA2B,EAC3B,qBAAgC;QAEhC,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAC3B,QAAQ,EACR,iBAAiB,EACjB,qBAAqB,CACtB,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,QAAQ,CAAC,QAAoB,EAAE,iBAA2B;QACxD,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC3D,CAAC;IAED;;;;;;OAMG;IACH,WAAW,CAAC,QAAoB,EAAE,iBAA2B;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,cAAc,CAAC,QAAoB,EAAE,iBAA2B;QAC9D,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,mBAAmB,CACjB,UAA+B;QAE/B,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACrD,CAAC;CACF;AAjOD,gDAiOC"}
package/aws-s3/lib/cloud-front-bucket.d.ts CHANGED
@@ -7,7 +7,6 @@ import { ExtendedConstruct, ExtendedConstructProps } from '../../aws-cdk';
7
7
  import { S3Origin } from 'aws-cdk-lib/aws-cloudfront-origins';
8
8
  import { Grant, IGrantable } from 'aws-cdk-lib/aws-iam';
9
9
  import * as iam from 'aws-cdk-lib/aws-iam';
10
- export declare const OPEN_CORS_RULE: CorsRule;
11
10
  /**
12
11
  * Properties for CloudFrontBucket.
13
12
  */
@@ -51,6 +50,8 @@ export interface CloudFrontBucketProps extends ExtendedConstructProps {
51
50
  }
52
51
  /**
53
52
  * Simple Construct for creating buckets that will be accessed directly by CloudFront as an Origin.
53
+ *
54
+ * @deprecated use CloudFrontBucketV2
54
55
  */
55
56
  export declare class CloudFrontBucket extends ExtendedConstruct {
56
57
  private deployCount;
@@ -119,7 +120,7 @@ export declare class CloudFrontBucket extends ExtendedConstruct {
119
120
  * @param identity The principal
120
121
  * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
121
122
  */
122
- grantRead(identity: IGrantable, objectsKeyPattern?: any): Grant;
123
+ grantRead(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
123
124
  /**
124
125
  * Grant write permissions to this bucket to an IAM principal.
125
126
  *
@@ -138,7 +139,7 @@ export declare class CloudFrontBucket extends ExtendedConstruct {
138
139
  * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
139
140
  * @param allowedActionPatterns Restrict the permissions to certain list of action patterns
140
141
  */
141
- grantWrite(identity: IGrantable, objectsKeyPattern?: any, allowedActionPatterns?: string[]): Grant;
142
+ grantWrite(identity: IGrantable, objectsKeyPattern?: unknown, allowedActionPatterns?: string[]): Grant;
142
143
  /**
143
144
  * Grants s3:PutObject* and s3:Abort* permissions for this bucket to an IAM principal.
144
145
  *
@@ -147,7 +148,7 @@ export declare class CloudFrontBucket extends ExtendedConstruct {
147
148
  * @param identity The principal
148
149
  * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
149
150
  */
150
- grantPut(identity: IGrantable, objectsKeyPattern?: any): Grant;
151
+ grantPut(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
151
152
  /**
152
153
  * Grant the given IAM identity permissions to modify the ACLs of objects in the given Bucket.
153
154
  *
@@ -166,7 +167,7 @@ export declare class CloudFrontBucket extends ExtendedConstruct {
166
167
  * @param identity The principal
167
168
  * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
168
169
  */
169
- grantDelete(identity: IGrantable, objectsKeyPattern?: any): Grant;
170
+ grantDelete(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
170
171
  /**
171
172
  * Grants read/write permissions for this bucket and it's contents to an IAM
172
173
  * principal (Role/Group/User).
@@ -185,7 +186,7 @@ export declare class CloudFrontBucket extends ExtendedConstruct {
185
186
  * @param identity The principal
186
187
  * @param objectsKeyPattern Restrict the permission to a certain key pattern (default '*')
187
188
  */
188
- grantReadWrite(identity: IGrantable, objectsKeyPattern?: any): Grant;
189
+ grantReadWrite(identity: IGrantable, objectsKeyPattern?: unknown): Grant;
189
190
  /**
190
191
  * Adds a statement to the resource policy for a principal (i.e.
191
192
  * account/role/service) to perform actions on this bucket and/or its
package/aws-s3/lib/cloud-front-bucket.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.CloudFrontBucket = exports.OPEN_CORS_RULE = void 0;
3
+ exports.CloudFrontBucket = void 0;
4
4
  const aws_s3_1 = require("aws-cdk-lib/aws-s3");
5
5
  const aws_cloudfront_1 = require("aws-cdk-lib/aws-cloudfront");
6
6
  const aws_s3_deployment_1 = require("aws-cdk-lib/aws-s3-deployment");
@@ -8,21 +8,10 @@ const aws_cdk_lib_1 = require("aws-cdk-lib");
8
8
  const aws_cdk_1 = require("../../aws-cdk");
9
9
  const truemark_1 = require("../../truemark");
10
10
  const aws_cloudfront_origins_1 = require("aws-cdk-lib/aws-cloudfront-origins");
11
- exports.OPEN_CORS_RULE = {
12
- allowedMethods: [
13
- aws_s3_1.HttpMethods.GET,
14
- aws_s3_1.HttpMethods.HEAD,
15
- aws_s3_1.HttpMethods.DELETE,
16
- aws_s3_1.HttpMethods.PUT,
17
- aws_s3_1.HttpMethods.POST,
18
- ],
19
- allowedOrigins: ['*'],
20
- allowedHeaders: ['*'],
21
- exposedHeaders: ['ETag'],
22
- maxAge: 3000,
23
- };
24
11
  /**
25
12
  * Simple Construct for creating buckets that will be accessed directly by CloudFront as an Origin.
13
+ *
14
+ * @deprecated use CloudFrontBucketV2
26
15
  */
27
16
  class CloudFrontBucket extends aws_cdk_1.ExtendedConstruct {
28
17
  nextDeployCount() {
package/aws-s3/lib/cloud-front-bucket.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cloud-front-bucket.js","sourceRoot":"","sources":["cloud-front-bucket.ts"],"names":[],"mappings":";;;AAEA,+CAM4B;AAC5B,+DAAgE;AAChE,qEAKuC;AACvC,6CAAoD;AACpD,2CAIuB;AACvB,6CAA+C;AAC/C,+EAA4D;AAI/C,QAAA,cAAc,GAAa;IACtC,cAAc,EAAE;QACd,oBAAW,CAAC,GAAG;QACf,oBAAW,CAAC,IAAI;QAChB,oBAAW,CAAC,MAAM;QAClB,oBAAW,CAAC,GAAG;QACf,oBAAW,CAAC,IAAI;KACjB;IACD,cAAc,EAAE,CAAC,GAAG,CAAC;IACrB,cAAc,EAAE,CAAC,GAAG,CAAC;IACrB,cAAc,EAAE,CAAC,MAAM,CAAC;IACxB,MAAM,EAAE,IAAI;CACb,CAAC;AAiDF;;GAEG;AACH,MAAa,gBAAiB,SAAQ,2BAAiB;IAS7C,eAAe;QACrB,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACnC,OAAO,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC;IAC3C,CAAC;IAED,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA6B;;QACrE,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE;YACf,YAAY,EAAE,sBAAY,CAAC,KAAK,CAAC,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,YAAY,EAAE,0BAAe,CAAC;SACvE,CAAC,CAAC;QAhBG,gBAAW,GAAG,CAAC,CAAC;QAkBtB,MAAM,aAAa,GAAG,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,aAAa,mCAAI,2BAAa,CAAC,MAAM,CAAC;QACnE,MAAM,iBAAiB,GACrB,CAAC,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,iBAAiB,mCAAI,KAAK,CAAC;YACnC,aAAa,KAAK,2BAAa,CAAC,OAAO,CAAC;QAE1C,IAAI,CAAC,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,EAAE,SAAS,EAAE;YACxC,UAAU,EAAE,yBAAgB,CAAC,UAAU,EAAE,oCAAoC;YAC7E,iBAAiB,EAAE,0BAAiB,CAAC,SAAS;YAC9C,aAAa;YACb,iBAAiB;YACjB,SAAS,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,SAAS,mCAAI,KAAK;YACpC,oBAAoB,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,oBAAoB,mCAAI,KAAK;YAC1D,UAAU,EAAE,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU;YAC7B,IAAI,EAAE,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC;QACzC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QACvC,IAAI,CAAC,oBAAoB,GAAG,IAAI,qCAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE;YACnE,OAAO,EAAE,aAAa,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE;SAC/C,CAAC,CAAC;QACH,IAAI,CAAC,sBAAsB;YACzB,IAAI,CAAC,oBAAoB,CAAC,sBAAsB,CAAC;QACnD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACnD,CAAC;IAED;;;;;;;;;OASG;IACH,WAAW,CACT,KAAe,EACf,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,oCAAgB,CAAC,IAAI,EAAE,SAAS,IAAI,CAAC,eAAe,EAAE,EAAE,EAAE;YACnE,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,0BAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC9C,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,KAAK,EAAE,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,KAAK;YACrB,YAAY,EAAE;gBACZ,gCAAY,CAAC,SAAS,EAAE;gBACxB,gCAAY,CAAC,MAAM,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,sBAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACnD,gCAAY,CAAC,OAAO,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,sBAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aAClD;SACF,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,UAAU,CACR,IAAY,EACZ,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;;;;OASG;IACH,aAAa,CACX,OAAkB,EAClB,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,oCAAgB,CAAC,IAAI,EAAE,SAAS,IAAI,CAAC,eAAe,EAAE,EAAE,EAAE;YACnE,OAAO,EAAE,OAAO;YAChB,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,KAAK,EAAE,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,KAAK;YACrB,YAAY,EAAE;gBACZ,gCAAY,CAAC,SAAS,EAAE;gBACxB,gCAAY,CAAC,MAAM,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,sBAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACnD,gCAAY,CAAC,OAAO,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,sBAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aAClD;SACF,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,YAAY,CACV,MAAe,EACf,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,iCAAQ,CAAC,IAAI,CAAC,MAAM,EAAE;YAC/B,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;SAChD,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,CAAC,QAAoB,EAAE,iBAAuB;QACrD,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,UAAU,CACR,QAAoB,EACpB,iBAAuB,EACvB,qBAAgC;QAEhC,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAC3B,QAAQ,EACR,iBAAiB,EACjB,qBAAqB,CACtB,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,QAAQ,CAAC,QAAoB,EAAE,iBAAuB;QACpD,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC3D,CAAC;IAED;;;;;;;;;OASG;IACH,WAAW,CAAC,QAAoB,EAAE,iBAA0B;QAC1D,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;OAMG;IACH,WAAW,CAAC,QAAoB,EAAE,iBAAuB;QACvD,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,cAAc,CAAC,QAAoB,EAAE,iBAAuB;QAC1D,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,mBAAmB,CACjB,UAA+B;QAE/B,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACrD,CAAC;CACF;AAnRD,4CAmRC"}
1
+ {"version":3,"file":"cloud-front-bucket.js","sourceRoot":"","sources":["cloud-front-bucket.ts"],"names":[],"mappings":";;;AACA,+CAK4B;AAC5B,+DAAgE;AAChE,qEAKuC;AACvC,6CAAoD;AACpD,2CAIuB;AACvB,6CAA+C;AAC/C,+EAA4D;AAmD5D;;;;GAIG;AACH,MAAa,gBAAiB,SAAQ,2BAAiB;IAS7C,eAAe;QACrB,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACnC,OAAO,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC;IAC3C,CAAC;IAED,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA6B;;QACrE,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE;YACf,YAAY,EAAE,sBAAY,CAAC,KAAK,CAAC,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,YAAY,EAAE,0BAAe,CAAC;SACvE,CAAC,CAAC;QAhBG,gBAAW,GAAG,CAAC,CAAC;QAkBtB,MAAM,aAAa,GAAG,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,aAAa,mCAAI,2BAAa,CAAC,MAAM,CAAC;QACnE,MAAM,iBAAiB,GACrB,CAAC,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,iBAAiB,mCAAI,KAAK,CAAC;YACnC,aAAa,KAAK,2BAAa,CAAC,OAAO,CAAC;QAE1C,IAAI,CAAC,MAAM,GAAG,IAAI,eAAM,CAAC,IAAI,EAAE,SAAS,EAAE;YACxC,UAAU,EAAE,yBAAgB,CAAC,UAAU,EAAE,oCAAoC;YAC7E,iBAAiB,EAAE,0BAAiB,CAAC,SAAS;YAC9C,aAAa;YACb,iBAAiB;YACjB,SAAS,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,SAAS,mCAAI,KAAK;YACpC,oBAAoB,EAAE,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,oBAAoB,mCAAI,KAAK;YAC1D,UAAU,EAAE,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,UAAU;YAC7B,IAAI,EAAE,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC;QACzC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;QACvC,IAAI,CAAC,oBAAoB,GAAG,IAAI,qCAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE;YACnE,OAAO,EAAE,aAAa,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE;SAC/C,CAAC,CAAC;QACH,IAAI,CAAC,sBAAsB;YACzB,IAAI,CAAC,oBAAoB,CAAC,sBAAsB,CAAC;QACnD,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACnD,CAAC;IAED;;;;;;;;;OASG;IACH,WAAW,CACT,KAAe,EACf,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,oCAAgB,CAAC,IAAI,EAAE,SAAS,IAAI,CAAC,eAAe,EAAE,EAAE,EAAE;YACnE,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,0BAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC9C,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,KAAK,EAAE,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,KAAK;YACrB,YAAY,EAAE;gBACZ,gCAAY,CAAC,SAAS,EAAE;gBACxB,gCAAY,CAAC,MAAM,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,sBAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACnD,gCAAY,CAAC,OAAO,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,sBAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aAClD;SACF,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,UAAU,CACR,IAAY,EACZ,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;;;;;OASG;IACH,aAAa,CACX,OAAkB,EAClB,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,oCAAgB,CAAC,IAAI,EAAE,SAAS,IAAI,CAAC,eAAe,EAAE,EAAE,EAAE;YACnE,OAAO,EAAE,OAAO;YAChB,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,KAAK,EAAE,KAAK,aAAL,KAAK,cAAL,KAAK,GAAI,KAAK;YACrB,YAAY,EAAE;gBACZ,gCAAY,CAAC,SAAS,EAAE;gBACxB,gCAAY,CAAC,MAAM,CAAC,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,sBAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACnD,gCAAY,CAAC,OAAO,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,sBAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;aAClD;SACF,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,YAAY,CACV,MAAe,EACf,MAAiB,EACjB,OAAkB,EAClB,KAAe;QAEf,OAAO,IAAI,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,iCAAQ,CAAC,IAAI,CAAC,MAAM,EAAE;YAC/B,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;SAChD,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;OASG;IACH,SAAS,CAAC,QAAoB,EAAE,iBAA2B;QACzD,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC5D,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,UAAU,CACR,QAAoB,EACpB,iBAA2B,EAC3B,qBAAgC;QAEhC,OAAO,IAAI,CAAC,MAAM,CAAC,UAAU,CAC3B,QAAQ,EACR,iBAAiB,EACjB,qBAAqB,CACtB,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACH,QAAQ,CAAC,QAAoB,EAAE,iBAA2B;QACxD,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC3D,CAAC;IAED;;;;;;;;;OASG;IACH,WAAW,CAAC,QAAoB,EAAE,iBAA0B;QAC1D,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;OAMG;IACH,WAAW,CAAC,QAAoB,EAAE,iBAA2B;QAC3D,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IAC9D,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,cAAc,CAAC,QAAoB,EAAE,iBAA2B;QAC9D,OAAO,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACH,mBAAmB,CACjB,UAA+B;QAE/B,OAAO,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;IACrD,CAAC;CACF;AAnRD,4CAmRC"}
package/aws-s3/lib/cors.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { CorsRule } from 'aws-cdk-lib/aws-s3';
2
+ export declare const OPEN_CORS_RULE: CorsRule;
package/aws-s3/lib/cors.js ADDED
@@ -0,0 +1,18 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.OPEN_CORS_RULE = void 0;
4
+ const aws_s3_1 = require("aws-cdk-lib/aws-s3");
5
+ exports.OPEN_CORS_RULE = {
6
+ allowedMethods: [
7
+ aws_s3_1.HttpMethods.GET,
8
+ aws_s3_1.HttpMethods.HEAD,
9
+ aws_s3_1.HttpMethods.DELETE,
10
+ aws_s3_1.HttpMethods.PUT,
11
+ aws_s3_1.HttpMethods.POST,
12
+ ],
13
+ allowedOrigins: ['*'],
14
+ allowedHeaders: ['*'],
15
+ exposedHeaders: ['ETag'],
16
+ maxAge: 3000,
17
+ };
18
+ //# sourceMappingURL=cors.js.map
package/aws-s3/lib/cors.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cors.js","sourceRoot":"","sources":["cors.ts"],"names":[],"mappings":";;;AAAA,+CAAyD;AAE5C,QAAA,cAAc,GAAa;IACtC,cAAc,EAAE;QACd,oBAAW,CAAC,GAAG;QACf,oBAAW,CAAC,IAAI;QAChB,oBAAW,CAAC,MAAM;QAClB,oBAAW,CAAC,GAAG;QACf,oBAAW,CAAC,IAAI;KACjB;IACD,cAAc,EAAE,CAAC,GAAG,CAAC;IACrB,cAAc,EAAE,CAAC,GAAG,CAAC;IACrB,cAAc,EAAE,CAAC,MAAM,CAAC;IACxB,MAAM,EAAE,IAAI;CACb,CAAC"}
package/aws-s3/lib/index.d.ts CHANGED
@@ -1,3 +1,5 @@
1
1
  export * from './cloud-front-bucket';
2
+ export * from './cloud-front-bucket-v2';
3
+ export * from './cors';
2
4
  export * from './replication-role';
3
5
  export * from './website-bucket';
package/aws-s3/lib/index.js CHANGED
@@ -15,6 +15,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
15
15
  };
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
17
  __exportStar(require("./cloud-front-bucket"), exports);
18
+ __exportStar(require("./cloud-front-bucket-v2"), exports);
19
+ __exportStar(require("./cors"), exports);
18
20
  __exportStar(require("./replication-role"), exports);
19
21
  __exportStar(require("./website-bucket"), exports);
20
22
  //# sourceMappingURL=index.js.map
package/aws-s3/lib/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,uDAAqC;AACrC,qDAAmC;AACnC,mDAAiC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,uDAAqC;AACrC,0DAAwC;AACxC,yCAAuB;AACvB,qDAAmC;AACnC,mDAAiC"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "truemark-cdk-lib",
3
3
  "description": "AWS CDK constructs created by TrueMark",
4
- "version": "1.15.0",
4
+ "version": "1.15.1",
5
5
  "main": "index.js",
6
6
  "types": "index.d.ts",
7
7
  "author": "TrueMark Technologies, Inc.",