@pepperize/cdk-ses-smtp-credentials
Version:
Generate SES smtp credentials for a given user and store the credentials in a SecretsManager Secret.
65 lines • 8.35 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.handler = handler;
const AWS = require("aws-sdk");
const calculate_ses_smtp_password_1 = require("./calculate-ses-smtp-password");
const credentials_1 = require("./credentials");
/**
* The onEvent handler is invoked whenever a resource lifecycle event for a credentials custom-resource occurs
*
* @see https://docs.aws.amazon.com/cdk/api/v1/docs/custom-resources-readme.html#handling-lifecycle-events-onevent
*/
async function handler(event) {
const requestType = event.RequestType;
console.log(`Request of type ${requestType} received`);
if (requestType == "Create") {
// Create access key
const username = event.ResourceProperties.UserName;
const secretId = event.ResourceProperties.SecretId;
const userNameSecretKey = event.ResourceProperties.UserNameSecretKey;
const passwordSecretKey = event.ResourceProperties.PasswordSecretKey;
const region = process.env.AWS_DEFAULT_REGION;
const iam = new AWS.IAM();
const secretsManager = new AWS.SecretsManager();
const accessKey = await iam
.createAccessKey({
UserName: username,
})
.promise();
const accessKeyId = accessKey.AccessKey.AccessKeyId;
const secretAccessKey = accessKey.AccessKey.SecretAccessKey;
// Create ses smtp credentials
const smtpPassword = (0, calculate_ses_smtp_password_1.calculateSesSmtpPassword)(secretAccessKey, region);
// TODO: Update in SecretsManager
await secretsManager
.putSecretValue({
SecretId: secretId,
SecretString: JSON.stringify({
[userNameSecretKey || credentials_1.Credentials.USERNAME]: accessKeyId,
[passwordSecretKey || credentials_1.Credentials.PASSWORD]: smtpPassword,
}),
})
.promise();
return {
...event,
PhysicalResourceId: accessKeyId,
Data: {
...event.ResourceProperties,
AccessKeyId: accessKeyId,
},
};
}
if (requestType == "Update") {
console.log("Access key has already been provisioned, no operation to be performed");
}
if (requestType == "Delete") {
console.log("No operation required, deletion of this resource is assumed to occur in conjunction with deletion of an IAM User and a SecretsManager Secret");
}
return {
...event,
Data: {
...event.ResourceProperties,
},
};
}
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY3JlZGVudGlhbHMtaGFuZGxlci5sYW1iZGEuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcHJvdmlkZXIvY3JlZGVudGlhbHMtaGFuZGxlci5sYW1iZGEudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFVQSwwQkE4REM7QUF2RUQsK0JBQStCO0FBQy9CLCtFQUF5RTtBQUN6RSwrQ0FBNEM7QUFFNUM7Ozs7R0FJRztBQUNJLEtBQUssVUFBVSxPQUFPLENBQUMsS0FBcUI7SUFDakQsTUFBTSxXQUFXLEdBQUcsS0FBSyxDQUFDLFdBQVcsQ0FBQztJQUN0QyxPQUFPLENBQUMsR0FBRyxDQUFDLG1CQUFtQixXQUFXLFdBQVcsQ0FBQyxDQUFDO0lBRXZELElBQUksV0FBVyxJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQzVCLG9CQUFvQjtRQUNwQixNQUFNLFFBQVEsR0FBRyxLQUFLLENBQUMsa0JBQWtCLENBQUMsUUFBUSxDQUFDO1FBQ25ELE1BQU0sUUFBUSxHQUFHLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLENBQUM7UUFDbkQsTUFBTSxpQkFBaUIsR0FBRyxLQUFLLENBQUMsa0JBQWtCLENBQUMsaUJBQWlCLENBQUM7UUFDckUsTUFBTSxpQkFBaUIsR0FBRyxLQUFLLENBQUMsa0JBQWtCLENBQUMsaUJBQWlCLENBQUM7UUFDckUsTUFBTSxNQUFNLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxrQkFBNEIsQ0FBQztRQUN4RCxNQUFNLEdBQUcsR0FBRyxJQUFJLEdBQUcsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUMxQixNQUFNLGNBQWMsR0FBRyxJQUFJLEdBQUcsQ0FBQyxjQUFjLEVBQUUsQ0FBQztRQUVoRCxNQUFNLFNBQVMsR0FBRyxNQUFNLEdBQUc7YUFDeEIsZUFBZSxDQUFDO1lBQ2YsUUFBUSxFQUFFLFFBQVE7U0FDbkIsQ0FBQzthQUNELE9BQU8sRUFBRSxDQUFDO1FBQ2IsTUFBTSxXQUFXLEdBQUcsU0FBUyxDQUFDLFNBQVMsQ0FBQyxXQUFXLENBQUM7UUFDcEQsTUFBTSxlQUFlLEdBQUcsU0FBUyxDQUFDLFNBQVMsQ0FBQyxlQUFlLENBQUM7UUFFNUQsOEJBQThCO1FBQzlCLE1BQU0sWUFBWSxHQUFHLElBQUEsc0RBQXdCLEVBQUMsZUFBZSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1FBRXZFLGlDQUFpQztRQUNqQyxNQUFNLGNBQWM7YUFDakIsY0FBYyxDQUFDO1lBQ2QsUUFBUSxFQUFFLFFBQVE7WUFDbEIsWUFBWSxFQUFFLElBQUksQ0FBQyxTQUFTLENBQUM7Z0JBQzNCLENBQUMsaUJBQWlCLElBQUkseUJBQVcsQ0FBQyxRQUFRLENBQUMsRUFBRSxXQUFXO2dCQUN4RCxDQUFDLGlCQUFpQixJQUFJLHlCQUFXLENBQUMsUUFBUSxDQUFDLEVBQUUsWUFBWTthQUMxRCxDQUFDO1NBQ0gsQ0FBQzthQUNELE9BQU8sRUFBRSxDQUFDO1FBRWIsT0FBTztZQUNMLEdBQUcsS0FBSztZQUNSLGtCQUFrQixFQUFFLFdBQVc7WUFDL0IsSUFBSSxFQUFFO2dCQUNKLEdBQUcsS0FBSyxDQUFDLGtCQUFrQjtnQkFDM0IsV0FBVyxFQUFFLFdBQVc7YUFDekI7U0FDRixDQUFDO0lBQ0osQ0FBQztJQUVELElBQUksV0FBVyxJQUFJLFFBQVEsRUFBRSxDQUFDO1FBQzVCLE9BQU8sQ0FBQyxHQUFHLENBQUMsdUVBQXVFLENBQUMsQ0FBQztJQUN2RixDQUFDO0lBRUQsSUFBSSxXQUFXLElBQUksUUFBUSxFQUFFLENBQUM7UUFDNUIsT0FBTyxDQUFDLEdBQUcsQ0FDVCw4SUFBOEksQ0FDL0ksQ0FBQztJQUNKLENBQUM7SUFFRCxPQUFPO1FBQ0wsR0FBRyxLQUFLO1FBQ1IsSUFBSSxFQUFFO1lBQ0osR0FBRyxLQUFLLENBQUMsa0JBQWtCO1NBQzVCO0tBQ0YsQ0FBQztBQUNKLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBDZGtDdXN0b21SZXNvdXJjZUV2ZW50IGFzIE9uRXZlbnRSZXF1ZXN0LCBDZGtDdXN0b21SZXNvdXJjZVJlc3BvbnNlIGFzIE9uRXZlbnRSZXNwb25zZSB9IGZyb20gXCJhd3MtbGFtYmRhXCI7XG5pbXBvcnQgKiBhcyBBV1MgZnJvbSBcImF3cy1zZGtcIjtcbmltcG9ydCB7IGNhbGN1bGF0ZVNlc1NtdHBQYXNzd29yZCB9IGZyb20gXCIuL2NhbGN1bGF0ZS1zZXMtc210cC1wYXNzd29yZFwiO1xuaW1wb3J0IHsgQ3JlZGVudGlhbHMgfSBmcm9tIFwiLi9jcmVkZW50aWFsc1wiO1xuXG4vKipcbiAqIFRoZSBvbkV2ZW50IGhhbmRsZXIgaXMgaW52b2tlZCB3aGVuZXZlciBhIHJlc291cmNlIGxpZmVjeWNsZSBldmVudCBmb3IgYSBjcmVkZW50aWFscyBjdXN0b20tcmVzb3VyY2Ugb2NjdXJzXG4gKlxuICogQHNlZSBodHRwczovL2RvY3MuYXdzLmFtYXpvbi5jb20vY2RrL2FwaS92MS9kb2NzL2N1c3RvbS1yZXNvdXJjZXMtcmVhZG1lLmh0bWwjaGFuZGxpbmctbGlmZWN5Y2xlLWV2ZW50cy1vbmV2ZW50XG4gKi9cbmV4cG9ydCBhc3luYyBmdW5jdGlvbiBoYW5kbGVyKGV2ZW50OiBPbkV2ZW50UmVxdWVzdCk6IFByb21pc2U8T25FdmVudFJlc3BvbnNlIHwgdW5kZWZpbmVkPiB7XG4gIGNvbnN0IHJlcXVlc3RUeXBlID0gZXZlbnQuUmVxdWVzdFR5cGU7XG4gIGNvbnNvbGUubG9nKGBSZXF1ZXN0IG9mIHR5cGUgJHtyZXF1ZXN0VHlwZX0gcmVjZWl2ZWRgKTtcblxuICBpZiAocmVxdWVzdFR5cGUgPT0gXCJDcmVhdGVcIikge1xuICAgIC8vIENyZWF0ZSBhY2Nlc3Mga2V5XG4gICAgY29uc3QgdXNlcm5hbWUgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXNlck5hbWU7XG4gICAgY29uc3Qgc2VjcmV0SWQgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuU2VjcmV0SWQ7XG4gICAgY29uc3QgdXNlck5hbWVTZWNyZXRLZXkgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuVXNlck5hbWVTZWNyZXRLZXk7XG4gICAgY29uc3QgcGFzc3dvcmRTZWNyZXRLZXkgPSBldmVudC5SZXNvdXJjZVByb3BlcnRpZXMuUGFzc3dvcmRTZWNyZXRLZXk7XG4gICAgY29uc3QgcmVnaW9uID0gcHJvY2Vzcy5lbnYuQVdTX0RFRkFVTFRfUkVHSU9OIGFzIHN0cmluZztcbiAgICBjb25zdCBpYW0gPSBuZXcgQVdTLklBTSgpO1xuICAgIGNvbnN0IHNlY3JldHNNYW5hZ2VyID0gbmV3IEFXUy5TZWNyZXRzTWFuYWdlcigpO1xuXG4gICAgY29uc3QgYWNjZXNzS2V5ID0gYXdhaXQgaWFtXG4gICAgICAuY3JlYXRlQWNjZXNzS2V5KHtcbiAgICAgICAgVXNlck5hbWU6IHVzZXJuYW1lLFxuICAgICAgfSlcbiAgICAgIC5wcm9taXNlKCk7XG4gICAgY29uc3QgYWNjZXNzS2V5SWQgPSBhY2Nlc3NLZXkuQWNjZXNzS2V5LkFjY2Vzc0tleUlkO1xuICAgIGNvbnN0IHNlY3JldEFjY2Vzc0tleSA9IGFjY2Vzc0tleS5BY2Nlc3NLZXkuU2VjcmV0QWNjZXNzS2V5O1xuXG4gICAgLy8gQ3JlYXRlIHNlcyBzbXRwIGNyZWRlbnRpYWxzXG4gICAgY29uc3Qgc210cFBhc3N3b3JkID0gY2FsY3VsYXRlU2VzU210cFBhc3N3b3JkKHNlY3JldEFjY2Vzc0tleSwgcmVnaW9uKTtcblxuICAgIC8vIFRPRE86IFVwZGF0ZSBpbiBTZWNyZXRzTWFuYWdlclxuICAgIGF3YWl0IHNlY3JldHNNYW5hZ2VyXG4gICAgICAucHV0U2VjcmV0VmFsdWUoe1xuICAgICAgICBTZWNyZXRJZDogc2VjcmV0SWQsXG4gICAgICAgIFNlY3JldFN0cmluZzogSlNPTi5zdHJpbmdpZnkoe1xuICAgICAgICAgIFt1c2VyTmFtZVNlY3JldEtleSB8fCBDcmVkZW50aWFscy5VU0VSTkFNRV06IGFjY2Vzc0tleUlkLFxuICAgICAgICAgIFtwYXNzd29yZFNlY3JldEtleSB8fCBDcmVkZW50aWFscy5QQVNTV09SRF06IHNtdHBQYXNzd29yZCxcbiAgICAgICAgfSksXG4gICAgICB9KVxuICAgICAgLnByb21pc2UoKTtcblxuICAgIHJldHVybiB7XG4gICAgICAuLi5ldmVudCxcbiAgICAgIFBoeXNpY2FsUmVzb3VyY2VJZDogYWNjZXNzS2V5SWQsXG4gICAgICBEYXRhOiB7XG4gICAgICAgIC4uLmV2ZW50LlJlc291cmNlUHJvcGVydGllcyxcbiAgICAgICAgQWNjZXNzS2V5SWQ6IGFjY2Vzc0tleUlkLFxuICAgICAgfSxcbiAgICB9O1xuICB9XG5cbiAgaWYgKHJlcXVlc3RUeXBlID09IFwiVXBkYXRlXCIpIHtcbiAgICBjb25zb2xlLmxvZyhcIkFjY2VzcyBrZXkgaGFzIGFscmVhZHkgYmVlbiBwcm92aXNpb25lZCwgbm8gb3BlcmF0aW9uIHRvIGJlIHBlcmZvcm1lZFwiKTtcbiAgfVxuXG4gIGlmIChyZXF1ZXN0VHlwZSA9PSBcIkRlbGV0ZVwiKSB7XG4gICAgY29uc29sZS5sb2coXG4gICAgICBcIk5vIG9wZXJhdGlvbiByZXF1aXJlZCwgZGVsZXRpb24gb2YgdGhpcyByZXNvdXJjZSBpcyBhc3N1bWVkIHRvIG9jY3VyIGluIGNvbmp1bmN0aW9uIHdpdGggZGVsZXRpb24gb2YgYW4gSUFNIFVzZXIgYW5kIGEgU2VjcmV0c01hbmFnZXIgU2VjcmV0XCIsXG4gICAgKTtcbiAgfVxuXG4gIHJldHVybiB7XG4gICAgLi4uZXZlbnQsXG4gICAgRGF0YToge1xuICAgICAgLi4uZXZlbnQuUmVzb3VyY2VQcm9wZXJ0aWVzLFxuICAgIH0sXG4gIH07XG59XG4iXX0=