UNPKG

@softchef/cdk-iot-device-management

Version:

IoT device management is composed of things, thing types, thing groups, jobs, files API services. The constructs can be used independently, that are based on full-managed service to create an API Gateway & Lambda function.

github.com/SoftChef/cdk-iot-device-management

SoftChef/cdk-iot-device-management

129 lines (128 loc) 7.22 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.bucketHostname = void 0; const bucketHostnameUtils_1 = require("./bucketHostnameUtils"); const bucketHostname = (options) => { bucketHostnameUtils_1.validateCustomEndpoint(options); return bucketHostnameUtils_1.isBucketNameOptions(options) ? getEndpointFromBucketName(options) : getEndpointFromArn(options); }; exports.bucketHostname = bucketHostname; const getEndpointFromBucketName = ({ accelerateEndpoint = false, clientRegion: region, baseHostname, bucketName, dualstackEndpoint = false, fipsEndpoint = false, pathStyleEndpoint = false, tlsCompatible = true, isCustomEndpoint = false, }) => { const [clientRegion, hostnameSuffix] = isCustomEndpoint ? [region, baseHostname] : bucketHostnameUtils_1.getSuffix(baseHostname); if (pathStyleEndpoint || !bucketHostnameUtils_1.isDnsCompatibleBucketName(bucketName) || (tlsCompatible && bucketHostnameUtils_1.DOT_PATTERN.test(bucketName))) { return { bucketEndpoint: false, hostname: dualstackEndpoint ? `s3.dualstack.${clientRegion}.${hostnameSuffix}` : baseHostname, }; } if (accelerateEndpoint) { baseHostname = `s3-accelerate${dualstackEndpoint ? ".dualstack" : ""}.${hostnameSuffix}`; } else if (dualstackEndpoint) { baseHostname = `s3.dualstack.${clientRegion}.${hostnameSuffix}`; } return { bucketEndpoint: true, hostname: `${bucketName}.${baseHostname}`, }; }; const getEndpointFromArn = (options) => { const { isCustomEndpoint, baseHostname, clientRegion } = options; const hostnameSuffix = isCustomEndpoint ? baseHostname : bucketHostnameUtils_1.getSuffixForArnEndpoint(baseHostname)[1]; const { pathStyleEndpoint, accelerateEndpoint = false, fipsEndpoint = false, tlsCompatible = true, bucketName, clientPartition = "aws", } = options; bucketHostnameUtils_1.validateArnEndpointOptions({ pathStyleEndpoint, accelerateEndpoint, tlsCompatible }); const { service, partition, accountId, region, resource } = bucketName; bucketHostnameUtils_1.validateService(service); bucketHostnameUtils_1.validatePartition(partition, { clientPartition }); bucketHostnameUtils_1.validateAccountId(accountId); const { accesspointName, outpostId } = bucketHostnameUtils_1.getArnResources(resource); if (service === "s3-object-lambda") { return getEndpointFromObjectLambdaArn({ ...options, tlsCompatible, bucketName, accesspointName, hostnameSuffix }); } if (region === "") { return getEndpointFromMRAPArn({ ...options, clientRegion, mrapAlias: accesspointName, hostnameSuffix }); } if (outpostId) { return getEndpointFromOutpostArn({ ...options, clientRegion, outpostId, accesspointName, hostnameSuffix }); } return getEndpointFromAccessPointArn({ ...options, clientRegion, accesspointName, hostnameSuffix }); }; const getEndpointFromObjectLambdaArn = ({ dualstackEndpoint = false, fipsEndpoint = false, tlsCompatible = true, useArnRegion, clientRegion, clientSigningRegion = clientRegion, accesspointName, bucketName, hostnameSuffix, }) => { const { accountId, region, service } = bucketName; bucketHostnameUtils_1.validateRegionalClient(clientRegion); bucketHostnameUtils_1.validateRegion(region, { useArnRegion, clientRegion, clientSigningRegion, allowFipsRegion: true, useFipsEndpoint: fipsEndpoint, }); bucketHostnameUtils_1.validateNoDualstack(dualstackEndpoint); const DNSHostLabel = `${accesspointName}-${accountId}`; bucketHostnameUtils_1.validateDNSHostLabel(DNSHostLabel, { tlsCompatible }); const endpointRegion = useArnRegion ? region : clientRegion; const signingRegion = useArnRegion ? region : clientSigningRegion; return { bucketEndpoint: true, hostname: `${DNSHostLabel}.${service}${fipsEndpoint ? "-fips" : ""}.${endpointRegion}.${hostnameSuffix}`, signingRegion, signingService: service, }; }; const getEndpointFromMRAPArn = ({ disableMultiregionAccessPoints, dualstackEndpoint = false, isCustomEndpoint, mrapAlias, hostnameSuffix, }) => { if (disableMultiregionAccessPoints === true) { throw new Error("SDK is attempting to use a MRAP ARN. Please enable to feature."); } bucketHostnameUtils_1.validateMrapAlias(mrapAlias); bucketHostnameUtils_1.validateNoDualstack(dualstackEndpoint); return { bucketEndpoint: true, hostname: `${mrapAlias}${isCustomEndpoint ? "" : `.accesspoint.s3-global`}.${hostnameSuffix}`, signingRegion: "*", }; }; const getEndpointFromOutpostArn = ({ useArnRegion, clientRegion, clientSigningRegion = clientRegion, bucketName, outpostId, dualstackEndpoint = false, fipsEndpoint = false, tlsCompatible = true, accesspointName, isCustomEndpoint, hostnameSuffix, }) => { bucketHostnameUtils_1.validateRegionalClient(clientRegion); bucketHostnameUtils_1.validateRegion(bucketName.region, { useArnRegion, clientRegion, clientSigningRegion, useFipsEndpoint: fipsEndpoint }); const DNSHostLabel = `${accesspointName}-${bucketName.accountId}`; bucketHostnameUtils_1.validateDNSHostLabel(DNSHostLabel, { tlsCompatible }); const endpointRegion = useArnRegion ? bucketName.region : clientRegion; const signingRegion = useArnRegion ? bucketName.region : clientSigningRegion; bucketHostnameUtils_1.validateOutpostService(bucketName.service); bucketHostnameUtils_1.validateDNSHostLabel(outpostId, { tlsCompatible }); bucketHostnameUtils_1.validateNoDualstack(dualstackEndpoint); bucketHostnameUtils_1.validateNoFIPS(fipsEndpoint); const hostnamePrefix = `${DNSHostLabel}.${outpostId}`; return { bucketEndpoint: true, hostname: `${hostnamePrefix}${isCustomEndpoint ? "" : `.s3-outposts.${endpointRegion}`}.${hostnameSuffix}`, signingRegion, signingService: "s3-outposts", }; }; const getEndpointFromAccessPointArn = ({ useArnRegion, clientRegion, clientSigningRegion = clientRegion, bucketName, dualstackEndpoint = false, fipsEndpoint = false, tlsCompatible = true, accesspointName, isCustomEndpoint, hostnameSuffix, }) => { bucketHostnameUtils_1.validateRegionalClient(clientRegion); bucketHostnameUtils_1.validateRegion(bucketName.region, { useArnRegion, clientRegion, clientSigningRegion, allowFipsRegion: true, useFipsEndpoint: fipsEndpoint, }); const hostnamePrefix = `${accesspointName}-${bucketName.accountId}`; bucketHostnameUtils_1.validateDNSHostLabel(hostnamePrefix, { tlsCompatible }); const endpointRegion = useArnRegion ? bucketName.region : clientRegion; const signingRegion = useArnRegion ? bucketName.region : clientSigningRegion; bucketHostnameUtils_1.validateS3Service(bucketName.service); return { bucketEndpoint: true, hostname: `${hostnamePrefix}${isCustomEndpoint ? "" : `.s3-accesspoint${fipsEndpoint ? "-fips" : ""}${dualstackEndpoint ? ".dualstack" : ""}.${endpointRegion}`}.${hostnameSuffix}`, signingRegion, }; };