UNPKG

@taimos/cdk-controltower

Version:

[![npm version](https://badge.fury.io/js/@taimos%2Fcdk-controltower.svg)](https://badge.fury.io/js/@taimos%2Fcdk-controltower)

github.com/taimos/cdk-controltower

taimos/cdk-controltower

100 lines 10.6 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
"use strict"; var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) { if (k2 === undefined) k2 = k; var desc = Object.getOwnPropertyDescriptor(m, k); if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) { desc = { enumerable: true, get: function() { return m[k]; } }; } Object.defineProperty(o, k2, desc); }) : (function(o, m, k, k2) { if (k2 === undefined) k2 = k; o[k2] = m[k]; })); var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) { Object.defineProperty(o, "default", { enumerable: true, value: v }); }) : function(o, v) { o["default"] = v; }); var __importStar = (this && this.__importStar) || (function () { var ownKeys = function(o) { ownKeys = Object.getOwnPropertyNames || function (o) { var ar = []; for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k; return ar; }; return ownKeys(o); }; return function (mod) { if (mod && mod.__esModule) return mod; var result = {}; if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]); __setModuleDefault(result, mod); return result; }; })(); Object.defineProperty(exports, "__esModule", { value: true }); exports.ControlTowerPipeline = void 0; const aws_cdk_lib_1 = require("aws-cdk-lib"); const aws_codecommit_1 = require("aws-cdk-lib/aws-codecommit"); const pipelines = __importStar(require("aws-cdk-lib/pipelines")); const billing_stage_1 = require("./billing-stage"); const log_archive_stage_1 = require("./log-archive-stage"); const sso_stage_1 = require("./sso-stage"); class ControlTowerPipeline extends aws_cdk_lib_1.Stack { constructor(scope, props) { var _a; super(scope, 'CDKCT-Pipeline', { env: (_a = props.env) !== null && _a !== void 0 ? _a : props.orgPrincipalEnv, stackName: 'CDKCT-Pipeline', }); this.props = props; this.repository = new aws_codecommit_1.Repository(this, 'Repository', { repositoryName: 'org-setup', description: 'Contains all the code for the AWS organizations setup', }); this.pipeline = new pipelines.CodePipeline(this, 'Resource', { publishAssetsInParallel: false, crossAccountKeys: true, dockerEnabledForSynth: true, synth: new pipelines.CodeBuildStep('Synth', { input: pipelines.CodePipelineSource.codeCommit(this.repository, 'main'), installCommands: [ 'yarn install --frozen-lockfile', ], commands: [ 'npx projen build', ], }), }); } addStage(appStage, options) { if (!appStage.account || !appStage.region) { throw new Error('Stage does not have explicit account or region set up.'); } return this.pipeline.addStage(appStage, options); } addSsoConfig(permissionsConfiguration) { this.addStage(new sso_stage_1.SsoStage(this, { orgPrincipalEnv: this.props.orgPrincipalEnv, accounts: this.props.accounts, ssoConfig: this.props.ssoConfig, permissionsConfiguration, })); } addBillingConfig(budgetConfig, costReportConfig) { this.addStage(new billing_stage_1.BillingStage(this, { orgPrincipalEnv: this.props.orgPrincipalEnv, accounts: this.props.accounts, budgetConfig, costReportConfig, })); } addLogArchive(logArchiveAccount) { this.addStage(new log_archive_stage_1.LogArchiveStage(this, { orgPrincipalEnv: this.props.orgPrincipalEnv, logArchiveAccount: this.props.accounts[logArchiveAccount], })); } } exports.ControlTowerPipeline = ControlTowerPipeline; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGlwZWxpbmUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvcGlwZWxpbmUvcGlwZWxpbmUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0FBQ0EsNkNBQWdEO0FBQ2hELCtEQUF3RDtBQUN4RCxpRUFBbUQ7QUFFbkQsbURBQStDO0FBQy9DLDJEQUFzRDtBQUN0RCwyQ0FBdUM7QUFRdkMsTUFBYSxvQkFBeUQsU0FBUSxtQkFBSztJQUtqRixZQUFZLEtBQTJCLEVBQVUsS0FBc0M7O1FBQ3JGLEtBQUssQ0FBQyxLQUFLLEVBQUUsZ0JBQWdCLEVBQUU7WUFDN0IsR0FBRyxFQUFFLE1BQUEsS0FBSyxDQUFDLEdBQUcsbUNBQUksS0FBSyxDQUFDLGVBQWU7WUFDdkMsU0FBUyxFQUFFLGdCQUFnQjtTQUM1QixDQUFDLENBQUM7UUFKNEMsVUFBSyxHQUFMLEtBQUssQ0FBaUM7UUFNckYsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLDJCQUFVLENBQUMsSUFBSSxFQUFFLFlBQVksRUFBRTtZQUNuRCxjQUFjLEVBQUUsV0FBVztZQUMzQixXQUFXLEVBQUUsdURBQXVEO1NBQ3JFLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxRQUFRLEdBQUcsSUFBSSxTQUFTLENBQUMsWUFBWSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDM0QsdUJBQXVCLEVBQUUsS0FBSztZQUM5QixnQkFBZ0IsRUFBRSxJQUFJO1lBQ3RCLHFCQUFxQixFQUFFLElBQUk7WUFDM0IsS0FBSyxFQUFFLElBQUksU0FBUyxDQUFDLGFBQWEsQ0FBQyxPQUFPLEVBQUU7Z0JBQzFDLEtBQUssRUFBRSxTQUFTLENBQUMsa0JBQWtCLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxVQUFVLEVBQUUsTUFBTSxDQUFDO2dCQUN2RSxlQUFlLEVBQUU7b0JBQ2YsZ0NBQWdDO2lCQUNqQztnQkFDRCxRQUFRLEVBQUU7b0JBQ1Isa0JBQWtCO2lCQUNuQjthQUNGLENBQUM7U0FDSCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU0sUUFBUSxDQUFDLFFBQW1CLEVBQUUsT0FBZ0M7UUFDbkUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDMUMsTUFBTSxJQUFJLEtBQUssQ0FBQyx3REFBd0QsQ0FBQyxDQUFDO1FBQzVFLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLFFBQVEsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRU0sWUFBWSxDQUFDLHdCQUFvRDtRQUN0RSxJQUFJLENBQUMsUUFBUSxDQUFDLElBQUksb0JBQVEsQ0FBQyxJQUFJLEVBQUU7WUFDL0IsZUFBZSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsZUFBZTtZQUMzQyxRQUFRLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxRQUFRO1lBQzdCLFNBQVMsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVM7WUFDL0Isd0JBQXdCO1NBQ3pCLENBQUMsQ0FBQyxDQUFDO0lBQ04sQ0FBQztJQUVNLGdCQUFnQixDQUFDLFlBQThCLEVBQUUsZ0JBQXNDO1FBQzVGLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSw0QkFBWSxDQUFDLElBQUksRUFBRTtZQUNuQyxlQUFlLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxlQUFlO1lBQzNDLFFBQVEsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVE7WUFDN0IsWUFBWTtZQUNaLGdCQUFnQjtTQUNqQixDQUFDLENBQUMsQ0FBQztJQUNOLENBQUM7SUFFTSxhQUFhLENBQUMsaUJBQW9CO1FBQ3ZDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxtQ0FBZSxDQUFDLElBQUksRUFBRTtZQUN0QyxlQUFlLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxlQUFlO1lBQzNDLGlCQUFpQixFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsUUFBUSxDQUFDLGlCQUFpQixDQUFDO1NBQzFELENBQUMsQ0FBQyxDQUFDO0lBQ04sQ0FBQztDQUVGO0FBaEVELG9EQWdFQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGNkayBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgeyBTdGFjaywgU3RhY2tQcm9wcyB9IGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCB7IFJlcG9zaXRvcnkgfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtY29kZWNvbW1pdCc7XG5pbXBvcnQgKiBhcyBwaXBlbGluZXMgZnJvbSAnYXdzLWNkay1saWIvcGlwZWxpbmVzJztcbmltcG9ydCAqIGFzIGNvbnN0cnVjdHMgZnJvbSAnY29uc3RydWN0cyc7XG5pbXBvcnQgeyBCaWxsaW5nU3RhZ2UgfSBmcm9tICcuL2JpbGxpbmctc3RhZ2UnO1xuaW1wb3J0IHsgTG9nQXJjaGl2ZVN0YWdlIH0gZnJvbSAnLi9sb2ctYXJjaGl2ZS1zdGFnZSc7XG5pbXBvcnQgeyBTc29TdGFnZSB9IGZyb20gJy4vc3NvLXN0YWdlJztcbmltcG9ydCB7IE9yZ1ByaW5jaXBhbEF3YXJlLCBTc29Qcm9wcyB9IGZyb20gJy4uL2F3cy1vcmcnO1xuaW1wb3J0IHsgQnVkZ2V0Q29uZmlnIH0gZnJvbSAnLi4vYnVkZ2V0JztcbmltcG9ydCB7IENvc3RSZXBvcnRpbmdDb25maWcgfSBmcm9tICcuLi9jdXInO1xuaW1wb3J0IHsgU3NvUGVybWlzc2lvbkNvbmZpZyB9IGZyb20gJy4uL3Nzby1wZXJtaXNzaW9ucyc7XG5cbmV4cG9ydCB0eXBlIENvbnRyb2xUb3dlclBpcGVsaW5lUHJvcHM8VCBleHRlbmRzIHN0cmluZywgUyBleHRlbmRzIHN0cmluZz4gPSBTc29Qcm9wczxULCBTPiAmIE9yZ1ByaW5jaXBhbEF3YXJlICYgU3RhY2tQcm9wcztcblxuZXhwb3J0IGNsYXNzIENvbnRyb2xUb3dlclBpcGVsaW5lPFQgZXh0ZW5kcyBzdHJpbmcsIFMgZXh0ZW5kcyBzdHJpbmc+IGV4dGVuZHMgU3RhY2sge1xuXG4gIHB1YmxpYyByZWFkb25seSBwaXBlbGluZTogcGlwZWxpbmVzLkNvZGVQaXBlbGluZTtcbiAgcHVibGljIHJlYWRvbmx5IHJlcG9zaXRvcnk6IFJlcG9zaXRvcnk7XG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IGNvbnN0cnVjdHMuQ29uc3RydWN0LCBwcml2YXRlIHByb3BzOiBDb250cm9sVG93ZXJQaXBlbGluZVByb3BzPFQsIFM+KSB7XG4gICAgc3VwZXIoc2NvcGUsICdDREtDVC1QaXBlbGluZScsIHtcbiAgICAgIGVudjogcHJvcHMuZW52ID8/IHByb3BzLm9yZ1ByaW5jaXBhbEVudixcbiAgICAgIHN0YWNrTmFtZTogJ0NES0NULVBpcGVsaW5lJyxcbiAgICB9KTtcblxuICAgIHRoaXMucmVwb3NpdG9yeSA9IG5ldyBSZXBvc2l0b3J5KHRoaXMsICdSZXBvc2l0b3J5Jywge1xuICAgICAgcmVwb3NpdG9yeU5hbWU6ICdvcmctc2V0dXAnLFxuICAgICAgZGVzY3JpcHRpb246ICdDb250YWlucyBhbGwgdGhlIGNvZGUgZm9yIHRoZSBBV1Mgb3JnYW5pemF0aW9ucyBzZXR1cCcsXG4gICAgfSk7XG5cbiAgICB0aGlzLnBpcGVsaW5lID0gbmV3IHBpcGVsaW5lcy5Db2RlUGlwZWxpbmUodGhpcywgJ1Jlc291cmNlJywge1xuICAgICAgcHVibGlzaEFzc2V0c0luUGFyYWxsZWw6IGZhbHNlLFxuICAgICAgY3Jvc3NBY2NvdW50S2V5czogdHJ1ZSxcbiAgICAgIGRvY2tlckVuYWJsZWRGb3JTeW50aDogdHJ1ZSxcbiAgICAgIHN5bnRoOiBuZXcgcGlwZWxpbmVzLkNvZGVCdWlsZFN0ZXAoJ1N5bnRoJywge1xuICAgICAgICBpbnB1dDogcGlwZWxpbmVzLkNvZGVQaXBlbGluZVNvdXJjZS5jb2RlQ29tbWl0KHRoaXMucmVwb3NpdG9yeSwgJ21haW4nKSxcbiAgICAgICAgaW5zdGFsbENvbW1hbmRzOiBbXG4gICAgICAgICAgJ3lhcm4gaW5zdGFsbCAtLWZyb3plbi1sb2NrZmlsZScsXG4gICAgICAgIF0sXG4gICAgICAgIGNvbW1hbmRzOiBbXG4gICAgICAgICAgJ25weCBwcm9qZW4gYnVpbGQnLFxuICAgICAgICBdLFxuICAgICAgfSksXG4gICAgfSk7XG4gIH1cblxuICBwdWJsaWMgYWRkU3RhZ2UoYXBwU3RhZ2U6IGNkay5TdGFnZSwgb3B0aW9ucz86IHBpcGVsaW5lcy5BZGRTdGFnZU9wdHMpOiBwaXBlbGluZXMuU3RhZ2VEZXBsb3ltZW50IHtcbiAgICBpZiAoIWFwcFN0YWdlLmFjY291bnQgfHwgIWFwcFN0YWdlLnJlZ2lvbikge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKCdTdGFnZSBkb2VzIG5vdCBoYXZlIGV4cGxpY2l0IGFjY291bnQgb3IgcmVnaW9uIHNldCB1cC4nKTtcbiAgICB9XG4gICAgcmV0dXJuIHRoaXMucGlwZWxpbmUuYWRkU3RhZ2UoYXBwU3RhZ2UsIG9wdGlvbnMpO1xuICB9XG5cbiAgcHVibGljIGFkZFNzb0NvbmZpZyhwZXJtaXNzaW9uc0NvbmZpZ3VyYXRpb24/OiBTc29QZXJtaXNzaW9uQ29uZmlnPFQsIFM+KSB7XG4gICAgdGhpcy5hZGRTdGFnZShuZXcgU3NvU3RhZ2UodGhpcywge1xuICAgICAgb3JnUHJpbmNpcGFsRW52OiB0aGlzLnByb3BzLm9yZ1ByaW5jaXBhbEVudixcbiAgICAgIGFjY291bnRzOiB0aGlzLnByb3BzLmFjY291bnRzLFxuICAgICAgc3NvQ29uZmlnOiB0aGlzLnByb3BzLnNzb0NvbmZpZyxcbiAgICAgIHBlcm1pc3Npb25zQ29uZmlndXJhdGlvbixcbiAgICB9KSk7XG4gIH1cblxuICBwdWJsaWMgYWRkQmlsbGluZ0NvbmZpZyhidWRnZXRDb25maWc/OiBCdWRnZXRDb25maWc8VD4sIGNvc3RSZXBvcnRDb25maWc/OiBDb3N0UmVwb3J0aW5nQ29uZmlnKSB7XG4gICAgdGhpcy5hZGRTdGFnZShuZXcgQmlsbGluZ1N0YWdlKHRoaXMsIHtcbiAgICAgIG9yZ1ByaW5jaXBhbEVudjogdGhpcy5wcm9wcy5vcmdQcmluY2lwYWxFbnYsXG4gICAgICBhY2NvdW50czogdGhpcy5wcm9wcy5hY2NvdW50cyxcbiAgICAgIGJ1ZGdldENvbmZpZyxcbiAgICAgIGNvc3RSZXBvcnRDb25maWcsXG4gICAgfSkpO1xuICB9XG5cbiAgcHVibGljIGFkZExvZ0FyY2hpdmUobG9nQXJjaGl2ZUFjY291bnQ6IFQpIHtcbiAgICB0aGlzLmFkZFN0YWdlKG5ldyBMb2dBcmNoaXZlU3RhZ2UodGhpcywge1xuICAgICAgb3JnUHJpbmNpcGFsRW52OiB0aGlzLnByb3BzLm9yZ1ByaW5jaXBhbEVudixcbiAgICAgIGxvZ0FyY2hpdmVBY2NvdW50OiB0aGlzLnByb3BzLmFjY291bnRzW2xvZ0FyY2hpdmVBY2NvdW50XSxcbiAgICB9KSk7XG4gIH1cblxufSJdfQ==