UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

368 lines (367 loc) 12.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
import { BundlingOptions } from './bundling'; /** * Common interface for all assets. */ export interface IAsset { /** * A hash of this asset, which is available at construction time. As this is a plain string, it * can be used in construct IDs in order to enforce creation of a new resource when the content * hash has changed. */ readonly assetHash: string; } /** * Asset hash options */ export interface AssetOptions { /** * Specify a custom hash for this asset. If `assetHashType` is set it must * be set to `AssetHashType.CUSTOM`. For consistency, this custom hash will * be SHA256 hashed and encoded as hex. The resulting hash will be the asset * hash. * * NOTE: the hash is used in order to identify a specific revision of the asset, and * used for optimizing and caching deployment activities related to this asset such as * packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will * need to make sure it is updated every time the asset changes, or otherwise it is * possible that some deployments will not be invalidated. * * @default - based on `assetHashType` */ readonly assetHash?: string; /** * Specifies the type of hash to calculate for this asset. * * If `assetHash` is configured, this option must be `undefined` or * `AssetHashType.CUSTOM`. * * @default - the default is `AssetHashType.SOURCE`, but if `assetHash` is * explicitly specified this value defaults to `AssetHashType.CUSTOM`. */ readonly assetHashType?: AssetHashType; /** * Bundle the asset by executing a command in a Docker container or a custom bundling provider. * * The asset path will be mounted at `/asset-input`. The Docker * container is responsible for putting content at `/asset-output`. * The content at `/asset-output` will be zipped and used as the * final asset. * * @default - uploaded as-is to S3 if the asset is a regular file or a .zip file, * archived into a .zip file and uploaded to S3 otherwise */ readonly bundling?: BundlingOptions; } /** * The type of asset hash * * NOTE: the hash is used in order to identify a specific revision of the asset, and * used for optimizing and caching deployment activities related to this asset such as * packaging, uploading to Amazon S3, etc. */ export declare enum AssetHashType { /** * Based on the content of the source path * * When bundling, use `SOURCE` when the content of the bundling output is not * stable across repeated bundling operations. */ SOURCE = "source", /** * Based on the content of the bundling output * * Use `OUTPUT` when the source of the asset is a top level folder containing * code and/or dependencies that are not directly linked to the asset. */ OUTPUT = "output", /** * Use a custom hash */ CUSTOM = "custom" } /** * Represents the source for a file asset. */ export interface FileAssetSource { /** * A hash on the content source. This hash is used to uniquely identify this * asset throughout the system. If this value doesn't change, the asset will * not be rebuilt or republished. */ readonly sourceHash: string; /** * An external command that will produce the packaged asset. * * The command should produce the location of a ZIP file on `stdout`. * * @default - Exactly one of `fileName` and `executable` is required */ readonly executable?: string[]; /** * The path, relative to the root of the cloud assembly, in which this asset * source resides. This can be a path to a file or a directory, depending on the * packaging type. * * @default - Exactly one of `fileName` and `executable` is required */ readonly fileName?: string; /** * Which type of packaging to perform. * * @default - Required if `fileName` is specified. */ readonly packaging?: FileAssetPackaging; /** * Whether or not the asset needs to exist beyond deployment time; i.e. * are copied over to a different location and not needed afterwards. * Setting this property to true has an impact on the lifecycle of the asset, * because we will assume that it is safe to delete after the CloudFormation * deployment succeeds. * * For example, Lambda Function assets are copied over to Lambda during * deployment. Therefore, it is not necessary to store the asset in S3, so * we consider those deployTime assets. * * @default false */ readonly deployTime?: boolean; } export interface DockerImageAssetSource { /** * The hash of the contents of the docker build context. This hash is used * throughout the system to identify this image and avoid duplicate work * in case the source did not change. * * NOTE: this means that if you wish to update your docker image, you * must make a modification to the source (e.g. add some metadata to your Dockerfile). */ readonly sourceHash: string; /** * An external command that will produce the packaged asset. * * The command should produce the name of a local Docker image on `stdout`. * * @default - Exactly one of `directoryName` and `executable` is required */ readonly executable?: string[]; /** * The directory where the Dockerfile is stored, must be relative * to the cloud assembly root. * * @default - Exactly one of `directoryName` and `executable` is required */ readonly directoryName?: string; /** * Build args to pass to the `docker build` command. * * Since Docker build arguments are resolved before deployment, keys and * values cannot refer to unresolved tokens (such as `lambda.functionArn` or * `queue.queueUrl`). * * Only allowed when `directoryName` is specified. * * @default - no build args are passed */ readonly dockerBuildArgs?: { [key: string]: string; }; /** * Build secrets to pass to the `docker build` command. * * Since Docker build secrets are resolved before deployment, keys and * values cannot refer to unresolved tokens (such as `lambda.functionArn` or * `queue.queueUrl`). * * Only allowed when `directoryName` is specified. * * @default - no build secrets are passed */ readonly dockerBuildSecrets?: { [key: string]: string; }; /** * SSH agent socket or keys to pass to the `docker buildx` command. * * * @default - no ssh arg is passed */ readonly dockerBuildSsh?: string; /** * Docker target to build to * * Only allowed when `directoryName` is specified. * * @default - no target */ readonly dockerBuildTarget?: string; /** * Path to the Dockerfile (relative to the directory). * * Only allowed when `directoryName` is specified. * * @default - no file */ readonly dockerFile?: string; /** * Networking mode for the RUN commands during build. _Requires Docker Engine API v1.25+_. * * Specify this property to build images on a specific networking mode. * * @default - no networking mode specified */ readonly networkMode?: string; /** * Platform to build for. _Requires Docker Buildx_. * * Specify this property to build images on a specific platform. * * @default - no platform specified (the current machine architecture will be used) */ readonly platform?: string; /** * Outputs to pass to the `docker build` command. * * @default - no build args are passed */ readonly dockerOutputs?: string[]; /** * Unique identifier of the docker image asset and its potential revisions. * Required if using AppScopedStagingSynthesizer. * * @default - no asset name */ readonly assetName?: string; /** * Cache from options to pass to the `docker build` command. * * @default - no cache from args are passed */ readonly dockerCacheFrom?: DockerCacheOption[]; /** * Cache to options to pass to the `docker build` command. * * @default - no cache to args are passed */ readonly dockerCacheTo?: DockerCacheOption; /** * Disable the cache and pass `--no-cache` to the `docker build` command. * * @default - cache is used */ readonly dockerCacheDisabled?: boolean; } /** * Packaging modes for file assets. */ export declare enum FileAssetPackaging { /** * The asset source path points to a directory, which should be archived using * zip and and then uploaded to Amazon S3. */ ZIP_DIRECTORY = "zip", /** * The asset source path points to a single file, which should be uploaded * to Amazon S3. */ FILE = "file" } /** * The location of the published file asset. This is where the asset * can be consumed at runtime. */ export interface FileAssetLocation { /** * The name of the Amazon S3 bucket. */ readonly bucketName: string; /** * The Amazon S3 object key. */ readonly objectKey: string; /** * The HTTP URL of this asset on Amazon S3. * * This value suitable for inclusion in a CloudFormation template, and * may be an encoded token. * * Example value: `https://s3-us-east-1.amazonaws.com/mybucket/myobject` */ readonly httpUrl: string; /** * The S3 URL of this asset on Amazon S3. * * This value suitable for inclusion in a CloudFormation template, and * may be an encoded token. * * Example value: `s3://mybucket/myobject` */ readonly s3ObjectUrl: string; /** * The ARN of the KMS key used to encrypt the file asset bucket, if any. * * The CDK bootstrap stack comes with a key policy that does not require * setting this property, so you only need to set this property if you * have customized the bootstrap stack to require it. * * @default - Asset bucket is not encrypted, or decryption permissions are * defined by a Key Policy. */ readonly kmsKeyArn?: string; /** * Like `s3ObjectUrl`, but not suitable for CloudFormation consumption * * If there are placeholders in the S3 URL, they will be returned un-replaced * and un-evaluated. * * @default - This feature cannot be used */ readonly s3ObjectUrlWithPlaceholders?: string; } /** * The location of the published docker image. This is where the image can be * consumed at runtime. */ export interface DockerImageAssetLocation { /** * The URI of the image in Amazon ECR (including a tag). */ readonly imageUri: string; /** * The name of the ECR repository. */ readonly repositoryName: string; /** * The tag of the image in Amazon ECR. * @default - the hash of the asset, or the `dockerTagPrefix` concatenated with the asset hash if a `dockerTagPrefix` is specified in the stack synthesizer */ readonly imageTag?: string; } /** * Options for configuring the Docker cache backend */ export interface DockerCacheOption { /** * The type of cache to use. * Refer to https://docs.docker.com/build/cache/backends/ for full list of backends. * @default - unspecified * * @example 'registry' */ readonly type: string; /** * Any parameters to pass into the docker cache backend configuration. * Refer to https://docs.docker.com/build/cache/backends/ for cache backend configuration. * @default {} No options provided * * @example * declare const branch: string; * * const params = { * ref: `12345678.dkr.ecr.us-west-2.amazonaws.com/cache:${branch}`, * mode: "max", * }; */ readonly params?: { [key: string]: string; }; }