aws-cdk-lib/aws-route53/lib/key-signing-key.js

Version 2 of the AWS Cloud Development Kit library

"use strict";var __decorate=exports&&exports.__decorate||function(decorators,target,key,desc){var c=arguments.length,r=c<3?target:desc===null?desc=Object.getOwnPropertyDescriptor(target,key):desc,d;if(typeof Reflect=="object"&&typeof Reflect.decorate=="function")r=Reflect.decorate(decorators,target,key,desc);else for(var i=decorators.length-1;i>=0;i--)(d=decorators[i])&&(r=(c<3?d(r):c>3?d(target,key,r):d(target,key))||r);return c>3&&r&&Object.defineProperty(target,key,r),r},_a;Object.defineProperty(exports,"__esModule",{value:!0}),exports.KeySigningKey=exports.KeySigningKeyStatus=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var route53_generated_1=()=>{var tmp=require("./route53.generated");return route53_generated_1=()=>tmp,tmp},iam=()=>{var tmp=require("../../aws-iam");return iam=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},KeySigningKeyStatus;(function(KeySigningKeyStatus2){KeySigningKeyStatus2.ACTIVE="ACTIVE",KeySigningKeyStatus2.INACTIVE="INACTIVE"})(KeySigningKeyStatus||(exports.KeySigningKeyStatus=KeySigningKeyStatus={}));let KeySigningKey=class KeySigningKey2 extends core_1().Resource{static fromKeySigningKeyAttributes(scope,id,attrs){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_route53_KeySigningKeyAttributes(attrs)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromKeySigningKeyAttributes),error}class Import extends core_1().Resource{constructor(){super(scope,id),this.keySigningKeyName=attrs.keySigningKeyName,this.hostedZone=attrs.hostedZone}get keySigningKeyId(){return`${this.hostedZone.hostedZoneId}|${this.keySigningKeyName}`}}return new Import}constructor(scope,id,props){super(scope,id,{physicalName:props.keySigningKeyName??core_1().Lazy.string({produce:()=>core_1().Names.uniqueResourceName(this,{maxLength:128,allowedSpecialCharacters:"_"})})});try{jsiiDeprecationWarnings().aws_cdk_lib_aws_route53_KeySigningKeyProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,KeySigningKey2),error}(0,metadata_resource_1().addConstructMetadata)(this,props),this.grantKeyPermissionsForZone(props.kmsKey,props.hostedZone);const resource=new(route53_generated_1()).CfnKeySigningKey(this,"Resource",{hostedZoneId:props.hostedZone.hostedZoneId,keyManagementServiceArn:props.kmsKey.keyArn,name:this.physicalName,status:props.status??KeySigningKeyStatus.ACTIVE});this.keySigningKeyId=resource.ref,this.hostedZone=props.hostedZone,this.keySigningKeyName=this.physicalName}grantKeyPermissionsForZone(key,zone){return[key.grant(new(iam()).ServicePrincipal("dnssec-route53.amazonaws.com",{conditions:{ArnEquals:{"aws:SourceArn":zone.hostedZoneArn}}}),"kms:DescribeKey","kms:GetPublicKey","kms:Sign"),key.grant(new(iam()).ServicePrincipal("dnssec-route53.amazonaws.com",{conditions:{Bool:{"kms:GrantIsForAWSResource":!0}}}),"kms:CreateGrant")]}};exports.KeySigningKey=KeySigningKey,_a=JSII_RTTI_SYMBOL_1,KeySigningKey[_a]={fqn:"aws-cdk-lib.aws_route53.KeySigningKey",version:"2.210.0"},KeySigningKey.PROPERTY_INJECTION_ID="aws-cdk-lib.aws-route53.KeySigningKey",exports.KeySigningKey=KeySigningKey=__decorate([prop_injectable_1().propertyInjectable],KeySigningKey);