UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

2 lines (1 loc) 7.01 kB
1
2
"use strict";var __decorate=exports&&exports.__decorate||function(decorators,target,key,desc){var c=arguments.length,r=c<3?target:desc===null?desc=Object.getOwnPropertyDescriptor(target,key):desc,d;if(typeof Reflect=="object"&&typeof Reflect.decorate=="function")r=Reflect.decorate(decorators,target,key,desc);else for(var i=decorators.length-1;i>=0;i--)(d=decorators[i])&&(r=(c<3?d(r):c>3?d(target,key,r):d(target,key))||r);return c>3&&r&&Object.defineProperty(target,key,r),r},_a;Object.defineProperty(exports,"__esModule",{value:!0}),exports.Alias=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var kms_generated_1=()=>{var tmp=require("./kms.generated");return kms_generated_1=()=>tmp,tmp},iam=()=>{var tmp=require("../../aws-iam");return iam=()=>tmp,tmp},perms=()=>{var tmp=require("./private/perms");return perms=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp},cx_api_1=()=>{var tmp=require("../../cx-api");return cx_api_1=()=>tmp,tmp};const REQUIRED_ALIAS_PREFIX="alias/",DISALLOWED_PREFIX=REQUIRED_ALIAS_PREFIX+"aws/";class AliasBase extends core_1().Resource{get keyArn(){return core_1().Stack.of(this).formatArn({service:"kms",resource:this.aliasName})}get aliasArn(){return core_1().Stack.of(this).formatArn({service:"kms",resource:this.aliasName})}get keyId(){return this.aliasName}addAlias(alias){return this.aliasTargetKey.addAlias(alias)}addToResourcePolicy(statement,allowNoOp){return this.aliasTargetKey.addToResourcePolicy(statement,allowNoOp)}grant(grantee,...actions){return this.aliasTargetKey.grant(grantee,...actions)}grantDecrypt(grantee){return this.aliasTargetKey.grantDecrypt(grantee)}grantEncrypt(grantee){return this.aliasTargetKey.grantEncrypt(grantee)}grantEncryptDecrypt(grantee){return this.aliasTargetKey.grantEncryptDecrypt(grantee)}grantSign(grantee){return this.aliasTargetKey.grantSign(grantee)}grantVerify(grantee){return this.aliasTargetKey.grantVerify(grantee)}grantSignVerify(grantee){return this.aliasTargetKey.grantSignVerify(grantee)}grantGenerateMac(grantee){return this.aliasTargetKey.grantGenerateMac(grantee)}grantVerifyMac(grantee){return this.aliasTargetKey.grantVerifyMac(grantee)}}let Alias=class Alias2 extends AliasBase{static fromAliasAttributes(scope,id,attrs){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_kms_AliasAttributes(attrs)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.fromAliasAttributes),error}class _Alias extends AliasBase{get aliasName(){return attrs.aliasName}get aliasTargetKey(){return attrs.aliasTargetKey}}return new _Alias(scope,id)}static fromAliasName(scope,id,aliasName){class Import extends core_1().Resource{constructor(){super(...arguments),this.keyArn=core_1().Stack.of(this).formatArn({service:"kms",resource:aliasName}),this.keyId=aliasName,this.aliasName=aliasName}get aliasTargetKey(){throw new(core_1()).ValidationError("Cannot access aliasTargetKey on an Alias imported by Alias.fromAliasName().",this)}addAlias(_alias){throw new(core_1()).ValidationError("Cannot call addAlias on an Alias imported by Alias.fromAliasName().",this)}addToResourcePolicy(_statement,_allowNoOp){return{statementAdded:!1}}grant(grantee,...actions){return core_1().FeatureFlags.of(this).isEnabled(cx_api_1().KMS_APPLY_IMPORTED_ALIAS_PERMISSIONS_TO_PRINCIPAL)?iam().Grant.addToPrincipal({grantee,actions,resourceArns:[core_1().Stack.of(scope).formatArn({service:"kms",resource:"key",resourceName:"*"})],conditions:{"ForAnyValue:StringEquals":{"kms:ResourceAliases":this.aliasName}}}):iam().Grant.drop(grantee,"")}grantDecrypt(grantee){return this.grant(grantee,...perms().DECRYPT_ACTIONS)}grantEncrypt(grantee){return this.grant(grantee,...perms().ENCRYPT_ACTIONS)}grantEncryptDecrypt(grantee){return this.grant(grantee,...perms().DECRYPT_ACTIONS,...perms().ENCRYPT_ACTIONS)}grantSign(grantee){return this.grant(grantee,...perms().SIGN_ACTIONS)}grantVerify(grantee){return this.grant(grantee,...perms().VERIFY_ACTIONS)}grantSignVerify(grantee){return this.grant(grantee,...perms().SIGN_ACTIONS,...perms().VERIFY_ACTIONS)}grantGenerateMac(grantee){return this.grant(grantee,...perms().GENERATE_HMAC_ACTIONS)}grantVerifyMac(grantee){return this.grant(grantee,...perms().VERIFY_HMAC_ACTIONS)}}return new Import(scope,id)}constructor(scope,id,props){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_kms_AliasProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,Alias2),error}let aliasName=props.aliasName;if(core_1().Token.isUnresolved(aliasName)){if(core_1().Tokenization.reverseString(aliasName).firstValue&&core_1().Tokenization.reverseString(aliasName).firstToken===void 0){const valueInToken=core_1().Tokenization.reverseString(aliasName).firstValue;if(valueInToken.startsWith(REQUIRED_ALIAS_PREFIX)||(aliasName=REQUIRED_ALIAS_PREFIX+aliasName),valueInToken.toLocaleLowerCase().startsWith(DISALLOWED_PREFIX))throw new(core_1()).ValidationError(`Alias cannot start with ${DISALLOWED_PREFIX}: ${aliasName}`,scope);if(!valueInToken.match(/^[a-zA-Z0-9:/_-]{1,256}$/))throw new(core_1()).ValidationError("Alias name must be between 1 and 256 characters in a-zA-Z0-9:/_-",scope)}}else{if(aliasName.startsWith(REQUIRED_ALIAS_PREFIX)||(aliasName=REQUIRED_ALIAS_PREFIX+aliasName),aliasName===REQUIRED_ALIAS_PREFIX)throw new(core_1()).ValidationError(`Alias must include a value after "${REQUIRED_ALIAS_PREFIX}": ${aliasName}`,scope);if(aliasName.toLocaleLowerCase().startsWith(DISALLOWED_PREFIX))throw new(core_1()).ValidationError(`Alias cannot start with ${DISALLOWED_PREFIX}: ${aliasName}`,scope);if(!aliasName.match(/^[a-zA-Z0-9:/_-]{1,256}$/))throw new(core_1()).ValidationError("Alias name must be between 1 and 256 characters in a-zA-Z0-9:/_-",scope)}super(scope,id,{physicalName:aliasName}),(0,metadata_resource_1().addConstructMetadata)(this,props),this.aliasTargetKey=props.targetKey;const resource=new(kms_generated_1()).CfnAlias(this,"Resource",{aliasName:this.physicalName,targetKeyId:this.aliasTargetKey.keyArn});core_1().FeatureFlags.of(this).isEnabled(cx_api_1().KMS_ALIAS_NAME_REF)?this.aliasName=this.getResourceNameAttribute(resource.ref):this.aliasName=this.getResourceNameAttribute(resource.aliasName),props.removalPolicy&&resource.applyRemovalPolicy(props.removalPolicy)}generatePhysicalName(){return REQUIRED_ALIAS_PREFIX+super.generatePhysicalName()}};exports.Alias=Alias,_a=JSII_RTTI_SYMBOL_1,Alias[_a]={fqn:"aws-cdk-lib.aws_kms.Alias",version:"2.213.0"},Alias.PROPERTY_INJECTION_ID="aws-cdk-lib.aws-kms.Alias",exports.Alias=Alias=__decorate([prop_injectable_1().propertyInjectable],Alias);