aws-cdk-lib/aws-route53/lib/util.js

Version 2 of the AWS Cloud Development Kit library

"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.validateZoneName=validateZoneName,exports.determineFullyQualifiedDomainName=determineFullyQualifiedDomainName,exports.makeHostedZoneArn=makeHostedZoneArn,exports.makeGrantDelegation=makeGrantDelegation;var iam=()=>{var tmp=require("../../aws-iam");return iam=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp};function validateZoneName(zoneName){if(zoneName.length>255)throw new ValidationError("zone name cannot be more than 255 bytes long");if(zoneName.split(".").find(label=>label.length>63))throw new ValidationError("zone name labels cannot be more than 63 bytes long");if(!zoneName.match(/^[a-z0-9!"#$%&'()*+,/:;<=>?@[\\\]^_`{|}~.-]+$/i))throw new ValidationError("zone names can only contain a-z, 0-9, -, ! \" # $ % & ' ( ) * + , - / : ; < = > ? @ [  ] ^ _ ` { | } ~ .")}class ValidationError extends Error{constructor(message){super(message)}}function determineFullyQualifiedDomainName(providedName,hostedZone){if(providedName.endsWith("."))return providedName;const hostedZoneName=stripTrailingDot(hostedZone.zoneName),suffix=`.${hostedZoneName}`;return providedName.endsWith(suffix)||providedName===hostedZoneName?`${providedName}.`:`${providedName}${suffix}.`}function makeHostedZoneArn(construct,hostedZoneId){return core_1().Stack.of(construct).formatArn({account:"",region:"",service:"route53",resource:"hostedzone",resourceName:hostedZoneId})}function stripTrailingDot(zoneName){return zoneName.endsWith(".")?zoneName.substring(0,zoneName.length-1):zoneName}const octalConversionIgnoreRegex=/[a-z0-9-_\\.]/;function octalEncodeDelegatedZoneName(delegatedZoneName){return core_1().Token.isUnresolved(delegatedZoneName)?delegatedZoneName:delegatedZoneName.split("").map(c=>octalConversionIgnoreRegex.test(c)?c:"\\"+c.charCodeAt(0).toString(8).padStart(3,"0")).join("")}function validateDelegatedZoneName(parentZoneName,delegatedZoneName){if(delegatedZoneName.endsWith("."))throw new(core_1()).UnscopedValidationError(`Error while validating delegate zone name '${delegatedZoneName}': delegated zone name cannot have a trailing period`);if(core_1().Token.isUnresolved(delegatedZoneName))return;try{validateZoneName(delegatedZoneName)}catch(error){if(error instanceof ValidationError)throw new(core_1()).UnscopedValidationError(`Error while validating delegated zone name '${delegatedZoneName}': ${error.message}`)}if(delegatedZoneName.toLowerCase()!==delegatedZoneName)throw new(core_1()).UnscopedValidationError(`Error while validating delegate zone name '${delegatedZoneName}': delegated zone name cannot contain uppercase characters`);if(core_1().Token.isUnresolved(parentZoneName))return;const parentZoneNameNoTrailingDot=stripTrailingDot(parentZoneName);if(!delegatedZoneName.endsWith(parentZoneNameNoTrailingDot))throw new(core_1()).UnscopedValidationError(`Error while validating delegate zone name '${delegatedZoneName}': delegated zone name must be suffixed by parent zone name`);if(delegatedZoneName===parentZoneNameNoTrailingDot)throw new(core_1()).UnscopedValidationError(`Error while validating delegate zone name '${delegatedZoneName}': delegated zone name cannot be the same as the parent zone name`)}function makeGrantDelegation(grantee,hostedZone,delegationOptions){const delegatedZoneNames=delegationOptions?.delegatedZoneNames?.map(delegatedZoneName=>(validateDelegatedZoneName(hostedZone.name,delegatedZoneName),octalEncodeDelegatedZoneName(delegatedZoneName))),g1=iam().Grant.addToPrincipal({grantee,actions:["route53:ChangeResourceRecordSets"],resourceArns:[makeHostedZoneArn(hostedZone,hostedZone.hostedZoneRef.hostedZoneId)],conditions:{"ForAllValues:StringEquals":{"route53:ChangeResourceRecordSetsRecordTypes":["NS"],"route53:ChangeResourceRecordSetsActions":["UPSERT","DELETE"],...delegationOptions?.delegatedZoneNames?{"route53:ChangeResourceRecordSetsNormalizedRecordNames":delegatedZoneNames}:{}}}}),g2=iam().Grant.addToPrincipal({grantee,actions:["route53:ListHostedZonesByName"],resourceArns:["*"]});return g1.combine(g2)}