aws-cdk-lib/aws-cloudfront/lib/private/utils.js

Version 2 of the AWS Cloud Development Kit library

"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__setModuleDefault=exports&&exports.__setModuleDefault||(Object.create?(function(o,v){Object.defineProperty(o,"default",{enumerable:!0,value:v})}):function(o,v){o.default=v}),__importStar=exports&&exports.__importStar||(function(){var ownKeys=function(o){return ownKeys=Object.getOwnPropertyNames||function(o2){var ar=[];for(var k in o2)Object.prototype.hasOwnProperty.call(o2,k)&&(ar[ar.length]=k);return ar},ownKeys(o)};return function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k=ownKeys(mod),i=0;i<k.length;i++)k[i]!=="default"&&__createBinding(result,mod,k[i]);return __setModuleDefault(result,mod),result}})();Object.defineProperty(exports,"__esModule",{value:!0}),exports.formatDistributionArn=formatDistributionArn,exports.grant=grant;var iam=()=>{var tmp=__importStar(require("../../../aws-iam"));return iam=()=>tmp,tmp},core_1=()=>{var tmp=require("../../../core");return core_1=()=>tmp,tmp};const wildcardOnlyActions=["cloudfront:CreateFieldLevelEncryptionConfig","cloudfront:CreateFieldLevelEncryptionProfile","cloudfront:CreateKeyGroup","cloudfront:CreateMonitoringSubscription","cloudfront:CreateOriginAccessControl","cloudfront:CreatePublicKey","cloudfront:CreateSavingsPlan","cloudfront:DeleteKeyGroup","cloudfront:DeleteMonitoringSubscription","cloudfront:DeletePublicKey","cloudfront:GetKeyGroup","cloudfront:GetKeyGroupConfig","cloudfront:GetMonitoringSubscription","cloudfront:GetPublicKey","cloudfront:GetPublicKeyConfig","cloudfront:GetSavingsPlan","cloudfront:ListAnycastIpLists","cloudfront:ListCachePolicies","cloudfront:ListCloudFrontOriginAccessIdentities","cloudfront:ListContinuousDeploymentPolicies","cloudfront:ListDistributions","cloudfront:ListDistributionsByAnycastIpListId","cloudfront:ListDistributionsByCachePolicyId","cloudfront:ListDistributionsByKeyGroup","cloudfront:ListDistributionsByLambdaFunction","cloudfront:ListDistributionsByOriginRequestPolicyId","cloudfront:ListDistributionsByRealtimeLogConfig","cloudfront:ListDistributionsByResponseHeadersPolicyId","cloudfront:ListDistributionsByVpcOriginId","cloudfront:ListDistributionsByWebACLId","cloudfront:ListFieldLevelEncryptionConfigs","cloudfront:ListFieldLevelEncryptionProfiles","cloudfront:ListFunctions","cloudfront:ListKeyGroups","cloudfront:ListKeyValueStores","cloudfront:ListOriginAccessControls","cloudfront:ListOriginRequestPolicies","cloudfront:ListPublicKeys","cloudfront:ListRateCards","cloudfront:ListRealtimeLogConfigs","cloudfront:ListResponseHeadersPolicies","cloudfront:ListSavingsPlans","cloudfront:ListStreamingDistributions","cloudfront:ListUsages","cloudfront:ListVpcOrigins","cloudfront:UpdateFieldLevelEncryptionConfig","cloudfront:UpdateKeyGroup","cloudfront:UpdatePublicKey","cloudfront:UpdateSavingsPlan"];function formatDistributionArn(dist){return core_1().Stack.of(dist).formatArn({service:"cloudfront",region:"",resource:"distribution",resourceName:dist.distributionId})}function grant(dist,grantee,...actions){const wildcardActions=[],resourceLevelSupportedActions=[];let wildcardGrant,resourceLevelGrant;for(const action of actions)wildcardOnlyActions.includes(action)?wildcardActions.push(action):resourceLevelSupportedActions.push(action);return wildcardActions.length>0&&(wildcardGrant=iam().Grant.addToPrincipal({grantee,actions:wildcardActions,resourceArns:["*"]})),resourceLevelSupportedActions.length>0&&(resourceLevelGrant=iam().Grant.addToPrincipal({grantee,actions:resourceLevelSupportedActions,resourceArns:[formatDistributionArn(dist)]})),wildcardActions.length>0&&resourceLevelSupportedActions.length>0?resourceLevelGrant.combine(wildcardGrant):wildcardActions.length>0?wildcardGrant:resourceLevelGrant}