UNPKG

aws-delivlib

Version:

A fabulous library for defining continuous pipelines for building, testing and releasing code libraries.

github.com/cdklabs/aws-delivlib

cdklabs/aws-delivlib

41 lines 5.47 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.OpenPgpKey = void 0; const aws_cdk_lib_1 = require("aws-cdk-lib"); const constructs_1 = require("constructs"); const open_pgp_key_pair_1 = require("./open-pgp-key-pair"); /** * A combination of a Secrets Manager secret and a unique KMS key per secret * * The KMS key is there to control access to the secret, as the secret * itself doesn't support resource policies yet. * * @deprecated Use the OpenPGPKeyPair class instead. */ class OpenPgpKey extends constructs_1.Construct { constructor(parent, name, props) { super(parent, name); this.scope = props.secretName || this.node.addr; const secretName = `${this.scope}/SigningKey`; this.key = new aws_cdk_lib_1.aws_kms.Key(this, 'Key', { description: `Encryption key for PGP secret ${secretName}`, }); // The key has an alias for descriptive purposes, but the alias is not used this.key.addAlias(`alias/${secretName}Key`); this.secret = new open_pgp_key_pair_1.OpenPGPKeyPair(this, 'Secret', { identity: props.identity, email: props.email, keySizeBits: 4096, expiry: '4y', secretName, pubKeyParameterName: `/${secretName}.pub`, encryptionKey: this.key, version: 1, }); } grantRead(identity) { return this.secret.grantRead(identity); } } exports.OpenPgpKey = OpenPgpKey; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmluZy1rZXkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyJzaWduaW5nLWtleS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSw2Q0FBNkQ7QUFDN0QsMkNBQXVDO0FBQ3ZDLDJEQUFxRDtBQTJCckQ7Ozs7Ozs7R0FPRztBQUNILE1BQWEsVUFBVyxTQUFRLHNCQUFTO0lBTXZDLFlBQVksTUFBaUIsRUFBRSxJQUFZLEVBQUUsS0FBc0I7UUFDakUsS0FBSyxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsQ0FBQztRQUVwQixJQUFJLENBQUMsS0FBSyxHQUFHLEtBQUssQ0FBQyxVQUFVLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUM7UUFDaEQsTUFBTSxVQUFVLEdBQUcsR0FBRyxJQUFJLENBQUMsS0FBSyxhQUFhLENBQUM7UUFFOUMsSUFBSSxDQUFDLEdBQUcsR0FBRyxJQUFJLHFCQUFHLENBQUMsR0FBRyxDQUFDLElBQUksRUFBRSxLQUFLLEVBQUU7WUFDbEMsV0FBVyxFQUFFLGlDQUFpQyxVQUFVLEVBQUU7U0FDM0QsQ0FBQyxDQUFDO1FBRUgsMkVBQTJFO1FBQzNFLElBQUksQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLFNBQVMsVUFBVSxLQUFLLENBQUMsQ0FBQztRQUU1QyxJQUFJLENBQUMsTUFBTSxHQUFHLElBQUksa0NBQWMsQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFO1lBQy9DLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtZQUN4QixLQUFLLEVBQUUsS0FBSyxDQUFDLEtBQUs7WUFDbEIsV0FBVyxFQUFFLElBQUk7WUFDakIsTUFBTSxFQUFFLElBQUk7WUFDWixVQUFVO1lBQ1YsbUJBQW1CLEVBQUUsSUFBSSxVQUFVLE1BQU07WUFDekMsYUFBYSxFQUFFLElBQUksQ0FBQyxHQUFHO1lBQ3ZCLE9BQU8sRUFBRSxDQUFDO1NBQ1gsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVNLFNBQVMsQ0FBQyxRQUF3QjtRQUN2QyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsU0FBUyxDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ3pDLENBQUM7Q0FDRjtBQWxDRCxnQ0FrQ0MiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBhd3NfaWFtIGFzIGlhbSwgYXdzX2ttcyBhcyBrbXMgfSBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCB7IE9wZW5QR1BLZXlQYWlyIH0gZnJvbSAnLi9vcGVuLXBncC1rZXktcGFpcic7XG5cblxuLyoqXG4gKiBDb25zdHJ1Y3Rpb24gcHJvcGVydGllcyBmb3IgYSBTaWduaW5nS2V5XG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgU2lnbmluZ0tleVByb3BzIHtcbiAgLyoqXG4gICAqIFRoZSBBV1MgU2VjcmV0cyBNYW5hZ2VyIHNlY3JldCBuYW1lIHRvIHVzZSBmb3IgdGhpcyBrZXkuXG4gICAqXG4gICAqIFRoZSBzZWNyZXQgd2lsbCBiZSBuYW1lZCBcIjxzY29wZT4vU2lnbmluZ0tleVwiLlxuICAgKlxuICAgKiBAZGVmYXVsdCBBIHVuaXF1ZSBzZWNyZXQgbmFtZSB3aWxsIGJlIGF1dG9tYXRpY2FsbHkgZ2VuZXJhdGVkXG4gICAqL1xuICBzZWNyZXROYW1lPzogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBOYW1lIHRvIHB1dCBvbiBrZXlcbiAgICovXG4gIGlkZW50aXR5OiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIEVtYWlsIGFkZHJlc3MgdG8gcHV0IG9uIGtleVxuICAgKi9cbiAgZW1haWw6IHN0cmluZztcbn1cblxuLyoqXG4gKiBBIGNvbWJpbmF0aW9uIG9mIGEgU2VjcmV0cyBNYW5hZ2VyIHNlY3JldCBhbmQgYSB1bmlxdWUgS01TIGtleSBwZXIgc2VjcmV0XG4gKlxuICogVGhlIEtNUyBrZXkgaXMgdGhlcmUgdG8gY29udHJvbCBhY2Nlc3MgdG8gdGhlIHNlY3JldCwgYXMgdGhlIHNlY3JldFxuICogaXRzZWxmIGRvZXNuJ3Qgc3VwcG9ydCByZXNvdXJjZSBwb2xpY2llcyB5ZXQuXG4gKlxuICogQGRlcHJlY2F0ZWQgVXNlIHRoZSBPcGVuUEdQS2V5UGFpciBjbGFzcyBpbnN0ZWFkLlxuICovXG5leHBvcnQgY2xhc3MgT3BlblBncEtleSBleHRlbmRzIENvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBzY29wZTogc3RyaW5nO1xuXG4gIHByaXZhdGUgcmVhZG9ubHkga2V5OiBrbXMuSUtleTtcbiAgcHJpdmF0ZSByZWFkb25seSBzZWNyZXQ6IE9wZW5QR1BLZXlQYWlyO1xuXG4gIGNvbnN0cnVjdG9yKHBhcmVudDogQ29uc3RydWN0LCBuYW1lOiBzdHJpbmcsIHByb3BzOiBTaWduaW5nS2V5UHJvcHMpIHtcbiAgICBzdXBlcihwYXJlbnQsIG5hbWUpO1xuXG4gICAgdGhpcy5zY29wZSA9IHByb3BzLnNlY3JldE5hbWUgfHwgdGhpcy5ub2RlLmFkZHI7XG4gICAgY29uc3Qgc2VjcmV0TmFtZSA9IGAke3RoaXMuc2NvcGV9L1NpZ25pbmdLZXlgO1xuXG4gICAgdGhpcy5rZXkgPSBuZXcga21zLktleSh0aGlzLCAnS2V5Jywge1xuICAgICAgZGVzY3JpcHRpb246IGBFbmNyeXB0aW9uIGtleSBmb3IgUEdQIHNlY3JldCAke3NlY3JldE5hbWV9YCxcbiAgICB9KTtcblxuICAgIC8vIFRoZSBrZXkgaGFzIGFuIGFsaWFzIGZvciBkZXNjcmlwdGl2ZSBwdXJwb3NlcywgYnV0IHRoZSBhbGlhcyBpcyBub3QgdXNlZFxuICAgIHRoaXMua2V5LmFkZEFsaWFzKGBhbGlhcy8ke3NlY3JldE5hbWV9S2V5YCk7XG5cbiAgICB0aGlzLnNlY3JldCA9IG5ldyBPcGVuUEdQS2V5UGFpcih0aGlzLCAnU2VjcmV0Jywge1xuICAgICAgaWRlbnRpdHk6IHByb3BzLmlkZW50aXR5LFxuICAgICAgZW1haWw6IHByb3BzLmVtYWlsLFxuICAgICAga2V5U2l6ZUJpdHM6IDQwOTYsXG4gICAgICBleHBpcnk6ICc0eScsXG4gICAgICBzZWNyZXROYW1lLFxuICAgICAgcHViS2V5UGFyYW1ldGVyTmFtZTogYC8ke3NlY3JldE5hbWV9LnB1YmAsXG4gICAgICBlbmNyeXB0aW9uS2V5OiB0aGlzLmtleSxcbiAgICAgIHZlcnNpb246IDEsXG4gICAgfSk7XG4gIH1cblxuICBwdWJsaWMgZ3JhbnRSZWFkKGlkZW50aXR5OiBpYW0uSVByaW5jaXBhbCkge1xuICAgIHJldHVybiB0aGlzLnNlY3JldC5ncmFudFJlYWQoaWRlbnRpdHkpO1xuICB9XG59XG4iXX0=