UNPKG

raindancers-network

Version:

Extensions to the ec2.Vpc Constructs

github.com/raindancers/raindancers-network.raindancers-cdk

raindancers/raindancers-network.raindancers-cdk

78 lines 10.3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
"use strict"; var _a, _b; Object.defineProperty(exports, "__esModule", { value: true }); exports.CentralAccountAssnRole = exports.EnterpriseZone = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const cdk = require("aws-cdk-lib"); const constructs = require("constructs"); const zonehelpers = require("./enterpriseZonehelpers"); /** * create forwarding rules and associate them with a vpc. */ class EnterpriseZone extends constructs.Construct { constructor(scope, id, props) { super(scope, id); new cdk.CfnOutput(this, 'domain', { value: props.enterpriseDomainName }); // create a private zone. this.privateZone = new aws_cdk_lib_1.aws_route53.PrivateHostedZone(this, 'privatezone', { zoneName: props.enterpriseDomainName, vpc: props.localVpc, }); if (props.hubVpcs) { props.hubVpcs.forEach((hubVpc) => { // this is this a central crossaccount assocaition. if (hubVpc.crossAccount) { // TODO assocaite centrally // this is a self account association } else { new zonehelpers.EnterpriseZoneHelpers(this, `${hubVpc.region}`, { zoneId: this.privateZone.hostedZoneId, region: hubVpc.region, searchTag: hubVpc.vpcSearchTag ?? new cdk.Tag('centralVPCSearchTag', 'RegionalDNSHub'), }); } }); } } } exports.EnterpriseZone = EnterpriseZone; _a = JSII_RTTI_SYMBOL_1; EnterpriseZone[_a] = { fqn: "raindancers-network.dns.EnterpriseZone", version: "1.29.3" }; class CentralAccountAssnRole extends constructs.Construct { constructor(scope, id, props) { super(scope, id); // no org has been supplied. Restrict the org to this account var assumedBy; if (!(props.orgId)) { assumedBy = new aws_cdk_lib_1.aws_iam.AccountPrincipal(cdk.Aws.ACCOUNT_ID); } else { assumedBy = new aws_cdk_lib_1.aws_iam.OrganizationPrincipal(props.orgId); } this.assnRole = new aws_cdk_lib_1.aws_iam.Role(this, 'r53assnrole', { assumedBy: assumedBy, description: 'Role is assumed by lambdas in accounts to associate their zone', roleName: (props.roleName ?? 'r53assnRole'), externalIds: ['R53Assn'], }); // add permissions this.assnRole.addToPolicy(new aws_cdk_lib_1.aws_iam.PolicyStatement({ effect: aws_cdk_lib_1.aws_iam.Effect.ALLOW, actions: [ 'route53:DisassociateVPCFromHostedZone', 'route53:AssociateVPCWithHostedZone', 'ec2:DescribeVpcs', ], resources: ['*'], })); new cdk.CfnOutput(this, 'R53RouteAssnRole', { value: this.assnRole.roleArn, }); } } exports.CentralAccountAssnRole = CentralAccountAssnRole; _b = JSII_RTTI_SYMBOL_1; CentralAccountAssnRole[_b] = { fqn: "raindancers-network.dns.CentralAccountAssnRole", version: "1.29.3" }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZW50ZXJwcmlzZVpvbmUuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZG5zL2VudGVycHJpc2Vab25lLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQ0EsNkNBSXFCO0FBRXJCLG1DQUFtQztBQUNuQyx5Q0FBeUM7QUFDekMsdURBQXVEO0FBc0J2RDs7R0FFRztBQUNILE1BQWEsY0FBZSxTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBR3RELFlBQVksS0FBMkIsRUFBRSxFQUFVLEVBQUUsS0FBMEI7UUFDN0UsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVqQixJQUFJLEdBQUcsQ0FBQyxTQUFTLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRSxFQUFFLEtBQUssRUFBRSxLQUFLLENBQUMsb0JBQW9CLEVBQUUsQ0FBQyxDQUFDO1FBRXpFLHlCQUF5QjtRQUN6QixJQUFJLENBQUMsV0FBVyxHQUFHLElBQUkseUJBQUcsQ0FBQyxpQkFBaUIsQ0FBQyxJQUFJLEVBQUUsYUFBYSxFQUFFO1lBQ2hFLFFBQVEsRUFBRSxLQUFLLENBQUMsb0JBQW9CO1lBQ3BDLEdBQUcsRUFBRSxLQUFLLENBQUMsUUFBUTtTQUNwQixDQUFDLENBQUM7UUFFSCxJQUFLLEtBQUssQ0FBQyxPQUFPLEVBQUc7WUFHbkIsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRTtnQkFDL0IsbURBQW1EO2dCQUNuRCxJQUFJLE1BQU0sQ0FBQyxZQUFZLEVBQUU7b0JBQ3ZCLDJCQUEyQjtvQkFFM0IscUNBQXFDO2lCQUN0QztxQkFBTTtvQkFDTCxJQUFJLFdBQVcsQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLEVBQUUsR0FBRyxNQUFNLENBQUMsTUFBTSxFQUFFLEVBQUU7d0JBQzlELE1BQU0sRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLFlBQVk7d0JBQ3JDLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTTt3QkFDckIsU0FBUyxFQUFFLE1BQU0sQ0FBQyxZQUFZLElBQUksSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLHFCQUFxQixFQUFFLGdCQUFnQixDQUFDO3FCQUN2RixDQUFDLENBQUM7aUJBQ0o7WUFDSCxDQUFDLENBQUMsQ0FBQztTQUNKO0lBQ0gsQ0FBQzs7QUFoQ0gsd0NBaUNDOzs7QUFRRCxNQUFhLHNCQUF1QixTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBSTlELFlBQVksS0FBMkIsRUFBRSxFQUFVLEVBQUUsS0FBa0M7UUFDdEYsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVoQiw2REFBNkQ7UUFFN0QsSUFBSSxTQUF5QixDQUFDO1FBRTlCLElBQUksQ0FBQyxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtZQUNsQixTQUFTLEdBQUcsSUFBSSxxQkFBRyxDQUFDLGdCQUFnQixDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsVUFBVSxDQUFDLENBQUM7U0FDMUQ7YUFBTTtZQUNMLFNBQVMsR0FBRyxJQUFJLHFCQUFHLENBQUMscUJBQXFCLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDO1NBQ3hEO1FBRUQsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLHFCQUFHLENBQUMsSUFBSSxDQUFDLElBQUksRUFBRSxhQUFhLEVBQUU7WUFDaEQsU0FBUyxFQUFFLFNBQVM7WUFDcEIsV0FBVyxFQUFFLGdFQUFnRTtZQUM3RSxRQUFRLEVBQUUsQ0FBRSxLQUFLLENBQUMsUUFBUSxJQUFJLGFBQWEsQ0FBRTtZQUM3QyxXQUFXLEVBQUUsQ0FBQyxTQUFTLENBQUM7U0FDekIsQ0FBQyxDQUFDO1FBR0gsa0JBQWtCO1FBQ2xCLElBQUksQ0FBQyxRQUFRLENBQUMsV0FBVyxDQUN2QixJQUFJLHFCQUFHLENBQUMsZUFBZSxDQUFDO1lBQ3RCLE1BQU0sRUFBRSxxQkFBRyxDQUFDLE1BQU0sQ0FBQyxLQUFLO1lBQ3hCLE9BQU8sRUFBRTtnQkFDUCx1Q0FBdUM7Z0JBQ3ZDLG9DQUFvQztnQkFDcEMsa0JBQWtCO2FBQ25CO1lBQ0QsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO1NBQ2pCLENBQUMsQ0FDSCxDQUFDO1FBRUYsSUFBSSxHQUFHLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRSxrQkFBa0IsRUFBRTtZQUMxQyxLQUFLLEVBQUUsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPO1NBQzdCLENBQUMsQ0FBQztJQUVMLENBQUM7O0FBMUNILHdEQTRDQyIsInNvdXJjZXNDb250ZW50IjpbIlxuaW1wb3J0IHtcbiAgYXdzX3JvdXRlNTMgYXMgcjUzLFxuICBhd3NfZWMyIGFzIGVjMixcbiAgYXdzX2lhbSBhcyBpYW0sXG59IGZyb20gJ2F3cy1jZGstbGliJztcblxuaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIGNvbnN0cnVjdHMgZnJvbSAnY29uc3RydWN0cyc7XG5pbXBvcnQgKiBhcyB6b25laGVscGVycyBmcm9tICcuL2VudGVycHJpc2Vab25laGVscGVycyc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ3Jvc3NBY2NvdW50UHJvcHMge1xuICByZWFkb25seSBhY2NvdW50SWQ6IHN0cmluZztcbiAgcmVhZG9ubHkgcm9sZU5hbWU/OiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgSHViVnBjIHtcbiAgLyoqXG4gICAqIHdoYXQgcmVnaW9uIGlzIHRoZSBjZW50cmFsIGFjY291bnQgaW4uXG4gICAqL1xuICByZWFkb25seSByZWdpb246IHN0cmluZztcbiAgcmVhZG9ubHkgdnBjU2VhcmNoVGFnPzogY2RrLlRhZyB8IHVuZGVmaW5lZDtcbiAgcmVhZG9ubHkgY3Jvc3NBY2NvdW50PzogQ3Jvc3NBY2NvdW50UHJvcHMgfCB1bmRlZmluZWQ7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgRW50ZXJwcmlzZVpvbmVQcm9wcyB7XG4gIHJlYWRvbmx5IGVudGVycHJpc2VEb21haW5OYW1lOiBzdHJpbmc7XG4gIHJlYWRvbmx5IGxvY2FsVnBjOiBlYzIuVnBjIHwgZWMyLklWcGM7XG4gIHJlYWRvbmx5IGh1YlZwY3M6IEh1YlZwY1tdIHwgdW5kZWZpbmVkO1xufVxuXG4vKipcbiAqIGNyZWF0ZSBmb3J3YXJkaW5nIHJ1bGVzIGFuZCBhc3NvY2lhdGUgdGhlbSB3aXRoIGEgdnBjLlxuICovXG5leHBvcnQgY2xhc3MgRW50ZXJwcmlzZVpvbmUgZXh0ZW5kcyBjb25zdHJ1Y3RzLkNvbnN0cnVjdCB7XG4gIHB1YmxpYyByZWFkb25seSBwcml2YXRlWm9uZTogcjUzLlByaXZhdGVIb3N0ZWRab25lO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IEVudGVycHJpc2Vab25lUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgbmV3IGNkay5DZm5PdXRwdXQodGhpcywgJ2RvbWFpbicsIHsgdmFsdWU6IHByb3BzLmVudGVycHJpc2VEb21haW5OYW1lIH0pO1xuXG4gICAgLy8gY3JlYXRlIGEgcHJpdmF0ZSB6b25lLlxuICAgIHRoaXMucHJpdmF0ZVpvbmUgPSBuZXcgcjUzLlByaXZhdGVIb3N0ZWRab25lKHRoaXMsICdwcml2YXRlem9uZScsIHtcbiAgICAgIHpvbmVOYW1lOiBwcm9wcy5lbnRlcnByaXNlRG9tYWluTmFtZSxcbiAgICAgIHZwYzogcHJvcHMubG9jYWxWcGMsXG4gICAgfSk7XG5cbiAgICBpZiAoIHByb3BzLmh1YlZwY3MgKSB7XG5cblxuICAgICAgcHJvcHMuaHViVnBjcy5mb3JFYWNoKChodWJWcGMpID0+IHtcbiAgICAgICAgLy8gdGhpcyBpcyB0aGlzIGEgY2VudHJhbCBjcm9zc2FjY291bnQgYXNzb2NhaXRpb24uXG4gICAgICAgIGlmIChodWJWcGMuY3Jvc3NBY2NvdW50KSB7XG4gICAgICAgICAgLy8gVE9ETyBhc3NvY2FpdGUgY2VudHJhbGx5XG5cbiAgICAgICAgICAvLyB0aGlzIGlzIGEgc2VsZiBhY2NvdW50IGFzc29jaWF0aW9uXG4gICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgbmV3IHpvbmVoZWxwZXJzLkVudGVycHJpc2Vab25lSGVscGVycyh0aGlzLCBgJHtodWJWcGMucmVnaW9ufWAsIHtcbiAgICAgICAgICAgIHpvbmVJZDogdGhpcy5wcml2YXRlWm9uZS5ob3N0ZWRab25lSWQsXG4gICAgICAgICAgICByZWdpb246IGh1YlZwYy5yZWdpb24sXG4gICAgICAgICAgICBzZWFyY2hUYWc6IGh1YlZwYy52cGNTZWFyY2hUYWcgPz8gbmV3IGNkay5UYWcoJ2NlbnRyYWxWUENTZWFyY2hUYWcnLCAnUmVnaW9uYWxETlNIdWInKSxcbiAgICAgICAgICB9KTtcbiAgICAgICAgfVxuICAgICAgfSk7XG4gICAgfVxuICB9XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ2VudHJhbEFjY291bnRBc3NuUm9sZVByb3BzIHtcbiAgcmVhZG9ubHkgdnBjOiBlYzIuVnBjIHwgZWMyLklWcGM7XG4gIHJlYWRvbmx5IG9yZ0lkOiBzdHJpbmc7XG4gIHJlYWRvbmx5IHJvbGVOYW1lPzogc3RyaW5nIHwgdW5kZWZpbmVkO1xufVxuXG5leHBvcnQgY2xhc3MgQ2VudHJhbEFjY291bnRBc3NuUm9sZSBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcblxuICBwdWJsaWMgcmVhZG9ubHkgYXNzblJvbGU6IGlhbS5Sb2xlO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IENlbnRyYWxBY2NvdW50QXNzblJvbGVQcm9wcykge1xuXHQgIHN1cGVyKHNjb3BlLCBpZCk7XG5cbiAgICAvLyBubyBvcmcgaGFzIGJlZW4gc3VwcGxpZWQuIFJlc3RyaWN0IHRoZSBvcmcgdG8gdGhpcyBhY2NvdW50XG5cbiAgICB2YXIgYXNzdW1lZEJ5OiBpYW0uSVByaW5jaXBhbDtcblxuICAgIGlmICghKHByb3BzLm9yZ0lkKSkge1xuICAgICAgYXNzdW1lZEJ5ID0gbmV3IGlhbS5BY2NvdW50UHJpbmNpcGFsKGNkay5Bd3MuQUNDT1VOVF9JRCk7XG4gICAgfSBlbHNlIHtcbiAgICAgIGFzc3VtZWRCeSA9IG5ldyBpYW0uT3JnYW5pemF0aW9uUHJpbmNpcGFsKHByb3BzLm9yZ0lkKTtcbiAgICB9XG5cbiAgICB0aGlzLmFzc25Sb2xlID0gbmV3IGlhbS5Sb2xlKHRoaXMsICdyNTNhc3Nucm9sZScsIHtcbiAgICAgIGFzc3VtZWRCeTogYXNzdW1lZEJ5LFxuICAgICAgZGVzY3JpcHRpb246ICdSb2xlIGlzIGFzc3VtZWQgYnkgbGFtYmRhcyBpbiBhY2NvdW50cyB0byBhc3NvY2lhdGUgdGhlaXIgem9uZScsXG4gICAgICByb2xlTmFtZTogKCBwcm9wcy5yb2xlTmFtZSA/PyAncjUzYXNzblJvbGUnICksXG4gICAgICBleHRlcm5hbElkczogWydSNTNBc3NuJ10sXG4gICAgfSk7XG5cblxuICAgIC8vIGFkZCBwZXJtaXNzaW9uc1xuICAgIHRoaXMuYXNzblJvbGUuYWRkVG9Qb2xpY3koXG4gICAgICBuZXcgaWFtLlBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIGVmZmVjdDogaWFtLkVmZmVjdC5BTExPVyxcbiAgICAgICAgYWN0aW9uczogW1xuICAgICAgICAgICdyb3V0ZTUzOkRpc2Fzc29jaWF0ZVZQQ0Zyb21Ib3N0ZWRab25lJyxcbiAgICAgICAgICAncm91dGU1MzpBc3NvY2lhdGVWUENXaXRoSG9zdGVkWm9uZScsXG4gICAgICAgICAgJ2VjMjpEZXNjcmliZVZwY3MnLFxuICAgICAgICBdLFxuICAgICAgICByZXNvdXJjZXM6IFsnKiddLFxuICAgICAgfSksXG4gICAgKTtcblxuICAgIG5ldyBjZGsuQ2ZuT3V0cHV0KHRoaXMsICdSNTNSb3V0ZUFzc25Sb2xlJywge1xuICAgICAgdmFsdWU6IHRoaXMuYXNzblJvbGUucm9sZUFybixcbiAgICB9KTtcblxuICB9XG5cbn1cbiJdfQ==