daniel/agent-claw
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

agent-claw: automated task changes

Browse Source
This commit is contained in:
daniel
2026-05-06 18:55:16 -05:00
parent 38905bb1e9
commit 732b00fb66
8494 changed files with 2018127 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/.jsiirc.json generated vendored Normal file
View File

@@ -0,0 +1,13 @@
{
"targets": {
"java": {
"package": "software.amazon.awscdk.services.certificatemanager"
},
"dotnet": {
"namespace": "Amazon.CDK.AWS.CertificateManager"
},
"python": {
"module": "aws_cdk.aws_certificatemanager"
}
}
}

225
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/README.md generated vendored Normal file
View File

@@ -0,0 +1,225 @@
# AWS Certificate Manager Construct Library
AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that
protect your AWS websites and applications. ACM certificates can secure singular domain names, multiple specific domain names, wildcard domains, or
combinations of these. ACM wildcard certificates can protect an unlimited number of subdomains.
This package provides Constructs for provisioning and referencing ACM certificates which can be used with CloudFront and ELB.
After requesting a certificate, you will need to prove that you own the
domain in question before the certificate will be granted. The CloudFormation
deployment will wait until this verification process has been completed.
Because of this wait time, when using manual validation methods, it's better
to provision your certificates either in a separate stack from your main
service, or provision them manually and import them into your CDK application.
**Note:** There is a limit on total number of ACM certificates that can be requested on an account and region within a year.
The default limit is 2000, but this limit may be (much) lower on new AWS accounts.
See https://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html for more information.
## DNS validation
DNS validation is the preferred method to validate domain ownership, as it has a number of advantages over email validation.
See also [Validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html)
in the AWS Certificate Manager User Guide.
If Amazon Route 53 is your DNS provider for the requested domain, the DNS record can be
created automatically:
```ts
const myHostedZone = new route53.HostedZone(this, 'HostedZone', {
zoneName: 'example.com',
});
new acm.Certificate(this, 'Certificate', {
domainName: 'hello.example.com',
certificateName: 'Hello World Service', // Optionally provide an certificate name
validation: acm.CertificateValidation.fromDns(myHostedZone),
});
```
If Route 53 is not your DNS provider, the DNS records must be added manually and the stack will not complete
creating until the records are added.
```ts
new acm.Certificate(this, 'Certificate', {
domainName: 'hello.example.com',
validation: acm.CertificateValidation.fromDns(), // Records must be added manually
});
```
When working with multiple domains, use the `CertificateValidation.fromDnsMultiZone()`:
```ts
const exampleCom = new route53.HostedZone(this, 'ExampleCom', {
zoneName: 'example.com',
});
const exampleNet = new route53.HostedZone(this, 'ExampleNet', {
zoneName: 'example.net',
});
const cert = new acm.Certificate(this, 'Certificate', {
domainName: 'test.example.com',
subjectAlternativeNames: ['cool.example.com', 'test.example.net'],
validation: acm.CertificateValidation.fromDnsMultiZone({
'test.example.com': exampleCom,
'cool.example.com': exampleCom,
'test.example.net': exampleNet,
}),
});
```
## Email validation
Email-validated certificates (the default) are validated by receiving an
email on one of a number of predefined domains and following the instructions
in the email.
See [Validate with Email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html)
in the AWS Certificate Manager User Guide.
```ts
new acm.Certificate(this, 'Certificate', {
domainName: 'hello.example.com',
validation: acm.CertificateValidation.fromEmail(), // Optional, this is the default
});
```
## Cross-region Certificates
ACM certificates that are used with CloudFront -- or higher-level constructs which rely on CloudFront -- must be in the `us-east-1` region.
CloudFormation allows you to create a Stack with a CloudFront distribution in any region. In order
to create an ACM certificate in us-east-1 and reference it in a CloudFront distribution is a
different region, it is recommended to perform a multi stack deployment.
Enable the Stack property `crossRegionReferences`
in order to access the cross stack/region certificate.
> **This feature is currently experimental**
```ts
import { aws_cloudfront as cloudfront, aws_cloudfront_origins as origins } from 'aws-cdk-lib';
declare const app: App;
const stack1 = new Stack(app, 'Stack1', {
env: {
region: 'us-east-1',
},
crossRegionReferences: true,
});
const cert = new acm.Certificate(stack1, 'Cert', {
domainName: '*.example.com',
validation: acm.CertificateValidation.fromDns(PublicHostedZone.fromHostedZoneId(stack1, 'Zone', 'ZONE_ID')),
});
const stack2 = new Stack(app, 'Stack2', {
env: {
region: 'us-east-2',
},
crossRegionReferences: true,
});
new cloudfront.Distribution(stack2, 'Distribution', {
defaultBehavior: {
origin: new origins.HttpOrigin('example.com'),
},
domainNames: ['dev.example.com'],
certificate: cert,
});
```
## Requesting private certificates
AWS Certificate Manager can create [private certificates](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html) issued by [Private Certificate Authority (PCA)](https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html). Validation of private certificates is not necessary.
```ts
import * as acmpca from 'aws-cdk-lib/aws-acmpca';
new acm.PrivateCertificate(this, 'PrivateCertificate', {
domainName: 'test.example.com',
subjectAlternativeNames: ['cool.example.com', 'test.example.net'], // optional
certificateAuthority: acmpca.CertificateAuthority.fromCertificateAuthorityArn(this, 'CA',
'arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/023077d8-2bfa-4eb0-8f22-05c96deade77'),
keyAlgorithm: acm.KeyAlgorithm.RSA_2048, // optional, default algorithm is RSA_2048
});
```
## Requesting public SSL/TLS certificates exportable to use anywhere
AWS Certificate Manager can issue an exportable public certificate. There is a charge at certificate issuance and again when the certificate renews. See [opting out of certificate transparency logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-exportable-certificates.html) for details.
```ts
new acm.Certificate(this, 'Certificate', {
domainName: 'test.example.com',
allowExport: true,
});
```
## Requesting certificates without transparency logging
Transparency logging can be opted out of for AWS Certificate Manager certificates. See [opting out of certificate transparency logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency) for limits.
```ts
new acm.Certificate(this, 'Certificate', {
domainName: 'test.example.com',
transparencyLoggingEnabled: false,
});
```
## Key Algorithms
To specify the algorithm of the public and private key pair that your certificate uses to encrypt data use the `keyAlgorithm` property.
Algorithms supported for an ACM certificate request include:
* `RSA_2048`
* `EC_prime256v1`
* `EC_secp384r1`
```ts
new acm.Certificate(this, 'Certificate', {
domainName: 'test.example.com',
keyAlgorithm: acm.KeyAlgorithm.EC_PRIME256V1,
});
```
> Visit [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms.title) for more details.
## Importing
If you want to import an existing certificate, you can do so from its ARN:
```ts
const arn = 'arn:aws:...';
const certificate = acm.Certificate.fromCertificateArn(this, 'Certificate', arn);
```
## Sharing between Stacks
To share the certificate between stacks in the same CDK application, simply
pass the `Certificate` object between the stacks.
## Metrics
The `DaysToExpiry` metric is available via the `metricDaysToExpiry` method for
all certificates. This metric is emitted by AWS Certificates Manager once per
day until the certificate has effectively expired.
An alarm can be created to determine whether a certificate is soon due for
renewal using the following code:
```ts
import * as cloudwatch from 'aws-cdk-lib/aws-cloudwatch';
declare const myHostedZone: route53.HostedZone;
const certificate = new acm.Certificate(this, 'Certificate', {
domainName: 'hello.example.com',
validation: acm.CertificateValidation.fromDns(myHostedZone),
});
certificate.metricDaysToExpiry().createAlarm(this, 'Alarm', {
comparisonOperator: cloudwatch.ComparisonOperator.LESS_THAN_THRESHOLD,
evaluationPeriods: 1,
threshold: 45, // Automatic rotation happens between 60 and 45 days before expiry
});
```

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1 @@
export * from './lib';

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/index.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.KeyAlgorithm=void 0,Object.defineProperty(exports,_noFold="KeyAlgorithm",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").KeyAlgorithm;return Object.defineProperty(exports,_noFold="KeyAlgorithm",{enumerable:!0,configurable:!0,value}),value}}),exports.CertificateValidation=void 0,Object.defineProperty(exports,_noFold="CertificateValidation",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").CertificateValidation;return Object.defineProperty(exports,_noFold="CertificateValidation",{enumerable:!0,configurable:!0,value}),value}}),exports.Certificate=void 0,Object.defineProperty(exports,_noFold="Certificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").Certificate;return Object.defineProperty(exports,_noFold="Certificate",{enumerable:!0,configurable:!0,value}),value}}),exports.ValidationMethod=void 0,Object.defineProperty(exports,_noFold="ValidationMethod",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").ValidationMethod;return Object.defineProperty(exports,_noFold="ValidationMethod",{enumerable:!0,configurable:!0,value}),value}}),exports.DnsValidatedCertificate=void 0,Object.defineProperty(exports,_noFold="DnsValidatedCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").DnsValidatedCertificate;return Object.defineProperty(exports,_noFold="DnsValidatedCertificate",{enumerable:!0,configurable:!0,value}),value}}),exports.PrivateCertificate=void 0,Object.defineProperty(exports,_noFold="PrivateCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").PrivateCertificate;return Object.defineProperty(exports,_noFold="PrivateCertificate",{enumerable:!0,configurable:!0,value}),value}}),exports.apexDomain=void 0,Object.defineProperty(exports,_noFold="apexDomain",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").apexDomain;return Object.defineProperty(exports,_noFold="apexDomain",{enumerable:!0,configurable:!0,value}),value}}),exports.isDnsValidatedCertificate=void 0,Object.defineProperty(exports,_noFold="isDnsValidatedCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").isDnsValidatedCertificate;return Object.defineProperty(exports,_noFold="isDnsValidatedCertificate",{enumerable:!0,configurable:!0,value}),value}}),exports.getCertificateRegion=void 0,Object.defineProperty(exports,_noFold="getCertificateRegion",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").getCertificateRegion;return Object.defineProperty(exports,_noFold="getCertificateRegion",{enumerable:!0,configurable:!0,value}),value}}),exports.CfnAccount=void 0,Object.defineProperty(exports,_noFold="CfnAccount",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").CfnAccount;return Object.defineProperty(exports,_noFold="CfnAccount",{enumerable:!0,configurable:!0,value}),value}}),exports.CfnCertificate=void 0,Object.defineProperty(exports,_noFold="CfnCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./lib").CfnCertificate;return Object.defineProperty(exports,_noFold="CfnCertificate",{enumerable:!0,configurable:!0,value}),value}});

20
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/certificate-base.d.ts generated vendored Normal file
View File

@@ -0,0 +1,20 @@
import type { ICertificate } from './certificate';
import * as cloudwatch from '../../aws-cloudwatch';
import { Resource } from '../../core';
import type { CertificateReference } from '../../interfaces/generated/aws-certificatemanager-interfaces.generated';
/**
* Shared implementation details of ICertificate implementations.
*
* @internal
*/
export declare abstract class CertificateBase extends Resource implements ICertificate {
abstract readonly certificateArn: string;
/**
* If the certificate is provisionned in a different region than the
* containing stack, this should be the region in which the certificate lives
* so we can correctly create `Metric` instances.
*/
protected readonly region?: string;
get certificateRef(): CertificateReference;
metricDaysToExpiry(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
}

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/certificate-base.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.CertificateBase=void 0;var cloudwatch=()=>{var tmp=require("../../aws-cloudwatch");return cloudwatch=()=>tmp,tmp},aws_cloudwatch_1=()=>{var tmp=require("../../aws-cloudwatch");return aws_cloudwatch_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp};class CertificateBase extends core_1().Resource{region;get certificateRef(){return{certificateId:this.certificateArn}}metricDaysToExpiry(props){return new(cloudwatch()).Metric({period:core_1().Duration.days(1),...props,dimensionsMap:{CertificateArn:this.certificateArn},metricName:"DaysToExpiry",namespace:"AWS/CertificateManager",region:this.region,statistic:aws_cloudwatch_1().Stats.MINIMUM})}}exports.CertificateBase=CertificateBase;

259
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/certificate.d.ts generated vendored Normal file
View File

@@ -0,0 +1,259 @@
import type { Construct } from 'constructs';
import { CertificateBase } from './certificate-base';
import type * as cloudwatch from '../../aws-cloudwatch';
import type * as route53 from '../../aws-route53';
import type { IResource } from '../../core';
import type { ICertificateRef } from '../../interfaces/generated/aws-certificatemanager-interfaces.generated';
/**
* Represents a certificate in AWS Certificate Manager
*/
export interface ICertificate extends IResource, ICertificateRef {
/**
* The certificate's ARN
*
* @attribute
*/
readonly certificateArn: string;
/**
* Return the DaysToExpiry metric for this AWS Certificate Manager
* Certificate. By default, this is the minimum value over 1 day.
*
* This metric is no longer emitted once the certificate has effectively
* expired, so alarms configured on this metric should probably treat missing
* data as "breaching".
*/
metricDaysToExpiry(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
}
/**
* Properties for your certificate
*/
export interface CertificateProps {
/**
* Fully-qualified domain name to request a certificate for.
*
* May contain wildcards, such as ``*.domain.com``.
*/
readonly domainName: string;
/**
* Alternative domain names on your certificate.
*
* Use this to register alternative domain names that represent the same site.
*
* @default - No additional FQDNs will be included as alternative domain names.
*/
readonly subjectAlternativeNames?: string[];
/**
* How to validate this certificate
*
* @default CertificateValidation.fromEmail()
*/
readonly validation?: CertificateValidation;
/**
* Enable or disable export of this certificate.
*
* If you issue an exportable public certificate, there is a charge at certificate issuance and again when the certificate renews.
* Ref: https://aws.amazon.com/certificate-manager/pricing
*
* @default false
*/
readonly allowExport?: boolean;
/**
* Enable or disable transparency logging for this certificate
*
* Once a certificate has been logged, it cannot be removed from the log.
* Opting out at that point will have no effect. If you opt out of logging
* when you request a certificate and then choose later to opt back in,
* your certificate will not be logged until it is renewed.
* If you want the certificate to be logged immediately, we recommend that you issue a new one.
*
* @see https://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency
*
* @default true
*/
readonly transparencyLoggingEnabled?: boolean;
/**
* The Certificate name.
*
* Since the Certificate resource doesn't support providing a physical name, the value provided here will be recorded in the `Name` tag
*
* @default the full, absolute path of this construct
*/
readonly certificateName?: string;
/**
* Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
*
* @see https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms.title
*
* @default KeyAlgorithm.RSA_2048
*/
readonly keyAlgorithm?: KeyAlgorithm;
}
/**
* Certificate Manager key algorithm
*
* If you need to use an algorithm that doesn't exist as a static member, you
* can instantiate a `KeyAlgorithm` object, e.g: `new KeyAlgorithm('RSA_2048')`.
*
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-keyalgorithm
*/
export declare class KeyAlgorithm {
/**
* The name of the algorithm
*/
readonly name: string;
/**
* RSA_2048 algorithm
*/
static readonly RSA_2048: KeyAlgorithm;
/**
* EC_prime256v1 algorithm
*/
static readonly EC_PRIME256V1: KeyAlgorithm;
/**
* EC_secp384r1 algorithm
*/
static readonly EC_SECP384R1: KeyAlgorithm;
/**
* EC_secp521r1 algorithm
*/
static readonly EC_SECP521R1: KeyAlgorithm;
/**
* RSA_4096 algorithm
*/
static readonly RSA_4096: KeyAlgorithm;
/**
* RSA_3072 algorithm
*/
static readonly RSA_3072: KeyAlgorithm;
/**
* RSA_1024 algorithm
*/
static readonly RSA_1024: KeyAlgorithm;
constructor(
/**
* The name of the algorithm
*/
name: string);
}
/**
* Properties for certificate validation
*/
export interface CertificationValidationProps {
/**
* Validation method
*
* @default ValidationMethod.EMAIL
*/
readonly method?: ValidationMethod;
/**
* Hosted zone to use for DNS validation
*
* @default - use email validation
*/
readonly hostedZone?: route53.IHostedZone;
/**
* A map of hosted zones to use for DNS validation
*
* @default - use `hostedZone`
*/
readonly hostedZones?: {
[domainName: string]: route53.IHostedZone;
};
/**
* Validation domains to use for email validation
*
* @default - Apex domain
*/
readonly validationDomains?: {
[domainName: string]: string;
};
}
/**
* How to validate a certificate
*/
export declare class CertificateValidation {
readonly props: CertificationValidationProps;
/**
* Validate the certificate with DNS
*
* IMPORTANT: If `hostedZone` is not specified, DNS records must be added
* manually and the stack will not complete creating until the records are
* added.
*
* @param hostedZone the hosted zone where DNS records must be created
*/
static fromDns(hostedZone?: route53.IHostedZone): CertificateValidation;
/**
* Validate the certificate with automatically created DNS records in multiple
* Amazon Route 53 hosted zones.
*
* @param hostedZones a map of hosted zones where DNS records must be created
* for the domains in the certificate
*/
static fromDnsMultiZone(hostedZones: {
[domainName: string]: route53.IHostedZone;
}): CertificateValidation;
/**
* Validate the certificate with Email
*
* IMPORTANT: if you are creating a certificate as part of your stack, the stack
* will not complete creating until you read and follow the instructions in the
* email that you will receive.
*
* ACM will send validation emails to the following addresses:
*
* admin@domain.com
* administrator@domain.com
* hostmaster@domain.com
* postmaster@domain.com
* webmaster@domain.com
*
* For every domain that you register.
*
* @param validationDomains a map of validation domains to use for domains in the certificate
*/
static fromEmail(validationDomains?: {
[domainName: string]: string;
}): CertificateValidation;
/**
* The validation method
*/
readonly method: ValidationMethod;
/** @param props Certification validation properties */
private constructor();
}
/**
* A certificate managed by AWS Certificate Manager
*/
export declare class Certificate extends CertificateBase implements ICertificate {
/**
* Uniquely identifies this class.
*/
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import a certificate
*/
static fromCertificateArn(scope: Construct, id: string, certificateArn: string): ICertificate;
/**
* The certificate's ARN
*/
readonly certificateArn: string;
constructor(scope: Construct, id: string, props: CertificateProps);
}
/**
* Method used to assert ownership of the domain
*/
export declare enum ValidationMethod {
/**
* Send email to a number of email addresses associated with the domain
*
* @see https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
*/
EMAIL = "EMAIL",
/**
* Validate ownership by adding appropriate DNS records
*
* @see https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
*/
DNS = "DNS"
}

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/certificate.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

423
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/certificatemanager.generated.d.ts generated vendored Normal file
View File

@@ -0,0 +1,423 @@
import * as cdk from "../../core/lib";
import * as constructs from "constructs";
import * as cfn_parse from "../../core/lib/helpers-internal";
import { AccountReference, CertificateReference, IAccountRef, ICertificateRef } from "../../interfaces/generated/aws-certificatemanager-interfaces.generated";
/**
* The `AWS::CertificateManager::Account` resource defines the expiry event configuration that determines the number of days prior to expiry when ACM starts generating EventBridge events.
*
* @cloudformationResource AWS::CertificateManager::Account
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-account.html
*/
export declare class CfnAccount extends cdk.CfnResource implements cdk.IInspectable, IAccountRef {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnAccount from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnAccount;
/**
* Checks whether the given object is a CfnAccount
*/
static isCfnAccount(x: any): x is CfnAccount;
/**
* Object containing expiration events options associated with an AWS account .
*/
private _expiryEventsConfiguration;
protected readonly cfnPropertyNames: Record<string, string>;
/**
* Create a new `AWS::CertificateManager::Account`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnAccountProps);
get accountRef(): AccountReference;
/**
* Object containing expiration events options associated with an AWS account .
*/
get expiryEventsConfiguration(): CfnAccount.ExpiryEventsConfigurationProperty | cdk.IResolvable;
/**
* Object containing expiration events options associated with an AWS account .
*/
set expiryEventsConfiguration(value: CfnAccount.ExpiryEventsConfigurationProperty | cdk.IResolvable);
/**
* ID of the AWS account that owns the certificate.
*
* @cloudformationAttribute AccountId
*/
get attrAccountId(): string;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
export declare namespace CfnAccount {
/**
* Object containing expiration events options associated with an AWS account .
*
* For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-account-expiryeventsconfiguration.html
*/
interface ExpiryEventsConfigurationProperty {
/**
* This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events.
*
* ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-account-expiryeventsconfiguration.html#cfn-certificatemanager-account-expiryeventsconfiguration-daysbeforeexpiry
*/
readonly daysBeforeExpiry?: number;
}
}
/**
* Properties for defining a `CfnAccount`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-account.html
*/
export interface CfnAccountProps {
/**
* Object containing expiration events options associated with an AWS account .
*
* For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-account.html#cfn-certificatemanager-account-expiryeventsconfiguration
*/
readonly expiryEventsConfiguration: CfnAccount.ExpiryEventsConfigurationProperty | cdk.IResolvable;
}
/**
* The `AWS::CertificateManager::Certificate` resource requests an Certificate Manager ( ACM ) certificate that you can use to enable secure connections.
*
* For example, you can deploy an ACM certificate to an Elastic Load Balancer to enable HTTPS support. For more information, see [RequestCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html) in the Certificate Manager API Reference.
*
* > When you use the `AWS::CertificateManager::Certificate` resource in a CloudFormation stack, domain validation is handled automatically if all three of the following are true: The certificate domain is hosted in Amazon Route 53, the domain resides in your AWS account , and you are using DNS validation.
* >
* > However, if the certificate uses email validation, or if the domain is not hosted in Route 53, then the stack will remain in the `CREATE_IN_PROGRESS` state. Further stack operations are delayed until you validate the certificate request, either by acting upon the instructions in the validation email, or by adding a CNAME record to your DNS configuration. For more information, see [Option 1: DNS Validation](https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html) and [Option 2: Email Validation](https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html) .
*
* @cloudformationResource AWS::CertificateManager::Certificate
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html
*/
export declare class CfnCertificate extends cdk.CfnResource implements cdk.IInspectable, ICertificateRef, cdk.ITaggable {
/**
* The CloudFormation resource type name for this resource class.
*/
static readonly CFN_RESOURCE_TYPE_NAME: string;
/**
* Build a CfnCertificate from CloudFormation properties
*
* A factory method that creates a new instance of this class from an object
* containing the CloudFormation properties of this resource.
* Used in the @aws-cdk/cloudformation-include module.
*
* @internal
*/
static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnCertificate;
/**
* Checks whether the given object is a CfnCertificate
*/
static isCfnCertificate(x: any): x is CfnCertificate;
/**
* Creates a new ICertificateRef from a certificateId
*/
static fromCertificateId(scope: constructs.Construct, id: string, certificateId: string): ICertificateRef;
static arnForCertificate(resource: ICertificateRef): string;
/**
* The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate.
*/
private _certificateAuthorityArn?;
/**
* You can opt out of allowing export of your certificate by specifying the `DISABLED` option.
*/
private _certificateExport?;
/**
* You can opt out of certificate transparency logging by specifying the `DISABLED` option.
*/
private _certificateTransparencyLoggingPreference?;
/**
* The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`.
*/
private _domainName;
/**
* Domain information that domain name registrars use to verify your identity.
*/
private _domainValidationOptions?;
/**
* Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
*/
private _keyAlgorithm?;
/**
* Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate.
*/
private _subjectAlternativeNames?;
/**
* Tag Manager which manages the tags for this resource
*/
readonly tags: cdk.TagManager;
/**
* Key-value pairs that can identify the certificate.
*/
private _tagsRaw?;
/**
* The method you want to use to validate that you own or control the domain associated with a public certificate.
*/
private _validationMethod?;
protected readonly cfnPropertyNames: Record<string, string>;
/**
* Create a new `AWS::CertificateManager::Certificate`.
*
* @param scope Scope in which this resource is defined
* @param id Construct identifier for this resource (unique in its scope)
* @param props Resource properties
*/
constructor(scope: constructs.Construct, id: string, props: CfnCertificateProps);
get certificateRef(): CertificateReference;
/**
* The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate.
*/
get certificateAuthorityArn(): string | undefined;
/**
* The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate.
*/
set certificateAuthorityArn(value: string | undefined);
/**
* You can opt out of allowing export of your certificate by specifying the `DISABLED` option.
*/
get certificateExport(): string | undefined;
/**
* You can opt out of allowing export of your certificate by specifying the `DISABLED` option.
*/
set certificateExport(value: string | undefined);
/**
* You can opt out of certificate transparency logging by specifying the `DISABLED` option.
*/
get certificateTransparencyLoggingPreference(): string | undefined;
/**
* You can opt out of certificate transparency logging by specifying the `DISABLED` option.
*/
set certificateTransparencyLoggingPreference(value: string | undefined);
/**
* The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`.
*/
get domainName(): string;
/**
* The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`.
*/
set domainName(value: string);
/**
* Domain information that domain name registrars use to verify your identity.
*/
get domainValidationOptions(): Array<CfnCertificate.DomainValidationOptionProperty | cdk.IResolvable> | cdk.IResolvable | undefined;
/**
* Domain information that domain name registrars use to verify your identity.
*/
set domainValidationOptions(value: Array<CfnCertificate.DomainValidationOptionProperty | cdk.IResolvable> | cdk.IResolvable | undefined);
/**
* Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
*/
get keyAlgorithm(): string | undefined;
/**
* Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
*/
set keyAlgorithm(value: string | undefined);
/**
* Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate.
*/
get subjectAlternativeNames(): Array<string> | undefined;
/**
* Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate.
*/
set subjectAlternativeNames(value: Array<string> | undefined);
/**
* Key-value pairs that can identify the certificate.
*/
get tagsRaw(): Array<cdk.CfnTag> | undefined;
/**
* Key-value pairs that can identify the certificate.
*/
set tagsRaw(value: Array<cdk.CfnTag> | undefined);
/**
* The method you want to use to validate that you own or control the domain associated with a public certificate.
*/
get validationMethod(): string | undefined;
/**
* The method you want to use to validate that you own or control the domain associated with a public certificate.
*/
set validationMethod(value: string | undefined);
/**
* @cloudformationAttribute Id
*/
get attrId(): string;
protected get cfnProperties(): Record<string, any>;
/**
* Examines the CloudFormation resource and discloses attributes
*
* @param inspector tree inspector to collect and process attributes
*/
inspect(inspector: cdk.TreeInspector): void;
protected renderProperties(props: Record<string, any>): Record<string, any>;
}
export declare namespace CfnCertificate {
/**
* `DomainValidationOption` is a property of the [AWS::CertificateManager::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html) resource that specifies the Certificate Manager ( ACM ) certificate domain to validate. Depending on the chosen validation method, ACM checks the domain's DNS record for a validation CNAME, or it attempts to send a validation email message to the domain owner.
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-certificate-domainvalidationoption.html
*/
interface DomainValidationOptionProperty {
/**
* A fully qualified domain name (FQDN) in the certificate request.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-certificate-domainvalidationoption.html#cfn-certificatemanager-certificate-domainvalidationoption-domainname
*/
readonly domainName: string;
/**
* The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record.
*
* Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.
*
* Use the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.
*
* This option is required for publicly trusted certificates.
*
* > The `ListHostedZones` API returns IDs in the format "/hostedzone/Z111111QQQQQQQ", but CloudFormation requires the IDs to be in the format "Z111111QQQQQQQ".
*
* When you change your `DomainValidationOptions` , a new resource is created.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-certificate-domainvalidationoption.html#cfn-certificatemanager-certificate-domainvalidationoption-hostedzoneid
*/
readonly hostedZoneId?: string;
/**
* The domain name to which you want ACM to send validation emails.
*
* This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:
*
* - admin@example.com
* - administrator@example.com
* - hostmaster@example.com
* - postmaster@example.com
* - webmaster@example.com
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-certificatemanager-certificate-domainvalidationoption.html#cfn-certificatemanager-certificate-domainvalidationoption-validationdomain
*/
readonly validationDomain?: string;
}
}
/**
* Properties for defining a `CfnCertificate`
*
* @struct
* @stability external
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html
*/
export interface CfnCertificateProps {
/**
* The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate.
*
* If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:
*
* `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-certificateauthorityarn
*/
readonly certificateAuthorityArn?: string;
/**
* You can opt out of allowing export of your certificate by specifying the `DISABLED` option.
*
* Allow export of your certificate by specifying the `ENABLED` option.
*
* If you do not specify an export preference in a new CloudFormation template, it is the same as explicitly denying export of your certificate.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-certificateexport
*/
readonly certificateExport?: string;
/**
* You can opt out of certificate transparency logging by specifying the `DISABLED` option.
*
* Opt in by specifying `ENABLED` . This setting doces not apply to private certificates.
*
* If you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.
*
* Changing the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-certificatetransparencyloggingpreference
*/
readonly certificateTransparencyLoggingPreference?: string;
/**
* The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-domainname
*/
readonly domainName: string;
/**
* Domain information that domain name registrars use to verify your identity.
*
* > In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-domainvalidationoptions
*/
readonly domainValidationOptions?: Array<CfnCertificate.DomainValidationOptionProperty | cdk.IResolvable> | cdk.IResolvable;
/**
* Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
*
* RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate-characteristics.html#algorithms-term) .
*
* > Algorithms supported for an ACM certificate request include:
* >
* > - `RSA_2048`
* > - `EC_prime256v1`
* > - `EC_secp384r1`
* >
* > Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
*
* Default: RSA_2048
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-keyalgorithm
*/
readonly keyAlgorithm?: string;
/**
* Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate.
*
* For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-subjectalternativenames
*/
readonly subjectAlternativeNames?: Array<string>;
/**
* Key-value pairs that can identify the certificate.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-tags
*/
readonly tags?: Array<cdk.CfnTag>;
/**
* The method you want to use to validate that you own or control the domain associated with a public certificate.
*
* You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.
*
* If not specified, this property defaults to email validation.
*
* @see http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-validationmethod
*/
readonly validationMethod?: string;
}
export type { IAccountRef, AccountReference };
export type { ICertificateRef, CertificateReference };

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/certificatemanager.generated.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

80
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/dns-validated-certificate.d.ts generated vendored Normal file
View File

@@ -0,0 +1,80 @@
import type { Construct } from 'constructs';
import type { CertificateProps, ICertificate } from './certificate';
import { CertificateBase } from './certificate-base';
import * as iam from '../../aws-iam';
import type * as route53 from '../../aws-route53';
import * as cdk from '../../core';
/**
* Properties to create a DNS validated certificate managed by AWS Certificate Manager
*
*/
export interface DnsValidatedCertificateProps extends CertificateProps {
/**
* Route 53 Hosted Zone used to perform DNS validation of the request. The zone
* must be authoritative for the domain name specified in the Certificate Request.
*/
readonly hostedZone: route53.IHostedZone;
/**
* AWS region that will host the certificate. This is needed especially
* for certificates used for CloudFront distributions, which require the region
* to be us-east-1.
*
* @default the region the stack is deployed in.
*/
readonly region?: string;
/**
* An endpoint of Route53 service, which is not necessary as AWS SDK could figure
* out the right endpoints for most regions, but for some regions such as those in
* aws-cn partition, the default endpoint is not working now, hence the right endpoint
* need to be specified through this prop.
*
* Route53 is not been officially launched in China, it is only available for AWS
* internal accounts now. To make DnsValidatedCertificate work for internal accounts
* now, a special endpoint needs to be provided.
*
* @default - The AWS SDK will determine the Route53 endpoint to use based on region
*/
readonly route53Endpoint?: string;
/**
* Role to use for the custom resource that creates the validated certificate
*
* @default - A new role will be created
*/
readonly customResourceRole?: iam.IRole;
/**
* When set to true, when the DnsValidatedCertificate is deleted,
* the associated Route53 validation records are removed.
*
* CAUTION: If multiple certificates share the same domains (and same validation records),
* this can cause the other certificates to fail renewal and/or not validate.
* Not recommended for production use.
*
* @default false
*/
readonly cleanupRoute53Records?: boolean;
}
/**
* A certificate managed by AWS Certificate Manager. Will be automatically
* validated using DNS validation against the specified Route 53 hosted zone.
*
* @resource AWS::CertificateManager::Certificate
* @deprecated use {@link Certificate} instead
*/
export declare class DnsValidatedCertificate extends CertificateBase implements ICertificate, cdk.ITaggable {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
readonly certificateArn: string;
/**
* Resource Tags.
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-certificatemanager-certificate.html#cfn-certificatemanager-certificate-tags
*/
readonly tags: cdk.TagManager;
protected readonly region?: string;
private normalizedZoneName;
private hostedZoneId;
private domainName;
private _removalPolicy?;
constructor(scope: Construct, id: string, props: DnsValidatedCertificateProps);
applyRemovalPolicy(policy: cdk.RemovalPolicy): void;
private validateDnsValidatedCertificate;
}

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/dns-validated-certificate.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

5
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/index.d.ts generated vendored Normal file
View File

@@ -0,0 +1,5 @@
export * from './certificate';
export * from './dns-validated-certificate';
export * from './private-certificate';
export * from './util';
export * from './certificatemanager.generated';

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/index.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.KeyAlgorithm=void 0,Object.defineProperty(exports,_noFold="KeyAlgorithm",{enumerable:!0,configurable:!0,get:()=>{var value=require("./certificate").KeyAlgorithm;return Object.defineProperty(exports,_noFold="KeyAlgorithm",{enumerable:!0,configurable:!0,value}),value}}),exports.CertificateValidation=void 0,Object.defineProperty(exports,_noFold="CertificateValidation",{enumerable:!0,configurable:!0,get:()=>{var value=require("./certificate").CertificateValidation;return Object.defineProperty(exports,_noFold="CertificateValidation",{enumerable:!0,configurable:!0,value}),value}}),exports.Certificate=void 0,Object.defineProperty(exports,_noFold="Certificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./certificate").Certificate;return Object.defineProperty(exports,_noFold="Certificate",{enumerable:!0,configurable:!0,value}),value}}),exports.ValidationMethod=void 0,Object.defineProperty(exports,_noFold="ValidationMethod",{enumerable:!0,configurable:!0,get:()=>{var value=require("./certificate").ValidationMethod;return Object.defineProperty(exports,_noFold="ValidationMethod",{enumerable:!0,configurable:!0,value}),value}}),exports.DnsValidatedCertificate=void 0,Object.defineProperty(exports,_noFold="DnsValidatedCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./dns-validated-certificate").DnsValidatedCertificate;return Object.defineProperty(exports,_noFold="DnsValidatedCertificate",{enumerable:!0,configurable:!0,value}),value}}),exports.PrivateCertificate=void 0,Object.defineProperty(exports,_noFold="PrivateCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./private-certificate").PrivateCertificate;return Object.defineProperty(exports,_noFold="PrivateCertificate",{enumerable:!0,configurable:!0,value}),value}}),exports.apexDomain=void 0,Object.defineProperty(exports,_noFold="apexDomain",{enumerable:!0,configurable:!0,get:()=>{var value=require("./util").apexDomain;return Object.defineProperty(exports,_noFold="apexDomain",{enumerable:!0,configurable:!0,value}),value}}),exports.isDnsValidatedCertificate=void 0,Object.defineProperty(exports,_noFold="isDnsValidatedCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./util").isDnsValidatedCertificate;return Object.defineProperty(exports,_noFold="isDnsValidatedCertificate",{enumerable:!0,configurable:!0,value}),value}}),exports.getCertificateRegion=void 0,Object.defineProperty(exports,_noFold="getCertificateRegion",{enumerable:!0,configurable:!0,get:()=>{var value=require("./util").getCertificateRegion;return Object.defineProperty(exports,_noFold="getCertificateRegion",{enumerable:!0,configurable:!0,value}),value}}),exports.CfnAccount=void 0,Object.defineProperty(exports,_noFold="CfnAccount",{enumerable:!0,configurable:!0,get:()=>{var value=require("./certificatemanager.generated").CfnAccount;return Object.defineProperty(exports,_noFold="CfnAccount",{enumerable:!0,configurable:!0,value}),value}}),exports.CfnCertificate=void 0,Object.defineProperty(exports,_noFold="CfnCertificate",{enumerable:!0,configurable:!0,get:()=>{var value=require("./certificatemanager.generated").CfnCertificate;return Object.defineProperty(exports,_noFold="CfnCertificate",{enumerable:!0,configurable:!0,value}),value}});

65
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/private-certificate.d.ts generated vendored Normal file
View File

@@ -0,0 +1,65 @@
import type { Construct } from 'constructs';
import type { ICertificate, KeyAlgorithm } from './certificate';
import { CertificateBase } from './certificate-base';
import type * as acmpca from '../../aws-acmpca';
/**
* Properties for your private certificate
*/
export interface PrivateCertificateProps {
/**
* Fully-qualified domain name to request a private certificate for.
*
* May contain wildcards, such as ``*.domain.com``.
*/
readonly domainName: string;
/**
* Alternative domain names on your private certificate.
*
* Use this to register alternative domain names that represent the same site.
*
* @default - No additional FQDNs will be included as alternative domain names.
*/
readonly subjectAlternativeNames?: string[];
/**
* Private certificate authority (CA) that will be used to issue the certificate.
*/
readonly certificateAuthority: acmpca.ICertificateAuthorityRef;
/**
* Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data.
*
* When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family
* (RSA or ECDSA) must match the algorithm family of the CA's secret key.
*
* @see https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms.title
*
* @default KeyAlgorithm.RSA_2048
*/
readonly keyAlgorithm?: KeyAlgorithm;
/**
* Enable or disable export of this certificate.
*
* If you issue an exportable public certificate, there is a charge at certificate issuance and again when the certificate renews.
* Ref: https://aws.amazon.com/certificate-manager/pricing
*
* @default false
*/
readonly allowExport?: boolean;
}
/**
* A private certificate managed by AWS Certificate Manager
*
* @resource AWS::CertificateManager::Certificate
*/
export declare class PrivateCertificate extends CertificateBase implements ICertificate {
/** Uniquely identifies this class. */
static readonly PROPERTY_INJECTION_ID: string;
/**
* Import a certificate
*/
static fromCertificateArn(scope: Construct, id: string, certificateArn: string): ICertificate;
/**
* The certificate's ARN
*/
readonly certificateArn: string;
constructor(scope: Construct, id: string, props: PrivateCertificateProps);
}

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/private-certificate.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";var __esDecorate=exports&&exports.__esDecorate||function(ctor,descriptorIn,decorators,contextIn,initializers,extraInitializers){function accept(f){if(f!==void 0&&typeof f!="function")throw new TypeError("Function expected");return f}for(var kind=contextIn.kind,key=kind==="getter"?"get":kind==="setter"?"set":"value",target=!descriptorIn&&ctor?contextIn.static?ctor:ctor.prototype:null,descriptor=descriptorIn||(target?Object.getOwnPropertyDescriptor(target,contextIn.name):{}),_,done=!1,i=decorators.length-1;i>=0;i--){var context={};for(var p in contextIn)context[p]=p==="access"?{}:contextIn[p];for(var p in contextIn.access)context.access[p]=contextIn.access[p];context.addInitializer=function(f){if(done)throw new TypeError("Cannot add initializers after decoration has completed");extraInitializers.push(accept(f||null))};var result=(0,decorators[i])(kind==="accessor"?{get:descriptor.get,set:descriptor.set}:descriptor[key],context);if(kind==="accessor"){if(result===void 0)continue;if(result===null||typeof result!="object")throw new TypeError("Object expected");(_=accept(result.get))&&(descriptor.get=_),(_=accept(result.set))&&(descriptor.set=_),(_=accept(result.init))&&initializers.unshift(_)}else(_=accept(result))&&(kind==="field"?initializers.unshift(_):descriptor[key]=_)}target&&Object.defineProperty(target,contextIn.name,descriptor),done=!0},__runInitializers=exports&&exports.__runInitializers||function(thisArg,initializers,value){for(var useValue=arguments.length>2,i=0;i<initializers.length;i++)value=useValue?initializers[i].call(thisArg,value):initializers[i].call(thisArg);return useValue?value:void 0};Object.defineProperty(exports,"__esModule",{value:!0}),exports.PrivateCertificate=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var certificate_base_1=()=>{var tmp=require("./certificate-base");return certificate_base_1=()=>tmp,tmp},certificatemanager_generated_1=()=>{var tmp=require("./certificatemanager.generated");return certificatemanager_generated_1=()=>tmp,tmp},metadata_resource_1=()=>{var tmp=require("../../core/lib/metadata-resource");return metadata_resource_1=()=>tmp,tmp},prop_injectable_1=()=>{var tmp=require("../../core/lib/prop-injectable");return prop_injectable_1=()=>tmp,tmp};let PrivateCertificate=(()=>{let _classDecorators=[prop_injectable_1().propertyInjectable],_classDescriptor,_classExtraInitializers=[],_classThis,_classSuper=certificate_base_1().CertificateBase;var PrivateCertificate2=class extends _classSuper{static{_classThis=this}static{const _metadata=typeof Symbol=="function"&&Symbol.metadata?Object.create(_classSuper[Symbol.metadata]??null):void 0;__esDecorate(null,_classDescriptor={value:_classThis},_classDecorators,{kind:"class",name:_classThis.name,metadata:_metadata},null,_classExtraInitializers),PrivateCertificate2=_classThis=_classDescriptor.value,_metadata&&Object.defineProperty(_classThis,Symbol.metadata,{enumerable:!0,configurable:!0,writable:!0,value:_metadata})}static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_certificatemanager.PrivateCertificate",version:"2.252.0"};static PROPERTY_INJECTION_ID="aws-cdk-lib.aws-certificatemanager.PrivateCertificate";static fromCertificateArn(scope,id,certificateArn){class Import extends certificate_base_1().CertificateBase{certificateArn=certificateArn}return new Import(scope,id)}certificateArn;constructor(scope,id,props){super(scope,id);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_certificatemanager_PrivateCertificateProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,PrivateCertificate2),error}(0,metadata_resource_1().addConstructMetadata)(this,props);const certificateExport=props.allowExport===!0?"ENABLED":void 0,cert=new(certificatemanager_generated_1()).CfnCertificate(this,"Resource",{domainName:props.domainName,subjectAlternativeNames:props.subjectAlternativeNames,certificateAuthorityArn:props.certificateAuthority.certificateAuthorityRef.certificateAuthorityArn,keyAlgorithm:props.keyAlgorithm?.name,certificateExport});this.certificateArn=cert.ref}static{__runInitializers(_classThis,_classExtraInitializers)}};return PrivateCertificate2=_classThis})();exports.PrivateCertificate=PrivateCertificate;

8038
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/public-suffixes.d.ts generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/public-suffixes.js generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

8
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/util.d.ts generated vendored Normal file
View File

@@ -0,0 +1,8 @@
import type { ICertificate } from './certificate';
import type { DnsValidatedCertificate } from './dns-validated-certificate';
/**
* Returns the apex domain (domain.com) from a subdomain (www.sub.domain.com)
*/
export declare function apexDomain(domainName: string): string;
export declare function isDnsValidatedCertificate(cert: ICertificate): cert is DnsValidatedCertificate;
export declare function getCertificateRegion(cert: ICertificate): string | undefined;

1
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/lib/util.js generated vendored Normal file
View File

@@ -0,0 +1 @@
"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.apexDomain=apexDomain,exports.isDnsValidatedCertificate=isDnsValidatedCertificate,exports.getCertificateRegion=getCertificateRegion;var public_suffixes_1=()=>{var tmp=require("./public-suffixes");return public_suffixes_1=()=>tmp,tmp},core_1=()=>{var tmp=require("../../core");return core_1=()=>tmp,tmp};function apexDomain(domainName){const parts=domainName.split(".").reverse();let curr=public_suffixes_1().publicSuffixes;const accumulated=[];for(const part of parts){if(accumulated.push(part),!(part in curr))break;curr=curr[part]}return accumulated.reverse().join(".")}function isDnsValidatedCertificate(cert){return cert.hasOwnProperty("domainName")}function getCertificateRegion(cert){const{certificateArn,stack}=cert;if(isDnsValidatedCertificate(cert)){const requestResource=cert.node.findChild("CertificateRequestorResource").node.defaultChild,{_cfnProperties:properties}=requestResource,{Region:region}=properties;if(region&&!core_1().Token.isUnresolved(region))return region}{const{region}=core_1().Arn.split(certificateArn,core_1().ArnFormat.SLASH_RESOURCE_NAME);if(region&&!core_1().Token.isUnresolved(region))return region}return core_1().Stack.of(stack).region}

8
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/suffixes/README.txt generated vendored Normal file
View File

@@ -0,0 +1,8 @@
Public suffix list obtained from https://publicsuffix.org/.
We build a lookup map that for 90% of the cases can return the probable intended apex domain.
We're ignoring Punycode on purpose.
Whenever you pull a new version of the .dat file, don't forget to run build-map.py.
Not integrated as part of the build because this file will change only very rarely.

35
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/suffixes/build-map.py generated vendored Normal file
View File

@@ -0,0 +1,35 @@
#!/usr/bin/env python2.7
"""Script to build a lookup map from the lines in the public suffix data list.
See README.txt in this directory for more info.
"""
import re
import json
trie = {}
with open('public_suffix_list.dat', 'r') as f:
for line in f:
line = line.strip()
# All reasons to skip this line
if not line: continue
if line.startswith('//'): continue
if re.search('[^a-z0-9.]', line): continue
# *. at the start is the same as it not being there
if line.startswith('*.'): line = line[2:]
# Add to the trie
parts = line.split('.')
parts.reverse()
curr = trie
for part in parts:
curr = curr.setdefault(part, {})
with open('../lib/public-suffixes.ts', 'w') as o:
o.write('// This file has been generated using ../suffixes/build-map.py\n')
o.write('/* eslint-disable no-trailing-spaces, quote-props */\n')
o.write('export const publicSuffixes = %s;' % json.dumps(trie, indent=2))

12472
cdk/node_modules/aws-cdk-lib/aws-certificatemanager/suffixes/public_suffix_list.dat generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff