| 1 | import { BootstrapSource } from './bootstrap-environment';
|
| 2 | import { Tag } from '../tags';
|
| 3 | import { StringWithoutPlaceholders } from '../util/placeholders';
|
| 4 | export declare const BUCKET_NAME_OUTPUT = "BucketName";
|
| 5 | export declare const REPOSITORY_NAME_OUTPUT = "ImageRepositoryName";
|
| 6 | export declare const BUCKET_DOMAIN_NAME_OUTPUT = "BucketDomainName";
|
| 7 | export declare const BOOTSTRAP_VERSION_OUTPUT = "BootstrapVersion";
|
| 8 | export declare const BOOTSTRAP_VERSION_RESOURCE = "CdkBootstrapVersion";
|
| 9 | export declare const BOOTSTRAP_VARIANT_PARAMETER = "BootstrapVariant";
|
| 10 | /**
|
| 11 | * The assumed vendor of a template in case it is not set
|
| 12 | */
|
| 13 | export declare const DEFAULT_BOOTSTRAP_VARIANT = "AWS CDK: Default Resources";
|
| 14 | /**
|
| 15 | * Options for the bootstrapEnvironment operation(s)
|
| 16 | */
|
| 17 | export interface BootstrapEnvironmentOptions {
|
| 18 | readonly toolkitStackName?: string;
|
| 19 | readonly roleArn?: StringWithoutPlaceholders;
|
| 20 | readonly parameters?: BootstrappingParameters;
|
| 21 | readonly force?: boolean;
|
| 22 | /**
|
| 23 | * The source of the bootstrap stack
|
| 24 | *
|
| 25 | * @default - modern v2-style bootstrapping
|
| 26 | */
|
| 27 | readonly source?: BootstrapSource;
|
| 28 | /**
|
| 29 | * Whether to execute the changeset or only create it and leave it in review.
|
| 30 | * @default true
|
| 31 | */
|
| 32 | readonly execute?: boolean;
|
| 33 | /**
|
| 34 | * Tags for cdktoolkit stack.
|
| 35 | *
|
| 36 | * @default - None.
|
| 37 | */
|
| 38 | readonly tags?: Tag[];
|
| 39 | /**
|
| 40 | * Whether the stacks created by the bootstrap process should be protected from termination.
|
| 41 | * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html
|
| 42 | * @default true
|
| 43 | */
|
| 44 | readonly terminationProtection?: boolean;
|
| 45 | /**
|
| 46 | * Use previous values for unspecified parameters
|
| 47 | *
|
| 48 | * If not set, all parameters must be specified for every deployment.
|
| 49 | *
|
| 50 | * @default true
|
| 51 | */
|
| 52 | usePreviousParameters?: boolean;
|
| 53 | }
|
| 54 | /**
|
| 55 | * Parameters for the bootstrapping template
|
| 56 | */
|
| 57 | export interface BootstrappingParameters {
|
| 58 | /**
|
| 59 | * The name to be given to the CDK Bootstrap bucket.
|
| 60 | *
|
| 61 | * @default - a name is generated by CloudFormation.
|
| 62 | */
|
| 63 | readonly bucketName?: string;
|
| 64 | /**
|
| 65 | * The ID of an existing KMS key to be used for encrypting items in the bucket.
|
| 66 | *
|
| 67 | * @default - use the default KMS key or create a custom one
|
| 68 | */
|
| 69 | readonly kmsKeyId?: string;
|
| 70 | /**
|
| 71 | * Whether or not to create a new customer master key (CMK)
|
| 72 | *
|
| 73 | * Only applies to modern bootstrapping. Legacy bootstrapping will never create
|
| 74 | * a CMK, only use the default S3 key.
|
| 75 | *
|
| 76 | * @default false
|
| 77 | */
|
| 78 | readonly createCustomerMasterKey?: boolean;
|
| 79 | /**
|
| 80 | * The list of AWS account IDs that are trusted to deploy into the environment being bootstrapped.
|
| 81 | *
|
| 82 | * @default - only the bootstrapped account can deploy into this environment
|
| 83 | */
|
| 84 | readonly trustedAccounts?: string[];
|
| 85 | /**
|
| 86 | * The list of AWS account IDs that are trusted to look up values in the environment being bootstrapped.
|
| 87 | *
|
| 88 | * @default - only the bootstrapped account can look up values in this environment
|
| 89 | */
|
| 90 | readonly trustedAccountsForLookup?: string[];
|
| 91 | /**
|
| 92 | * The list of AWS account IDs that should not be trusted by the bootstrapped environment.
|
| 93 | * If these accounts are already trusted, they will be removed on bootstrapping.
|
| 94 | *
|
| 95 | * @default - no account will be untrusted.
|
| 96 | */
|
| 97 | readonly untrustedAccounts?: string[];
|
| 98 | /**
|
| 99 | * The ARNs of the IAM managed policies that should be attached to the role performing CloudFormation deployments.
|
| 100 | * In most cases, this will be the AdministratorAccess policy.
|
| 101 | * At least one policy is required if `trustedAccounts` were passed.
|
| 102 | *
|
| 103 | * @default - the role will have no policies attached
|
| 104 | */
|
| 105 | readonly cloudFormationExecutionPolicies?: string[];
|
| 106 | /**
|
| 107 | * Identifier to distinguish multiple bootstrapped environments
|
| 108 | *
|
| 109 | * @default - Default qualifier
|
| 110 | */
|
| 111 | readonly qualifier?: string;
|
| 112 | /**
|
| 113 | * Whether or not to enable S3 Staging Bucket Public Access Block Configuration
|
| 114 | *
|
| 115 | * @default true
|
| 116 | */
|
| 117 | readonly publicAccessBlockConfiguration?: boolean;
|
| 118 | /**
|
| 119 | * Flag for using the default permissions boundary for bootstrapping
|
| 120 | *
|
| 121 | * @default - No value, optional argument
|
| 122 | */
|
| 123 | readonly examplePermissionsBoundary?: boolean;
|
| 124 | /**
|
| 125 | * Name for the customer's custom permissions boundary for bootstrapping
|
| 126 | *
|
| 127 | * @default - No value, optional argument
|
| 128 | */
|
| 129 | readonly customPermissionsBoundary?: string;
|
| 130 | }
|