From 1f0a04ed7595225be7a3904aea651cb730acf096 Mon Sep 17 00:00:00 2001
From: Pete Dunlap <pete.dunlap@stratiform.digital>
Date: Thu, 23 Jan 2025 15:34:28 -0500
Subject: [PATCH] CMDCT-4254 - deploying largely unaffected stack

---
 services/app-api/serverless.yml          | 13 ++++++++-----
 services/ui-auth/handlers/createUsers.js | 10 ++++------
 services/ui-auth/package.json            |  1 +
 services/ui-src/serverless.yml           |  8 ++++++++
 services/ui/serverless.yml               |  9 ++++++---
 5 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/services/app-api/serverless.yml b/services/app-api/serverless.yml
index 8d19af0e..f46b7faa 100644
--- a/services/app-api/serverless.yml
+++ b/services/app-api/serverless.yml
@@ -24,11 +24,6 @@ custom:
     tsConfigFileLocation: "./tsconfig.json"
   stage: ${sls:stage}
   region: ${aws:region}
-  wafPlugin:
-    name: ${self:service}-${self:custom.stage}-webacl-waf
-  wafExcludeRules:
-    awsCommon:
-      - "SizeRestrictions_BODY"
   serverlessTerminationProtection:
     stages:
       - main
@@ -41,6 +36,11 @@ custom:
   webAclName: ${self:service}-${self:custom.stage}-webacl-waf
   associateWaf:
     name: ${self:custom.webAclName}
+  wafPlugin:
+    name: ${self:custom.webAclName}
+  wafExcludeRules:
+    awsCommon:
+      - "SizeRestrictions_BODY"
     version: V2
   serverlessApiClientCertificate:
     rotateCerts: true
@@ -54,6 +54,9 @@ provider:
   name: aws
   runtime: nodejs20.x
   region: us-east-1
+  stackTags:
+    PROJECT: ${self:custom.project}
+    SERVICE: ${self:service}
   tracing:
     apiGateway: true
   logs:
diff --git a/services/ui-auth/handlers/createUsers.js b/services/ui-auth/handlers/createUsers.js
index 76d1f408..223ea55f 100644
--- a/services/ui-auth/handlers/createUsers.js
+++ b/services/ui-auth/handlers/createUsers.js
@@ -1,8 +1,8 @@
-import * as cognitolib from "../libs/cognito-lib";
+import * as cognitolib from "../libs/cognito-lib.js";
 const userPoolId = process.env.userPoolId;
-const users = require("../libs/users.json");
+import users from "../libs/users.json" assert { type: "json" };
 
-async function myHandler(_event, _context, _callback) {
+export const handler = async (_event, _context, _callback) => {
   for (var i = 0; i < users.length; i++) {
     var poolData = {
       UserPoolId: userPoolId,
@@ -43,6 +43,4 @@ async function myHandler(_event, _context, _callback) {
       /* swallow this exception and continue */
     }
   }
-}
-
-exports.handler = myHandler;
+};
diff --git a/services/ui-auth/package.json b/services/ui-auth/package.json
index 7fb94c6b..d6f778eb 100644
--- a/services/ui-auth/package.json
+++ b/services/ui-auth/package.json
@@ -2,6 +2,7 @@
   "name": "ui-auth",
   "description": "",
   "version": "1.0.0",
+  "type": "module",
   "main": "index.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
diff --git a/services/ui-src/serverless.yml b/services/ui-src/serverless.yml
index 5aaa3928..7dd4c1a8 100644
--- a/services/ui-src/serverless.yml
+++ b/services/ui-src/serverless.yml
@@ -74,3 +74,11 @@ custom:
         export LOCAL_LOGIN=false
         ./scripts/configure-env.sh
         cp public/env-config.js build/env-config.js
+
+resources:
+  Resources:
+    Honk: # this is just because it won't deploy unless we have some resource being created
+      Type: AWS::SSM::Parameter
+      Properties:
+        Type: String
+        Value: 'honk'
diff --git a/services/ui/serverless.yml b/services/ui/serverless.yml
index c0eaf13b..2195b515 100644
--- a/services/ui/serverless.yml
+++ b/services/ui/serverless.yml
@@ -132,6 +132,9 @@ resources:
           RestrictPublicBuckets: true
         VersioningConfiguration:
           Status: Enabled
+        # LoggingConfiguration:
+        #   DestinationBucketName: ${env:LOGGING_BUCKET, ssm:/configuration/${self:custom.stage}/s3/accessLogsBucket, ssm:/configuration/default/s3/accessLogsBucket}
+        #   LogFilePrefix: ${env:LOGGING_BUCKET, ssm:/configuration/${self:custom.stage}/s3/accessLogsPrefix, ssm:/configuration/default/s3/accessLogsPrefix}
       DeletionPolicy: Delete
     BucketPolicy:
       Type: AWS::S3::BucketPolicy
@@ -178,9 +181,9 @@ resources:
         OwnershipControls:
           Rules:
             - ObjectOwnership: BucketOwnerPreferred
-        LoggingConfiguration:
-          DestinationBucketName: ${env:LOGGING_BUCKET, ssm:/configuration/${self:custom.stage}/s3/accessLogsBucket, ssm:/configuration/default/s3/accessLogsBucket}
-          LogFilePrefix: ${env:LOGGING_BUCKET, ssm:/configuration/${self:custom.stage}/s3/accessLogsPrefix, ssm:/configuration/default/s3/accessLogsPrefix}
+        # LoggingConfiguration:
+        #   DestinationBucketName: ${env:LOGGING_BUCKET, ssm:/configuration/${self:custom.stage}/s3/accessLogsBucket, ssm:/configuration/default/s3/accessLogsBucket}
+        #   LogFilePrefix: ${env:LOGGING_BUCKET, ssm:/configuration/${self:custom.stage}/s3/accessLogsPrefix, ssm:/configuration/default/s3/accessLogsPrefix}
       DeletionPolicy: Delete
     LoggingBucketPolicy:
       Type: "AWS::S3::BucketPolicy"