@aws-solutions-constructs/aws-cloudfront-s3 2.47.0 → 2.49.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/.eslintignore +2 -2
  2. package/.jsii +152 -35
  3. package/README.md +7 -6
  4. package/lib/index.d.ts +1 -0
  5. package/lib/index.js +70 -8
  6. package/package.json +7 -5
  7. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.expected.json +960 -0
  8. package/test/integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.js +44 -0
  9. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.expected.json +594 -0
  10. package/test/integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +39 -0
  11. package/test/integ.cfts3-bucket-with-http-origin.d.ts +13 -0
  12. package/test/integ.cfts3-bucket-with-http-origin.expected.json +559 -0
  13. package/test/integ.cfts3-bucket-with-http-origin.js +44 -0
  14. package/test/integ.cfts3-cmk-encryption.expected.json +527 -0
  15. package/test/integ.cfts3-cmk-provided-as-bucket-prop.d.ts +13 -0
  16. package/test/integ.cfts3-cmk-provided-as-bucket-prop.expected.json +960 -0
  17. package/test/integ.cfts3-cmk-provided-as-bucket-prop.js +41 -0
  18. package/test/integ.cfts3-custom-headers.expected.json +307 -25
  19. package/test/integ.cfts3-custom-headers.js +6 -2
  20. package/test/integ.cfts3-custom-originPath.expected.json +307 -25
  21. package/test/integ.cfts3-custom-originPath.js +6 -2
  22. package/test/integ.cfts3-customCloudFrontLoggingBucket.expected.json +54 -21
  23. package/test/integ.cfts3-customLoggingBuckets.d.ts +13 -0
  24. package/test/{integ.cfts3-customLoggingBucket.expected.json → integ.cfts3-customLoggingBuckets.expected.json} +285 -29
  25. package/test/integ.cfts3-customLoggingBuckets.js +58 -0
  26. package/test/integ.cfts3-existing-bucket.expected.json +493 -78
  27. package/test/integ.cfts3-existing-bucket.js +2 -2
  28. package/test/integ.cfts3-no-arguments.expected.json +430 -25
  29. package/test/integ.cfts3-no-arguments.js +5 -2
  30. package/test/integ.cfts3-no-security-headers.expected.json +307 -25
  31. package/test/integ.cfts3-no-security-headers.js +5 -1
  32. package/test/test.cloudfront-s3.test.js +160 -28
  33. package/test/integ.cfts3-customCloudFrontLoggingBucket.js +0 -39
  34. package/test/integ.cfts3-customLoggingBucket.js +0 -42
  35. /package/test/{integ.cfts3-customCloudFrontLoggingBucket.d.ts → integ.cfts3-bucket-encrypted-with-cmk-provided-as-existingbucket.d.ts} +0 -0
  36. /package/test/{integ.cfts3-customLoggingBucket.d.ts → integ.cfts3-bucket-encrypted-with-managed-key-provided-as-existingbucket.d.ts} +0 -0
package/.eslintignore CHANGED
@@ -1,5 +1,5 @@
1
- lib/*.js
1
+ lib/**/*.js
2
2
  test/*.js
3
3
  *.d.ts
4
4
  coverage
5
- test/lambda/index.js
5
+ node_modules
package/.jsii CHANGED
@@ -8,8 +8,9 @@
8
8
  "url": "https://aws.amazon.com"
9
9
  },
10
10
  "dependencies": {
11
- "@aws-solutions-constructs/core": "2.47.0",
12
- "aws-cdk-lib": "^2.111.0",
11
+ "@aws-solutions-constructs/core": "2.49.0",
12
+ "@aws-solutions-constructs/resources": "2.49.0",
13
+ "aws-cdk-lib": "^2.118.0",
13
14
  "constructs": "^10.0.0"
14
15
  },
15
16
  "dependencyClosure": {
@@ -115,6 +116,30 @@
115
116
  }
116
117
  }
117
118
  },
119
+ "@aws-solutions-constructs/resources": {
120
+ "targets": {
121
+ "dotnet": {
122
+ "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png",
123
+ "namespace": "Amazon.SolutionsConstructs.AWS.Resources",
124
+ "packageId": "Amazon.SolutionsConstructs.AWS.Resources",
125
+ "signAssembly": true
126
+ },
127
+ "java": {
128
+ "maven": {
129
+ "artifactId": "resources",
130
+ "groupId": "software.amazon.awsconstructs"
131
+ },
132
+ "package": "software.amazon.awsconstructs.services.resources"
133
+ },
134
+ "js": {
135
+ "npm": "@aws-solutions-constructs/resources"
136
+ },
137
+ "python": {
138
+ "distName": "aws-solutions-constructs.resources",
139
+ "module": "aws_solutions_constructs.resources"
140
+ }
141
+ }
142
+ },
118
143
  "aws-cdk-lib": {
119
144
  "submodules": {
120
145
  "aws-cdk-lib.alexa_ask": {
@@ -247,6 +272,8 @@
247
272
  }
248
273
  }
249
274
  },
275
+ "aws-cdk-lib.aws_apigatewayv2_authorizers": {},
276
+ "aws-cdk-lib.aws_apigatewayv2_integrations": {},
250
277
  "aws-cdk-lib.aws_appconfig": {
251
278
  "targets": {
252
279
  "dotnet": {
@@ -377,6 +404,19 @@
377
404
  }
378
405
  }
379
406
  },
407
+ "aws-cdk-lib.aws_arczonalshift": {
408
+ "targets": {
409
+ "dotnet": {
410
+ "package": "Amazon.CDK.AWS.ARCZonalShift"
411
+ },
412
+ "java": {
413
+ "package": "software.amazon.awscdk.services.arczonalshift"
414
+ },
415
+ "python": {
416
+ "module": "aws_cdk.aws_arczonalshift"
417
+ }
418
+ }
419
+ },
380
420
  "aws-cdk-lib.aws_athena": {
381
421
  "targets": {
382
422
  "dotnet": {
@@ -455,6 +495,19 @@
455
495
  }
456
496
  }
457
497
  },
498
+ "aws-cdk-lib.aws_b2bi": {
499
+ "targets": {
500
+ "dotnet": {
501
+ "package": "Amazon.CDK.AWS.B2BI"
502
+ },
503
+ "java": {
504
+ "package": "software.amazon.awscdk.services.b2bi"
505
+ },
506
+ "python": {
507
+ "module": "aws_cdk.aws_b2bi"
508
+ }
509
+ }
510
+ },
458
511
  "aws-cdk-lib.aws_backup": {
459
512
  "targets": {
460
513
  "dotnet": {
@@ -474,7 +527,7 @@
474
527
  "package": "Amazon.CDK.AWS.BackupGateway"
475
528
  },
476
529
  "java": {
477
- "package": "services.backupgateway"
530
+ "package": "software.amazon.awscdk.services.backupgateway"
478
531
  },
479
532
  "python": {
480
533
  "module": "aws_cdk.aws_backupgateway"
@@ -494,6 +547,19 @@
494
547
  }
495
548
  }
496
549
  },
550
+ "aws-cdk-lib.aws_bedrock": {
551
+ "targets": {
552
+ "dotnet": {
553
+ "namespace": "Amazon.CDK.AWS.Bedrock"
554
+ },
555
+ "java": {
556
+ "package": "software.amazon.awscdk.services.bedrock"
557
+ },
558
+ "python": {
559
+ "module": "aws_cdk.aws_bedrock"
560
+ }
561
+ }
562
+ },
497
563
  "aws-cdk-lib.aws_billingconductor": {
498
564
  "targets": {
499
565
  "dotnet": {
@@ -578,7 +644,7 @@
578
644
  "package": "Amazon.CDK.AWS.CleanRooms"
579
645
  },
580
646
  "java": {
581
- "package": "services.cleanrooms"
647
+ "package": "software.amazon.awscdk.services.cleanrooms"
582
648
  },
583
649
  "python": {
584
650
  "module": "aws_cdk.aws_cleanrooms"
@@ -1320,7 +1386,7 @@
1320
1386
  "package": "Amazon.CDK.AWS.EntityResolution"
1321
1387
  },
1322
1388
  "java": {
1323
- "package": "services.entityresolution"
1389
+ "package": "software.amazon.awscdk.services.entityresolution"
1324
1390
  },
1325
1391
  "python": {
1326
1392
  "module": "aws_cdk.aws_entityresolution"
@@ -1580,7 +1646,7 @@
1580
1646
  "package": "Amazon.CDK.AWS.HealthImaging"
1581
1647
  },
1582
1648
  "java": {
1583
- "package": "services.healthimaging"
1649
+ "package": "software.amazon.awscdk.services.healthimaging"
1584
1650
  },
1585
1651
  "python": {
1586
1652
  "module": "aws_cdk.aws_healthimaging"
@@ -2243,7 +2309,7 @@
2243
2309
  "package": "Amazon.CDK.AWS.MediaPackageV2"
2244
2310
  },
2245
2311
  "java": {
2246
- "package": "services.mediapackagev2"
2312
+ "package": "software.amazon.awscdk.services.mediapackagev2"
2247
2313
  },
2248
2314
  "python": {
2249
2315
  "module": "aws_cdk.aws_mediapackagev2"
@@ -2328,6 +2394,19 @@
2328
2394
  }
2329
2395
  }
2330
2396
  },
2397
+ "aws-cdk-lib.aws_neptunegraph": {
2398
+ "targets": {
2399
+ "dotnet": {
2400
+ "package": "Amazon.CDK.AWS.NeptuneGraph"
2401
+ },
2402
+ "java": {
2403
+ "package": "software.amazon.awscdk.services.neptunegraph"
2404
+ },
2405
+ "python": {
2406
+ "module": "aws_cdk.aws_neptunegraph"
2407
+ }
2408
+ }
2409
+ },
2331
2410
  "aws-cdk-lib.aws_networkfirewall": {
2332
2411
  "targets": {
2333
2412
  "dotnet": {
@@ -2464,7 +2543,7 @@
2464
2543
  "package": "Amazon.CDK.AWS.OSIS"
2465
2544
  },
2466
2545
  "java": {
2467
- "package": "services.osis"
2546
+ "package": "software.amazon.awscdk.services.osis"
2468
2547
  },
2469
2548
  "python": {
2470
2549
  "module": "aws_cdk.aws_osis"
@@ -2490,7 +2569,7 @@
2490
2569
  "package": "Amazon.CDK.AWS.PCAConnectorAD"
2491
2570
  },
2492
2571
  "java": {
2493
- "package": "services.pcaconnectorad"
2572
+ "package": "software.amazon.awscdk.services.pcaconnectorad"
2494
2573
  },
2495
2574
  "python": {
2496
2575
  "module": "aws_cdk.aws_pcaconnectorad"
@@ -2555,7 +2634,7 @@
2555
2634
  "package": "Amazon.CDK.AWS.Proton"
2556
2635
  },
2557
2636
  "java": {
2558
- "package": "services.proton"
2637
+ "package": "software.amazon.awscdk.services.proton"
2559
2638
  },
2560
2639
  "python": {
2561
2640
  "module": "aws_cdk.aws_proton"
@@ -2874,6 +2953,19 @@
2874
2953
  }
2875
2954
  }
2876
2955
  },
2956
+ "aws-cdk-lib.aws_s3express": {
2957
+ "targets": {
2958
+ "dotnet": {
2959
+ "package": "Amazon.CDK.AWS.S3Express"
2960
+ },
2961
+ "java": {
2962
+ "package": "software.amazon.awscdk.services.s3express"
2963
+ },
2964
+ "python": {
2965
+ "module": "aws_cdk.aws_s3express"
2966
+ }
2967
+ }
2968
+ },
2877
2969
  "aws-cdk-lib.aws_s3objectlambda": {
2878
2970
  "targets": {
2879
2971
  "dotnet": {
@@ -3049,7 +3141,7 @@
3049
3141
  "package": "Amazon.CDK.AWS.Shield"
3050
3142
  },
3051
3143
  "java": {
3052
- "package": "services.shield"
3144
+ "package": "software.amazon.awscdk.services.shield"
3053
3145
  },
3054
3146
  "python": {
3055
3147
  "module": "aws_cdk.aws_shield"
@@ -3270,7 +3362,7 @@
3270
3362
  "package": "Amazon.CDK.AWS.VerifiedPermissions"
3271
3363
  },
3272
3364
  "java": {
3273
- "package": "services.verifiedpermissions"
3365
+ "package": "software.amazon.awscdk.services.verifiedpermissions"
3274
3366
  },
3275
3367
  "python": {
3276
3368
  "module": "aws_cdk.aws_verifiedpermissions"
@@ -3368,13 +3460,26 @@
3368
3460
  }
3369
3461
  }
3370
3462
  },
3463
+ "aws-cdk-lib.aws_workspacesthinclient": {
3464
+ "targets": {
3465
+ "dotnet": {
3466
+ "package": "Amazon.CDK.AWS.WorkSpacesThinClient"
3467
+ },
3468
+ "java": {
3469
+ "package": "software.amazon.awscdk.services.workspacesthinclient"
3470
+ },
3471
+ "python": {
3472
+ "module": "aws_cdk.aws_workspacesthinclient"
3473
+ }
3474
+ }
3475
+ },
3371
3476
  "aws-cdk-lib.aws_workspacesweb": {
3372
3477
  "targets": {
3373
3478
  "dotnet": {
3374
3479
  "package": "Amazon.CDK.AWS.WorkSpacesWeb"
3375
3480
  },
3376
3481
  "java": {
3377
- "package": "services.workspacesweb"
3482
+ "package": "software.amazon.awscdk.services.workspacesweb"
3378
3483
  },
3379
3484
  "python": {
3380
3485
  "module": "aws_cdk.aws_workspacesweb"
@@ -3579,7 +3684,7 @@
3579
3684
  },
3580
3685
  "description": "CDK Constructs for AWS Cloudfront to AWS S3 integration.",
3581
3686
  "homepage": "https://github.com/awslabs/aws-solutions-constructs.git",
3582
- "jsiiVersion": "1.92.0 (build db7f27d)",
3687
+ "jsiiVersion": "1.94.0 (build b380f01)",
3583
3688
  "keywords": [
3584
3689
  "aws",
3585
3690
  "cdk",
@@ -3598,7 +3703,7 @@
3598
3703
  },
3599
3704
  "name": "@aws-solutions-constructs/aws-cloudfront-s3",
3600
3705
  "readme": {
3601
- "markdown": "# aws-cloudfront-s3 module\n<!--BEGIN STABILITY BANNER-->\n\n---\n\n![Stability: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge)\n\n---\n<!--END STABILITY BANNER-->\n\n| **Reference Documentation**:| <span style=\"font-weight: normal\">https://docs.aws.amazon.com/solutions/latest/constructs/</span>|\n|:-------------|:-------------|\n<div style=\"height:8px\"></div>\n\n| **Language** | **Package** |\n|:-------------|-----------------|\n|![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python|`aws_solutions_constructs.aws_cloudfront_s3`|\n|![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript|`@aws-solutions-constructs/aws-cloudfront-s3`|\n|![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.cloudfronts3`|\n\n## Overview\nThis AWS Solutions Construct implements an AWS CloudFront fronting an AWS S3 Bucket.\n\nHere is a minimal deployable pattern definition:\n\nTypescript\n``` typescript\nimport { Construct } from 'constructs';\nimport { Stack, StackProps } from 'aws-cdk-lib';\nimport { CloudFrontToS3 } from '@aws-solutions-constructs/aws-cloudfront-s3';\n\nnew CloudFrontToS3(this, 'test-cloudfront-s3', {});\n```\n\nPython\n``` python\nfrom aws_solutions_constructs.aws_cloudfront_s3 import CloudFrontToS3\nfrom aws_cdk import Stack\nfrom constructs import Construct\n\nCloudFrontToS3(self, 'test-cloudfront-s3')\n```\n\nJava\n``` java\nimport software.constructs.Construct;\n\nimport software.amazon.awscdk.Stack;\nimport software.amazon.awscdk.StackProps;\nimport software.amazon.awsconstructs.services.cloudfronts3.*;\n\nnew CloudFrontToS3(this, \"test-cloudfront-s3\", new CloudFrontToS3Props.Builder()\n .build());\n```\n\n## Pattern Construct Props\n\n| **Name** | **Type** | **Description** |\n|:-------------|:----------------|-----------------|\n|existingBucketObj?|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)|Existing instance of S3 Bucket object or interface. If this is provided, then also providing bucketProps will cause an error. |\n|bucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html)|Optional user provided props to override the default props for the S3 Bucket.|\n|cloudFrontDistributionProps?|[`cloudfront.DistributionProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.DistributionProps.html)|Optional user provided props to override the default props for CloudFront Distribution|\n|insertHttpSecurityHeaders?|`boolean`|Optional user provided props to turn on/off the automatic injection of best practice HTTP security headers in all responses from CloudFront|\n| responseHeadersPolicyProps? | [`cloudfront.ResponseHeadersPolicyProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.ResponseHeadersPolicyProps.html) | Optional user provided configuration that cloudfront applies to all http responses.|\n|originPath?|`string`|Optional user provided props to provide an[originPath](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront_origins.S3OriginProps.html#originpath) that CloudFront appends to the origin domain name when CloudFront requests content from the origin. The string should start with a `/`, for example: `/production`. Default value is `'/'`|\n|loggingBucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html)|Optional user provided props to override the default props for the S3 Logging Bucket.|\n|cloudFrontLoggingBucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html)|Optional user provided props to override the default props for the CloudFront Logging Bucket.|\n|logS3AccessLogs?| boolean|Whether to turn on Access Logging for the S3 bucket. Creates an S3 bucket with associated storage costs for the logs. Enabling Access Logging is a best practice. default - true|\n\n## Pattern Properties\n\n| **Name** | **Type** | **Description** |\n|:-------------|:----------------|-----------------|\n|cloudFrontWebDistribution|[`cloudfront.Distribution`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Distribution.html)|Returns an instance of cloudfront.Distribution created by the construct|\n|cloudFrontFunction?|[`cloudfront.Function`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Function.html)|Returns an instance of the Cloudfront function created by the pattern.|\n|cloudFrontLoggingBucket|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html)|Returns an instance of the logging bucket for CloudFront Distribution.|\n|s3BucketInterface|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)|Returns an instance of s3.IBucket created by the construct|\n|s3Bucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct. IMPORTANT: If existingBucketObj was provided in Pattern Construct Props, this property will be `undefined`|\n|s3LoggingBucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct as the logging bucket for the primary bucket.|\n\n## Default settings\n\nOut of the box implementation of the Construct without any override will set the following defaults:\n\n### Amazon CloudFront\n* Configure Access logging for CloudFront Distribution\n* Enable automatic injection of best practice HTTP security headers in all responses from CloudFront Distribution\n* CloudFront originPath set to `'/'`\n\n### Amazon S3 Bucket\n* Configure Access logging for S3 Bucket\n* Enable server-side encryption for S3 Bucket using AWS managed KMS Key\n* Enforce encryption of data in transit\n* Turn on the versioning for S3 Bucket\n* Don't allow public access for S3 Bucket\n* Retain the S3 Bucket when deleting the CloudFormation stack\n* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days\n\n## Architecture\n![Architecture Diagram](architecture.png)\n\n***\n&copy; Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n"
3706
+ "markdown": "# aws-cloudfront-s3 module\n<!--BEGIN STABILITY BANNER-->\n\n---\n\n![Stability: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge)\n\n---\n<!--END STABILITY BANNER-->\n\n| **Reference Documentation**:| <span style=\"font-weight: normal\">https://docs.aws.amazon.com/solutions/latest/constructs/</span>|\n|:-------------|:-------------|\n<div style=\"height:8px\"></div>\n\n| **Language** | **Package** |\n|:-------------|-----------------|\n|![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python|`aws_solutions_constructs.aws_cloudfront_s3`|\n|![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript|`@aws-solutions-constructs/aws-cloudfront-s3`|\n|![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.cloudfronts3`|\n\n## Overview\nThis AWS Solutions Construct provisions an Amazon CloudFront Distribution that serves objects from an AWS S3 Bucket via an Origin Access Control (OAC).\n\nHere is a minimal deployable pattern definition:\n\nTypescript\n``` typescript\nimport { Construct } from 'constructs';\nimport { Stack, StackProps } from 'aws-cdk-lib';\nimport { CloudFrontToS3 } from '@aws-solutions-constructs/aws-cloudfront-s3';\n\nnew CloudFrontToS3(this, 'test-cloudfront-s3', {});\n```\n\nPython\n``` python\nfrom aws_solutions_constructs.aws_cloudfront_s3 import CloudFrontToS3\nfrom aws_cdk import Stack\nfrom constructs import Construct\n\nCloudFrontToS3(self, 'test-cloudfront-s3')\n```\n\nJava\n``` java\nimport software.constructs.Construct;\n\nimport software.amazon.awscdk.Stack;\nimport software.amazon.awscdk.StackProps;\nimport software.amazon.awsconstructs.services.cloudfronts3.*;\n\nnew CloudFrontToS3(this, \"test-cloudfront-s3\", new CloudFrontToS3Props.Builder()\n .build());\n```\n\n## Pattern Construct Props\n\n| **Name** | **Type** | **Description** |\n|:-------------|:----------------|-----------------|\n|existingBucketObj?|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)|Existing instance of S3 Bucket object or interface. If this is provided, then also providing bucketProps will cause an error. |\n|bucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html)|Optional user provided props to override the default props for the S3 Bucket.|\n|cloudFrontDistributionProps?|[`cloudfront.DistributionProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.DistributionProps.html)|Optional user provided props to override the default props for CloudFront Distribution|\n|insertHttpSecurityHeaders?|`boolean`|Optional user provided props to turn on/off the automatic injection of best practice HTTP security headers in all responses from CloudFront|\n| responseHeadersPolicyProps? | [`cloudfront.ResponseHeadersPolicyProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.ResponseHeadersPolicyProps.html) | Optional user provided configuration that cloudfront applies to all http responses.|\n|originPath?|`string`|Optional user provided props to provide an[originPath](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront_origins.S3OriginProps.html#originpath) that CloudFront appends to the origin domain name when CloudFront requests content from the origin. The string should start with a `/`, for example: `/production`. Default value is `'/'`|\n|loggingBucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html)|Optional user provided props to override the default props for the S3 Logging Bucket.|\n|cloudFrontLoggingBucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html)|Optional user provided props to override the default props for the CloudFront Logging Bucket.|\n|logS3AccessLogs?| boolean|Whether to turn on Access Logging for the S3 bucket. Creates an S3 bucket with associated storage costs for the logs. Enabling Access Logging is a best practice. default - true|\n\n## Pattern Properties\n\n| **Name** | **Type** | **Description** |\n|:-------------|:----------------|-----------------|\n|cloudFrontWebDistribution|[`cloudfront.Distribution`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Distribution.html)|Returns an instance of cloudfront.Distribution created by the construct.|\n|cloudFrontFunction?|[`cloudfront.Function`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Function.html)|Returns an instance of the Cloudfront function created by the construct.|\n|cloudFrontLoggingBucket|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html)|Returns an instance of the logging bucket for the CloudFront Distribution.|\n|s3BucketInterface|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)|Returns an instance of s3.IBucket created by the construct.|\n|s3Bucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct. IMPORTANT: If `existingBucketObj` was provided in Pattern Construct Props, this property will be `undefined`|\n|s3LoggingBucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct as the logging bucket for the primary bucket.|\n|originAccessControl?|[`cloudfront.CfnOriginAccessControl`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.cloudfront.CfnOriginAccessControl.html)|Returns an instance of cloudfront.CfnOriginAccessControl created by the construct.|\n\n## Default settings\n\nOut of the box implementation of the Construct without any override will set the following defaults:\n\n### Amazon CloudFront\n* Configure Access logging for CloudFront Distribution\n* Enable automatic injection of best practice HTTP security headers in all responses from CloudFront Distribution\n* CloudFront originPath set to `'/'`\n\n### Amazon S3 Bucket\n* Configure Access logging for S3 Bucket\n* Enable server-side encryption for S3 Bucket using AWS managed KMS Key\n* Enforce encryption of data in transit\n* Turn on the versioning for S3 Bucket\n* Don't allow public access for S3 Bucket\n* Retain the S3 Bucket when deleting the CloudFormation stack\n* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days\n\n## Architecture\n![Architecture Diagram](architecture.png)\n\n***\n&copy; Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n"
3602
3707
  },
3603
3708
  "repository": {
3604
3709
  "directory": "source/patterns/@aws-solutions-constructs/aws-cloudfront-s3",
@@ -3643,7 +3748,7 @@
3643
3748
  },
3644
3749
  "locationInModule": {
3645
3750
  "filename": "lib/index.ts",
3646
- "line": 107
3751
+ "line": 112
3647
3752
  },
3648
3753
  "parameters": [
3649
3754
  {
@@ -3678,7 +3783,7 @@
3678
3783
  "kind": "class",
3679
3784
  "locationInModule": {
3680
3785
  "filename": "lib/index.ts",
3681
- "line": 91
3786
+ "line": 95
3682
3787
  },
3683
3788
  "name": "CloudFrontToS3",
3684
3789
  "properties": [
@@ -3686,7 +3791,7 @@
3686
3791
  "immutable": true,
3687
3792
  "locationInModule": {
3688
3793
  "filename": "lib/index.ts",
3689
- "line": 92
3794
+ "line": 96
3690
3795
  },
3691
3796
  "name": "cloudFrontWebDistribution",
3692
3797
  "type": {
@@ -3697,7 +3802,7 @@
3697
3802
  "immutable": true,
3698
3803
  "locationInModule": {
3699
3804
  "filename": "lib/index.ts",
3700
- "line": 95
3805
+ "line": 99
3701
3806
  },
3702
3807
  "name": "s3BucketInterface",
3703
3808
  "type": {
@@ -3708,7 +3813,7 @@
3708
3813
  "immutable": true,
3709
3814
  "locationInModule": {
3710
3815
  "filename": "lib/index.ts",
3711
- "line": 93
3816
+ "line": 97
3712
3817
  },
3713
3818
  "name": "cloudFrontFunction",
3714
3819
  "optional": true,
@@ -3720,7 +3825,7 @@
3720
3825
  "immutable": true,
3721
3826
  "locationInModule": {
3722
3827
  "filename": "lib/index.ts",
3723
- "line": 94
3828
+ "line": 98
3724
3829
  },
3725
3830
  "name": "cloudFrontLoggingBucket",
3726
3831
  "optional": true,
@@ -3732,7 +3837,19 @@
3732
3837
  "immutable": true,
3733
3838
  "locationInModule": {
3734
3839
  "filename": "lib/index.ts",
3735
- "line": 96
3840
+ "line": 102
3841
+ },
3842
+ "name": "originAccessControl",
3843
+ "optional": true,
3844
+ "type": {
3845
+ "fqn": "aws-cdk-lib.aws_cloudfront.CfnOriginAccessControl"
3846
+ }
3847
+ },
3848
+ {
3849
+ "immutable": true,
3850
+ "locationInModule": {
3851
+ "filename": "lib/index.ts",
3852
+ "line": 100
3736
3853
  },
3737
3854
  "name": "s3Bucket",
3738
3855
  "optional": true,
@@ -3744,7 +3861,7 @@
3744
3861
  "immutable": true,
3745
3862
  "locationInModule": {
3746
3863
  "filename": "lib/index.ts",
3747
- "line": 97
3864
+ "line": 101
3748
3865
  },
3749
3866
  "name": "s3LoggingBucket",
3750
3867
  "optional": true,
@@ -3767,7 +3884,7 @@
3767
3884
  "kind": "interface",
3768
3885
  "locationInModule": {
3769
3886
  "filename": "lib/index.ts",
3770
- "line": 23
3887
+ "line": 27
3771
3888
  },
3772
3889
  "name": "CloudFrontToS3Props",
3773
3890
  "properties": [
@@ -3780,7 +3897,7 @@
3780
3897
  "immutable": true,
3781
3898
  "locationInModule": {
3782
3899
  "filename": "lib/index.ts",
3783
- "line": 35
3900
+ "line": 39
3784
3901
  },
3785
3902
  "name": "bucketProps",
3786
3903
  "optional": true,
@@ -3797,7 +3914,7 @@
3797
3914
  "immutable": true,
3798
3915
  "locationInModule": {
3799
3916
  "filename": "lib/index.ts",
3800
- "line": 41
3917
+ "line": 45
3801
3918
  },
3802
3919
  "name": "cloudFrontDistributionProps",
3803
3920
  "optional": true,
@@ -3814,7 +3931,7 @@
3814
3931
  "immutable": true,
3815
3932
  "locationInModule": {
3816
3933
  "filename": "lib/index.ts",
3817
- "line": 81
3934
+ "line": 85
3818
3935
  },
3819
3936
  "name": "cloudFrontLoggingBucketProps",
3820
3937
  "optional": true,
@@ -3831,7 +3948,7 @@
3831
3948
  "immutable": true,
3832
3949
  "locationInModule": {
3833
3950
  "filename": "lib/index.ts",
3834
- "line": 29
3951
+ "line": 33
3835
3952
  },
3836
3953
  "name": "existingBucketObj",
3837
3954
  "optional": true,
@@ -3849,7 +3966,7 @@
3849
3966
  "immutable": true,
3850
3967
  "locationInModule": {
3851
3968
  "filename": "lib/index.ts",
3852
- "line": 50
3969
+ "line": 54
3853
3970
  },
3854
3971
  "name": "insertHttpSecurityHeaders",
3855
3972
  "optional": true,
@@ -3866,7 +3983,7 @@
3866
3983
  "immutable": true,
3867
3984
  "locationInModule": {
3868
3985
  "filename": "lib/index.ts",
3869
- "line": 75
3986
+ "line": 79
3870
3987
  },
3871
3988
  "name": "loggingBucketProps",
3872
3989
  "optional": true,
@@ -3884,7 +4001,7 @@
3884
4001
  "immutable": true,
3885
4002
  "locationInModule": {
3886
4003
  "filename": "lib/index.ts",
3887
- "line": 88
4004
+ "line": 92
3888
4005
  },
3889
4006
  "name": "logS3AccessLogs",
3890
4007
  "optional": true,
@@ -3902,7 +4019,7 @@
3902
4019
  "immutable": true,
3903
4020
  "locationInModule": {
3904
4021
  "filename": "lib/index.ts",
3905
- "line": 69
4022
+ "line": 73
3906
4023
  },
3907
4024
  "name": "originPath",
3908
4025
  "optional": true,
@@ -3920,7 +4037,7 @@
3920
4037
  "immutable": true,
3921
4038
  "locationInModule": {
3922
4039
  "filename": "lib/index.ts",
3923
- "line": 62
4040
+ "line": 66
3924
4041
  },
3925
4042
  "name": "responseHeadersPolicyProps",
3926
4043
  "optional": true,
@@ -3932,6 +4049,6 @@
3932
4049
  "symbolId": "lib/index:CloudFrontToS3Props"
3933
4050
  }
3934
4051
  },
3935
- "version": "2.47.0",
3936
- "fingerprint": "XHg1tFbsC4Yd2S7/GlIXjgPUt3kY31No2/Sv1aV2tZc="
4052
+ "version": "2.49.0",
4053
+ "fingerprint": "+blfzG0XZeo50alROzC04PGon9aPh6CcugZ/xPZh/0o="
3937
4054
  }
package/README.md CHANGED
@@ -19,7 +19,7 @@
19
19
  |![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.cloudfronts3`|
20
20
 
21
21
  ## Overview
22
- This AWS Solutions Construct implements an AWS CloudFront fronting an AWS S3 Bucket.
22
+ This AWS Solutions Construct provisions an Amazon CloudFront Distribution that serves objects from an AWS S3 Bucket via an Origin Access Control (OAC).
23
23
 
24
24
  Here is a minimal deployable pattern definition:
25
25
 
@@ -71,12 +71,13 @@ new CloudFrontToS3(this, "test-cloudfront-s3", new CloudFrontToS3Props.Builder()
71
71
 
72
72
  | **Name** | **Type** | **Description** |
73
73
  |:-------------|:----------------|-----------------|
74
- |cloudFrontWebDistribution|[`cloudfront.Distribution`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Distribution.html)|Returns an instance of cloudfront.Distribution created by the construct|
75
- |cloudFrontFunction?|[`cloudfront.Function`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Function.html)|Returns an instance of the Cloudfront function created by the pattern.|
76
- |cloudFrontLoggingBucket|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html)|Returns an instance of the logging bucket for CloudFront Distribution.|
77
- |s3BucketInterface|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)|Returns an instance of s3.IBucket created by the construct|
78
- |s3Bucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct. IMPORTANT: If existingBucketObj was provided in Pattern Construct Props, this property will be `undefined`|
74
+ |cloudFrontWebDistribution|[`cloudfront.Distribution`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Distribution.html)|Returns an instance of cloudfront.Distribution created by the construct.|
75
+ |cloudFrontFunction?|[`cloudfront.Function`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_cloudfront.Function.html)|Returns an instance of the Cloudfront function created by the construct.|
76
+ |cloudFrontLoggingBucket|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html)|Returns an instance of the logging bucket for the CloudFront Distribution.|
77
+ |s3BucketInterface|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html)|Returns an instance of s3.IBucket created by the construct.|
78
+ |s3Bucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct. IMPORTANT: If `existingBucketObj` was provided in Pattern Construct Props, this property will be `undefined`|
79
79
  |s3LoggingBucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct as the logging bucket for the primary bucket.|
80
+ |originAccessControl?|[`cloudfront.CfnOriginAccessControl`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.cloudfront.CfnOriginAccessControl.html)|Returns an instance of cloudfront.CfnOriginAccessControl created by the construct.|
80
81
 
81
82
  ## Default settings
82
83
 
package/lib/index.d.ts CHANGED
@@ -90,6 +90,7 @@ export declare class CloudFrontToS3 extends Construct {
90
90
  readonly s3BucketInterface: s3.IBucket;
91
91
  readonly s3Bucket?: s3.Bucket;
92
92
  readonly s3LoggingBucket?: s3.Bucket;
93
+ readonly originAccessControl?: cloudfront.CfnOriginAccessControl;
93
94
  /**
94
95
  * @summary Constructs a new instance of the CloudFrontToS3 class.
95
96
  * @param {Construct} scope - represents the scope for all the resources.