@bitblit/ratchet-epsilon-deployment 5.0.110 → 5.0.112
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/lib/deployment/cdk/bucket-and-behavior-options.d.ts +6 -0
- package/lib/deployment/cdk/bucket-and-behavior-options.js +2 -0
- package/lib/deployment/cdk/bucket-and-behavior-options.js.map +1 -0
- package/lib/deployment/cdk/epsilon-api-stack-props.d.ts +3 -0
- package/lib/deployment/cdk/epsilon-api-stack.d.ts +2 -0
- package/lib/deployment/cdk/epsilon-api-stack.js +12 -5
- package/lib/deployment/cdk/epsilon-api-stack.js.map +1 -1
- package/lib/deployment/cdk/epsilon-lambda-to-cloudfront-path-mapping.d.ts +5 -1
- package/lib/deployment/cdk/epsilon-route-53-handling.d.ts +5 -0
- package/lib/deployment/cdk/epsilon-route-53-handling.js +5 -0
- package/lib/deployment/cdk/epsilon-route-53-handling.js.map +1 -0
- package/lib/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack-props.d.ts +17 -0
- package/lib/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack-props.js +2 -0
- package/lib/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack-props.js.map +1 -0
- package/lib/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack.d.ts +6 -0
- package/lib/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack.js +50 -0
- package/lib/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack.js.map +1 -0
- package/lib/deployment/cdk/epsilon-stack-util.d.ts +4 -0
- package/lib/deployment/cdk/epsilon-stack-util.js +39 -0
- package/lib/deployment/cdk/epsilon-stack-util.js.map +1 -1
- package/lib/deployment/cdk/epsilon-website-stack-props.d.ts +2 -6
- package/lib/deployment/cdk/epsilon-website-stack-props.js +1 -4
- package/lib/deployment/cdk/epsilon-website-stack-props.js.map +1 -1
- package/lib/deployment/cdk/epsilon-website-stack.d.ts +3 -4
- package/lib/deployment/cdk/epsilon-website-stack.js +66 -141
- package/lib/deployment/cdk/epsilon-website-stack.js.map +1 -1
- package/lib/deployment/index.d.ts +1 -1
- package/lib/deployment/index.js +1 -1
- package/lib/deployment/index.js.map +1 -1
- package/package.json +7 -7
- package/lib/deployment/cdk/bucket-and-source-configuration.d.ts +0 -6
- package/lib/deployment/cdk/bucket-and-source-configuration.js +0 -2
- package/lib/deployment/cdk/bucket-and-source-configuration.js.map +0 -1
package/README.md
CHANGED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bucket-and-behavior-options.js","sourceRoot":"","sources":["../../../src/deployment/cdk/bucket-and-behavior-options.ts"],"names":[],"mappings":""}
|
|
@@ -2,6 +2,7 @@ import { StackProps } from 'aws-cdk-lib';
|
|
|
2
2
|
import { PolicyStatement } from 'aws-cdk-lib/aws-iam';
|
|
3
3
|
import { EpsilonApiStackFeature } from './epsilon-api-stack-feature.js';
|
|
4
4
|
import { SubnetAttributes } from "aws-cdk-lib/aws-ec2";
|
|
5
|
+
import { EpsilonSimpleLambdaCloudfrontDistributionStackProps } from "./epsilon-simple-lambda-cloudfront-distribution-stack-props";
|
|
5
6
|
export interface EpsilonApiStackProps extends StackProps {
|
|
6
7
|
batchInstancesEc2KeyPairName?: string;
|
|
7
8
|
additionalPolicyStatements: PolicyStatement[];
|
|
@@ -17,4 +18,6 @@ export interface EpsilonApiStackProps extends StackProps {
|
|
|
17
18
|
backgroundMemorySizeMb?: number;
|
|
18
19
|
webTimeoutSeconds?: number;
|
|
19
20
|
backgroundTimeoutSeconds?: number;
|
|
21
|
+
replaceBatchComputeEnvironment?: boolean;
|
|
22
|
+
autoCloudfrontDistribution?: EpsilonSimpleLambdaCloudfrontDistributionStackProps;
|
|
20
23
|
}
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
import { Stack } from 'aws-cdk-lib';
|
|
2
2
|
import { Construct } from 'constructs';
|
|
3
|
+
import { FunctionUrl } from 'aws-cdk-lib/aws-lambda';
|
|
3
4
|
import { EpsilonApiStackProps } from './epsilon-api-stack-props.js';
|
|
4
5
|
export declare class EpsilonApiStack extends Stack {
|
|
5
6
|
private webHandler;
|
|
6
7
|
private backgroundHandler;
|
|
8
|
+
webFunctionUrl: FunctionUrl;
|
|
7
9
|
apiDomain: string;
|
|
8
10
|
constructor(scope: Construct, id: string, props?: EpsilonApiStackProps);
|
|
9
11
|
}
|
|
@@ -14,9 +14,11 @@ import { EcsFargateContainerDefinition, EcsJobDefinition, FargateComputeEnvironm
|
|
|
14
14
|
import { SecurityGroup, Subnet, Vpc } from "aws-cdk-lib/aws-ec2";
|
|
15
15
|
import { ContainerImage } from 'aws-cdk-lib/aws-ecs';
|
|
16
16
|
import { EpsilonApiStackFeature } from './epsilon-api-stack-feature.js';
|
|
17
|
+
import { EpsilonSimpleLambdaCloudfrontDistributionStack } from "./epsilon-simple-lambda-cloudfront-distribution-stack";
|
|
17
18
|
export class EpsilonApiStack extends Stack {
|
|
18
19
|
webHandler;
|
|
19
20
|
backgroundHandler;
|
|
21
|
+
webFunctionUrl;
|
|
20
22
|
apiDomain;
|
|
21
23
|
constructor(scope, id, props) {
|
|
22
24
|
super(scope, id, props);
|
|
@@ -74,14 +76,14 @@ export class EpsilonApiStack extends Stack {
|
|
|
74
76
|
computeEnvironmentName: id + 'ComputeEnv',
|
|
75
77
|
enabled: true,
|
|
76
78
|
maxvCpus: 16,
|
|
77
|
-
replaceComputeEnvironment: false,
|
|
79
|
+
replaceComputeEnvironment: props.replaceBatchComputeEnvironment ?? false,
|
|
78
80
|
securityGroups: props.lambdaSecurityGroupIds.map((sgId, index) => SecurityGroup.fromSecurityGroupId(this, `SecurityGroup${index}`, `sg-${sgId}`)),
|
|
79
|
-
serviceRole: Role.fromRoleArn(this, `${id}ServiceRole`, 'arn:aws:iam::' + props.env.account + ':role/
|
|
81
|
+
serviceRole: Role.fromRoleArn(this, `${id}ServiceRole`, 'arn:aws:iam::' + props.env.account + ':role/aws-service-role/batch.amazonaws.com/AWSServiceRoleForBatch'),
|
|
80
82
|
spot: false,
|
|
81
83
|
terminateOnUpdate: false,
|
|
82
84
|
updateTimeout: Duration.hours(4),
|
|
83
85
|
updateToLatestImageVersion: true,
|
|
84
|
-
vpcSubnets: subnetSelection
|
|
86
|
+
vpcSubnets: subnetSelection,
|
|
85
87
|
};
|
|
86
88
|
const compEnv = new FargateComputeEnvironment(this, id + 'ComputeEnv', compEnvProps);
|
|
87
89
|
const batchJobQueueProps = {
|
|
@@ -150,7 +152,7 @@ export class EpsilonApiStack extends Stack {
|
|
|
150
152
|
});
|
|
151
153
|
rule.addTarget(new LambdaFunction(this.webHandler));
|
|
152
154
|
}
|
|
153
|
-
|
|
155
|
+
this.webFunctionUrl = this.webHandler.addFunctionUrl({
|
|
154
156
|
authType: FunctionUrlAuthType.NONE,
|
|
155
157
|
cors: {
|
|
156
158
|
allowedOrigins: ['*'],
|
|
@@ -161,10 +163,15 @@ export class EpsilonApiStack extends Stack {
|
|
|
161
163
|
});
|
|
162
164
|
this.apiDomain = Lazy.uncachedString({
|
|
163
165
|
produce: (context) => {
|
|
164
|
-
const resolved = context.resolve(
|
|
166
|
+
const resolved = context.resolve(this.webFunctionUrl.url);
|
|
165
167
|
return { 'Fn::Select': [2, { 'Fn::Split': ['/', resolved] }] };
|
|
166
168
|
},
|
|
167
169
|
});
|
|
170
|
+
if (props.autoCloudfrontDistribution) {
|
|
171
|
+
const distroPropsCopy = Object.assign({}, props.autoCloudfrontDistribution);
|
|
172
|
+
distroPropsCopy.lambdaFunctionDomain = this.webFunctionUrl;
|
|
173
|
+
new EpsilonSimpleLambdaCloudfrontDistributionStack(this, id + 'ApiCloudfrontDistro', distroPropsCopy);
|
|
174
|
+
}
|
|
168
175
|
}
|
|
169
176
|
if (!disabledFeatures.includes(EpsilonApiStackFeature.BackgroundLambda)) {
|
|
170
177
|
this.backgroundHandler = new DockerImageFunction(this, id + 'Background', {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"epsilon-api-stack.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-api-stack.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAE1D,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAe,mBAAmB,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAC5H,OAAO,EAAE,aAAa,EAAE,cAAc,
|
|
1
|
+
{"version":3,"file":"epsilon-api-stack.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-api-stack.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAE1D,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAe,mBAAmB,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAC5H,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAC5F,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAC5C,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC;AAEvE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,6CAA6C,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,OAAO,EAAE,4BAA4B,EAAE,MAAM,gDAAgD,CAAC;AAC9F,OAAO,EACL,6BAA6B,EAE7B,gBAAgB,EAEhB,yBAAyB,EAEzB,QAAQ,GAET,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,EAAmB,GAAG,EAAE,MAAM,qBAAqB,CAAC;AAElF,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AAIxE,OAAO,EAAE,8CAA8C,EAAE,MAAM,uDAAuD,CAAC;AAEvH,MAAM,OAAO,eAAgB,SAAQ,KAAK;IAChC,UAAU,CAAsB;IAChC,iBAAiB,CAAsB;IAExC,cAAc,CAAc;IAC5B,SAAS,CAAS;IAEzB,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA4B;QACpE,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAExB,MAAM,gBAAgB,GAA6B,KAAK,EAAE,gBAAgB,IAAI,EAAE,CAAC;QAGjF,MAAM,gBAAgB,GAAqB,IAAI,gBAAgB,CAAC,IAAI,EAAE,EAAE,GAAG,aAAa,EAAE;YACxF,SAAS,EAAE,KAAK,CAAC,gBAAgB;YACjC,IAAI,EAAE,KAAK,CAAC,cAAc;SAC3B,CAAC,CAAC;QACH,MAAM,eAAe,GAAoB,eAAe,CAAC,cAAc,CAAC,KAAK,CAAC,gBAAgB,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,cAAc,EAAE,CAAC,CAAC;QAEhI,MAAM,iBAAiB,GAAU,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,GAAG,uBAAuB,CAAC,CAAC;QAC/E,MAAM,SAAS,GAAU,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,GAAG,WAAW,EAAE;YACzD,IAAI,EAAE,IAAI;YACV,eAAe,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;YAClC,iBAAiB,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YACtC,yBAAyB,EAAE,IAAI;YAC/B,GAAG,KAAK;SACT,CAAC,CAAC;QAEH,MAAM,yBAAyB,GAAU,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,GAAG,eAAe,CAAC,CAAC;QAE/E,MAAM,UAAU,GAA2B;YACzC,kBAAkB,EAAE,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YACnE,8BAA8B,EAAE,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,iBAAiB,CAAC,CAAC;YAC1G,gCAAgC,EAAE,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,QAAQ,CAAC;YAC9E,gCAAgC,EAAE,aAAa,CAAC,UAAU,CAAC,iBAAiB,CAAC,QAAQ,CAAC;YACtF,iCAAiC,EAAE,aAAa,CAAC,UAAU,CAAC,yBAAyB,CAAC,QAAQ,CAAC;YAC/F,sBAAsB,EAAE,aAAa,CAAC,UAAU,CAAC,4BAA4B,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC;YACtG,sBAAsB,EAAE,aAAa,CAAC,UAAU,CAAC,4BAA4B,CAAC,gBAAgB,EAAE,CAAC,YAAY,CAAC;YAC9G,+BAA+B,EAAE,aAAa,CAAC,UAAU,CACvD,4BAA4B,CAAC,gBAAgB,EAAE,CAAC,MAAM,IAAI,4BAA4B,CAAC,gBAAgB,EAAE,CAAC,GAAG,CAC9G;YACD,yBAAyB,EAAE,aAAa,CAAC,UAAU,CAAC,4BAA4B,CAAC,gBAAgB,EAAE,CAAC,OAAO,CAAC;SAC7G,CAAC;QACF,MAAM,GAAG,GAA2B,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,sBAAsB,IAAI,EAAE,EAAE,UAAU,CAAC,CAAC;QAEtG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,sBAAsB,CAAC,eAAe,CAAC,EAAE,CAAC;YAGvE,MAAM,aAAa,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,GAAG,oBAAoB,EAAE;gBAC9D,SAAS,EAAE,IAAI,gBAAgB,CAAC,yBAAyB,CAAC;gBAC1D,eAAe,EAAE,CAAC,aAAa,CAAC,wBAAwB,CAAC,8CAA8C,CAAC,CAAC;gBACzG,cAAc,EAAE;oBACd,IAAI,EAAE,IAAI,cAAc,CAAC;wBACvB,UAAU,EAAE,gBAAgB,CAAC,qBAAqB;qBACnD,CAAC;iBACH;aACF,CAAC,CAAC;YAGH,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,GAAG,cAAc,EAAE;gBAClD,SAAS,EAAE,IAAI,gBAAgB,CAAC,yBAAyB,CAAC;gBAC1D,eAAe,EAAE,CAAC,aAAa,CAAC,wBAAwB,CAAC,8CAA8C,CAAC,CAAC;gBACzG,cAAc,EAAE;oBACd,IAAI,EAAE,IAAI,cAAc,CAAC;wBACvB,UAAU,EAAE,gBAAgB,CAAC,gCAAgC,CAAC,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,yBAAyB,CAAC;qBAC9H,CAAC;iBACH;aACF,CAAC,CAAC;YAEH,MAAM,eAAe,GAAoB;gBACvC,OAAO,EAAE,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,IAAI,EAAC,YAAY,KAAK,EAAE,EAAC,UAAU,CAAI,CAAC;aACnI,CAAC;YAIF,MAAM,YAAY,GAAmC;gBACnD,GAAG,EAAE,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC;gBACxD,sBAAsB,EAAE,EAAE,GAAG,YAAY;gBACzC,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,EAAE;gBACZ,yBAAyB,EAAE,KAAK,CAAC,8BAA8B,IAAI,KAAK;gBACxE,cAAc,EAAE,KAAK,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAC/D,aAAa,CAAC,mBAAmB,CAAC,IAAI,EAAE,gBAAgB,KAAK,EAAE,EAAE,MAAM,IAAI,EAAE,CAAC,CAC/E;gBACD,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,GAAG,EAAE,aAAa,EAAE,eAAe,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,GAAG,mEAAmE,CAAC;gBAElK,IAAI,EAAE,KAAK;gBACX,iBAAiB,EAAE,KAAK;gBACxB,aAAa,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;gBAChC,0BAA0B,EAAE,IAAI;gBAChC,UAAU,EAAE,eAAe;aAE5B,CAAC;YAEF,MAAM,OAAO,GAA8B,IAAI,yBAAyB,CAAC,IAAI,EAAE,EAAE,GAAG,YAAY,EAAE,YAAY,CAAC,CAAC;YAEhH,MAAM,kBAAkB,GAAkB;gBACxC,mBAAmB,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,kBAAkB,EAAE,OAAO,EAAE,CAAC;gBAChE,OAAO,EAAE,IAAI;gBACb,YAAY,EAAE,EAAE,GAAG,eAAe;gBAClC,QAAQ,EAAE,EAAE;gBACZ,gBAAgB,EAAE,SAAS;aAC5B,CAAC;YAEF,MAAM,aAAa,GAAG,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,GAAG,eAAe,EAAE,kBAAkB,CAAC,CAAC;YAEnF,MAAM,YAAY,GAAwB,gBAAgB,CAAC,sBAAsB,CAAC;gBAChF,GAAG;gBACH,KAAK,CAAC,sBAAsB,IAAI,EAAE;gBAClC;oBACE,4BAA4B,EAAE,IAAI;iBACnC;aACF,CAAC,CAAC;YAEH,MAAM,YAAY,GAAuC;gBACvD,GAAG,EAAE,CAAC;gBACN,KAAK,EAAE,cAAc,CAAC,YAAY,CAAC,gBAAgB,CAAC,QAAQ,CAAC;gBAC7D,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBAC5B,cAAc,EAAE,IAAI;gBACpB,OAAO,EAAE,CAAC,eAAe,EAAE,qBAAqB,EAAE,cAAc,EAAE,iBAAiB,EAAE,yBAAyB,CAAC;gBAC/G,WAAW,EAAE,YAAY;gBACzB,aAAa,EAAE,aAAa;gBAE5B,OAAO,EAAE,OAAO;gBAEhB,sBAAsB,EAAE,KAAK;gBAG7B,OAAO,EAAE,EAAE;aACZ,CAAC;YAEF,MAAM,6BAA6B,GAAG,IAAI,6BAA6B,CAAC,IAAI,EAAE,GAAG,EAAE,4BAA4B,EAAE,YAAY,CAAC,CAAC;YAE/H,MAAM,QAAQ,GAA0B;gBACtC,iBAAiB,EAAE,EAAE,GAAG,eAAe;gBACvC,aAAa,EAAE,CAAC;gBAChB,eAAe,EAAE,SAAS;gBAC1B,kBAAkB,EAAE,SAAS;gBAC7B,OAAO,EAAE,SAAS;gBAClB,SAAS,EAAE,6BAA6B;aACzC,CAAC;YAEF,MAAM,MAAM,GAAqB,IAAI,gBAAgB,CAAC,IAAI,EAAE,EAAE,GAAG,eAAe,EAAE,QAAQ,CAAC,CAAC;YAG5F,GAAG,CAAC,sCAAsC,CAAC,GAAG,MAAM,CAAC,gBAAgB,CAAC;YACtE,GAAG,CAAC,iCAAiC,CAAC,GAAG,aAAa,CAAC,WAAW,CAAC;QACrE,CAAC;QAGD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE;YAC9C,QAAQ,EAAE,EAAE,GAAG,kBAAkB;YACjC,SAAS,EAAE,IAAI,gBAAgB,CAAC,sBAAsB,CAAC;YACvD,eAAe,EAAE,CAAC,aAAa,CAAC,wBAAwB,CAAC,8CAA8C,CAAC,CAAC;YACzG,cAAc,EAAE;gBACd,IAAI,EAAE,IAAI,cAAc,CAAC;oBACvB,UAAU,EAAE,gBAAgB,CAAC,gCAAgC,CAAC,KAAK,EAAE,SAAS,EAAE,iBAAiB,EAAE,yBAAyB,CAAC;iBAC9H,CAAC;aACH;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,sBAAsB,CAAC,SAAS,CAAC,EAAE,CAAC;YACjE,IAAI,CAAC,UAAU,GAAG,IAAI,mBAAmB,CAAC,IAAI,EAAE,EAAE,GAAG,KAAK,EAAE;gBAE1D,aAAa,EAAE,CAAC;gBAEhB,UAAU,EAAE,KAAK,CAAC,eAAe,IAAI,GAAG;gBACxC,oBAAoB,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC;gBACzC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,IAAI,EAAE,CAAC;gBACxD,IAAI,EAAE,eAAe;gBACrB,IAAI,EAAE,UAAU;gBAChB,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,IAAI,KAAK,EAAE,oBAAoB,IAAI,KAAK,CAAC,oBAAoB,GAAG,CAAC,EAAE,CAAC;gBAElE,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,GAAG,kBAAkB,EAAE;oBACnD,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC,CAAC;iBACjF,CAAC,CAAC;gBACH,IAAI,CAAC,SAAS,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YACtD,CAAC;YAED,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC;gBACnD,QAAQ,EAAE,mBAAmB,CAAC,IAAI;gBAClC,IAAI,EAAE;oBACJ,cAAc,EAAE,CAAC,GAAG,CAAC;oBACrB,cAAc,EAAE,CAAC,cAAc,EAAE,YAAY,EAAE,eAAe,EAAE,WAAW,CAAC;oBAC5E,cAAc,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;oBAChC,gBAAgB,EAAE,IAAI;iBACvB;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC;gBACnC,OAAO,EAAE,CAAC,OAAO,EAAE,EAAE;oBACnB,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;oBAC1D,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,WAAW,EAAE,CAAC,GAAG,EAAE,QAAQ,CAAC,EAAE,CAAC,EAAS,CAAC;gBACxE,CAAC;aACF,CAAC,CAAC;YAEH,IAAI,KAAK,CAAC,0BAA0B,EAAE,CAAC;gBACrC,MAAM,eAAe,GAAwD,MAAM,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,0BAA0B,CAAC,CAAC;gBACjI,eAAe,CAAC,oBAAoB,GAAG,IAAI,CAAC,cAAc,CAAC;gBAC3D,IAAI,8CAA8C,CAAC,IAAI,EAAE,EAAE,GAAC,qBAAqB,EAAE,eAAe,CAAC,CAAC;YACtG,CAAC;QACH,CAAC;QAED,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,sBAAsB,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACxE,IAAI,CAAC,iBAAiB,GAAG,IAAI,mBAAmB,CAAC,IAAI,EAAE,EAAE,GAAG,YAAY,EAAE;gBAExE,aAAa,EAAE,CAAC;gBAEhB,UAAU,EAAE,KAAK,CAAC,sBAAsB,IAAI,IAAI;gBAChD,oBAAoB,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC;gBACzC,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,wBAAwB,IAAI,GAAG,CAAC;gBAChE,IAAI,EAAE,eAAe;gBACrB,IAAI,EAAE,UAAU;gBAChB,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,iBAAiB,CAAC,eAAe,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;YAClF,yBAAyB,CAAC,eAAe,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;YAG1F,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE,GAAG,UAAU,EAAE;gBAC3C,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;aAC7C,CAAC,CAAC;YACH,IAAI,CAAC,SAAS,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;QAC7D,CAAC;IAEH,CAAC;CACF"}
|
|
@@ -1,4 +1,8 @@
|
|
|
1
|
+
import { FunctionUrl } from "aws-cdk-lib/aws-lambda";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
import { IResponseHeadersPolicy } from "aws-cdk-lib/aws-cloudfront";
|
|
1
4
|
export interface EpsilonLambdaToCloudfrontPathMapping {
|
|
2
|
-
|
|
5
|
+
lambdaFunctionUrl: FunctionUrl;
|
|
3
6
|
pathPattern: string;
|
|
7
|
+
responseHeadersPolicyCreator?: (scope: Construct, id: string) => IResponseHeadersPolicy;
|
|
4
8
|
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"epsilon-route-53-handling.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-route-53-handling.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,MAAM,EAAE,QAAQ;IAChB,WAAW,EAAE,aAAa;CAC3B,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { StackProps } from "aws-cdk-lib";
|
|
2
|
+
import { AllowedMethods, ICachePolicy, IResponseHeadersPolicy, PriceClass, SSLMethod, ViewerProtocolPolicy } from "aws-cdk-lib/aws-cloudfront";
|
|
3
|
+
import { FunctionUrl } from "aws-cdk-lib/aws-lambda";
|
|
4
|
+
import { EpsilonRoute53Handling } from "./epsilon-route-53-handling";
|
|
5
|
+
import { Construct } from "constructs";
|
|
6
|
+
export interface EpsilonSimpleLambdaCloudfrontDistributionStackProps extends StackProps {
|
|
7
|
+
lambdaFunctionDomain: FunctionUrl;
|
|
8
|
+
httpsCertArn: string;
|
|
9
|
+
domainNames: string[];
|
|
10
|
+
protocolPolicy?: ViewerProtocolPolicy;
|
|
11
|
+
cachePolicy?: ICachePolicy;
|
|
12
|
+
priceClass?: PriceClass;
|
|
13
|
+
sslMethod?: SSLMethod;
|
|
14
|
+
route53Handling?: EpsilonRoute53Handling;
|
|
15
|
+
allowedMethods?: AllowedMethods;
|
|
16
|
+
responseHeadersPolicyCreator?: (scope: Construct, id: string) => IResponseHeadersPolicy;
|
|
17
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"epsilon-simple-lambda-cloudfront-distribution-stack-props.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack-props.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { Stack } from "aws-cdk-lib";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
import { EpsilonSimpleLambdaCloudfrontDistributionStackProps } from "./epsilon-simple-lambda-cloudfront-distribution-stack-props";
|
|
4
|
+
export declare class EpsilonSimpleLambdaCloudfrontDistributionStack extends Stack {
|
|
5
|
+
constructor(scope: Construct, id: string, props?: EpsilonSimpleLambdaCloudfrontDistributionStackProps);
|
|
6
|
+
}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
import { Stack } from "aws-cdk-lib";
|
|
2
|
+
import { AllowedMethods, CachePolicy, Distribution, OriginRequestPolicy, PriceClass, ResponseHeadersPolicy, SSLMethod, ViewerProtocolPolicy } from "aws-cdk-lib/aws-cloudfront";
|
|
3
|
+
import { FunctionUrlOrigin } from "aws-cdk-lib/aws-cloudfront-origins";
|
|
4
|
+
import { Certificate } from "aws-cdk-lib/aws-certificatemanager";
|
|
5
|
+
import { HostedZone, RecordSet, RecordType } from "aws-cdk-lib/aws-route53";
|
|
6
|
+
import { CloudFrontTarget } from "aws-cdk-lib/aws-route53-targets";
|
|
7
|
+
import { EpsilonRoute53Handling } from "./epsilon-route-53-handling";
|
|
8
|
+
import { EpsilonStackUtil } from "./epsilon-stack-util";
|
|
9
|
+
export class EpsilonSimpleLambdaCloudfrontDistributionStack extends Stack {
|
|
10
|
+
constructor(scope, id, props) {
|
|
11
|
+
super(scope, id, props);
|
|
12
|
+
let policy = ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS;
|
|
13
|
+
if (props.responseHeadersPolicyCreator) {
|
|
14
|
+
policy = props.responseHeadersPolicyCreator(scope, id);
|
|
15
|
+
}
|
|
16
|
+
const behavior = {
|
|
17
|
+
origin: new FunctionUrlOrigin(props.lambdaFunctionDomain),
|
|
18
|
+
compress: true,
|
|
19
|
+
viewerProtocolPolicy: props.protocolPolicy ?? ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
20
|
+
cachePolicy: props.cachePolicy ?? CachePolicy.CACHING_DISABLED,
|
|
21
|
+
allowedMethods: props.allowedMethods ?? AllowedMethods.ALLOW_ALL,
|
|
22
|
+
originRequestPolicy: OriginRequestPolicy.ALL_VIEWER_EXCEPT_HOST_HEADER,
|
|
23
|
+
responseHeadersPolicy: policy
|
|
24
|
+
};
|
|
25
|
+
const httpsCertificate = Certificate.fromCertificateArn(scope, id + 'HttpsCert', props.httpsCertArn);
|
|
26
|
+
const distributionProps = {
|
|
27
|
+
defaultBehavior: behavior,
|
|
28
|
+
priceClass: props.priceClass ?? PriceClass.PRICE_CLASS_ALL,
|
|
29
|
+
certificate: httpsCertificate,
|
|
30
|
+
domainNames: props.domainNames,
|
|
31
|
+
sslSupportMethod: props.sslMethod ?? SSLMethod.SNI,
|
|
32
|
+
};
|
|
33
|
+
const dist = new Distribution(scope, id + 'CloudfrontDistro', distributionProps);
|
|
34
|
+
if (props?.route53Handling === EpsilonRoute53Handling.Update) {
|
|
35
|
+
if (props?.domainNames?.length) {
|
|
36
|
+
for (let i = 0; i < props.domainNames.length; i++) {
|
|
37
|
+
const domain = new RecordSet(this, id + 'DomainName-' + props.domainNames[i], {
|
|
38
|
+
recordType: RecordType.A,
|
|
39
|
+
recordName: props.domainNames[i],
|
|
40
|
+
target: {
|
|
41
|
+
aliasTarget: new CloudFrontTarget(dist),
|
|
42
|
+
},
|
|
43
|
+
zone: HostedZone.fromLookup(scope, id, { domainName: EpsilonStackUtil.extractApexDomain(props.domainNames[i]) }),
|
|
44
|
+
});
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
//# sourceMappingURL=epsilon-simple-lambda-cloudfront-distribution-stack.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"epsilon-simple-lambda-cloudfront-distribution-stack.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-simple-lambda-cloudfront-distribution-stack.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAEpC,OAAO,EACL,cAAc,EAEd,WAAW,EAAE,YAAY,EACkB,mBAAmB,EAC9D,UAAU,EAAE,qBAAqB,EACjC,SAAS,EACT,oBAAoB,EACrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAIvE,OAAO,EAAE,WAAW,EAAgB,MAAM,oCAAoC,CAAC;AAC/E,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAExD,MAAM,OAAO,8CAA+C,SAAQ,KAAK;IACvE,YAAY,KAAgB,EAAE,EAAU,EAAE,KAA2D;QACnG,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAExB,IAAI,MAAM,GAA2B,qBAAqB,CAAC,0DAA0D,CAAC;QACtH,IAAI,KAAK,CAAC,4BAA4B,EAAE,CAAC;YACvC,MAAM,GAAG,KAAK,CAAC,4BAA4B,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,QAAQ,GAAoB;YAChC,MAAM,EAAE,IAAI,iBAAiB,CAAC,KAAK,CAAC,oBAAoB,CAAC;YACzD,QAAQ,EAAE,IAAI;YACd,oBAAoB,EAAE,KAAK,CAAC,cAAc,IAAI,oBAAoB,CAAC,iBAAiB;YACpF,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,WAAW,CAAC,gBAAgB;YAC9D,cAAc,EAAE,KAAK,CAAC,cAAc,IAAI,cAAc,CAAC,SAAS;YAChE,mBAAmB,EAAE,mBAAmB,CAAC,6BAA6B;YACtE,qBAAqB,EAAE,MAAM;SAC9B,CAAC;QAEF,MAAM,gBAAgB,GAAiB,WAAW,CAAC,kBAAkB,CAAC,KAAK,EAAE,EAAE,GAAG,WAAW,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;QAEnH,MAAM,iBAAiB,GAAsB;YAC3C,eAAe,EAAE,QAAQ;YACzB,UAAU,EAAE,KAAK,CAAC,UAAU,IAAI,UAAU,CAAC,eAAe;YAC1D,WAAW,EAAE,gBAAgB;YAC7B,WAAW,EAAE,KAAK,CAAC,WAAW;YAC9B,gBAAgB,EAAE,KAAK,CAAC,SAAS,IAAI,SAAS,CAAC,GAAG;SACnD,CAAC;QAEF,MAAM,IAAI,GAAiB,IAAI,YAAY,CAAC,KAAK,EAAE,EAAE,GAAG,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QAG/F,IAAI,KAAK,EAAE,eAAe,KAAK,sBAAsB,CAAC,MAAM,EAAE,CAAC;YAC7D,IAAI,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;gBAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAClD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,IAAI,EAAE,EAAE,GAAG,aAAa,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE;wBAC5E,UAAU,EAAE,UAAU,CAAC,CAAC;wBACxB,UAAU,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;wBAChC,MAAM,EAAE;4BACN,WAAW,EAAE,IAAI,gBAAgB,CAAC,IAAI,CAAC;yBACxC;wBACD,IAAI,EAAE,UAAU,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;qBACjH,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IAEH,CAAC;CACF"}
|
|
@@ -2,6 +2,8 @@ import { PolicyStatement } from 'aws-cdk-lib/aws-iam';
|
|
|
2
2
|
import { Topic } from 'aws-cdk-lib/aws-sns';
|
|
3
3
|
import { Queue } from 'aws-cdk-lib/aws-sqs';
|
|
4
4
|
import { EpsilonApiStackProps } from './epsilon-api-stack-props.js';
|
|
5
|
+
import { ResponseHeadersPolicy } from "aws-cdk-lib/aws-cloudfront";
|
|
6
|
+
import { Construct } from "constructs";
|
|
5
7
|
export declare class EpsilonStackUtil {
|
|
6
8
|
private constructor();
|
|
7
9
|
static toEnvironmentVariables(input: Record<string, any>[]): Record<string, string>;
|
|
@@ -11,4 +13,6 @@ export declare class EpsilonStackUtil {
|
|
|
11
13
|
static readonly ALLOW_RESTRICTED_LOGS: PolicyStatement;
|
|
12
14
|
static readonly ALLOW_FARGATE_SECRET_READING: PolicyStatement[];
|
|
13
15
|
static readonly ECS_POLICY_STATEMENTS: PolicyStatement[];
|
|
16
|
+
static extractApexDomain(domainName: string): string;
|
|
17
|
+
static createForwardCorsPolicy(app: Construct, id: string, xssReportUri: string): ResponseHeadersPolicy;
|
|
14
18
|
}
|
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
import { Logger } from '@bitblit/ratchet-common/logger/logger';
|
|
2
2
|
import { StringRatchet } from '@bitblit/ratchet-common/lang/string-ratchet';
|
|
3
3
|
import { Effect, PolicyStatement } from 'aws-cdk-lib/aws-iam';
|
|
4
|
+
import { ErrorRatchet } from "@bitblit/ratchet-common/lang/error-ratchet";
|
|
5
|
+
import { HeadersFrameOption, HeadersReferrerPolicy, ResponseHeadersPolicy } from "aws-cdk-lib/aws-cloudfront";
|
|
6
|
+
import { Duration } from "aws-cdk-lib";
|
|
4
7
|
export class EpsilonStackUtil {
|
|
5
8
|
constructor() { }
|
|
6
9
|
static toEnvironmentVariables(input) {
|
|
@@ -95,5 +98,41 @@ export class EpsilonStackUtil {
|
|
|
95
98
|
EpsilonStackUtil.ALLOW_ECR,
|
|
96
99
|
EpsilonStackUtil.ALLOW_RESTRICTED_LOGS,
|
|
97
100
|
].concat(EpsilonStackUtil.ALLOW_FARGATE_SECRET_READING);
|
|
101
|
+
static extractApexDomain(domainName) {
|
|
102
|
+
const pieces = StringRatchet.trimToEmpty(domainName).split('.');
|
|
103
|
+
if (pieces.length < 2) {
|
|
104
|
+
ErrorRatchet.throwFormattedErr('Not a valid domain name : %s', domainName);
|
|
105
|
+
}
|
|
106
|
+
return pieces[pieces.length - 2] + '.' + pieces[pieces.length - 1];
|
|
107
|
+
}
|
|
108
|
+
static createForwardCorsPolicy(app, id, xssReportUri) {
|
|
109
|
+
const rval = new ResponseHeadersPolicy(app, id + 'CFRespHeadersPolicy', {
|
|
110
|
+
responseHeadersPolicyName: id + 'CustomCloudfrontPolicy',
|
|
111
|
+
comment: 'Policy allowing passthru for CORS headers',
|
|
112
|
+
corsBehavior: {
|
|
113
|
+
accessControlAllowCredentials: false,
|
|
114
|
+
accessControlAllowHeaders: ['*'],
|
|
115
|
+
accessControlAllowMethods: ['*'],
|
|
116
|
+
accessControlAllowOrigins: ['*'],
|
|
117
|
+
accessControlExposeHeaders: [],
|
|
118
|
+
accessControlMaxAge: Duration.seconds(600),
|
|
119
|
+
originOverride: false,
|
|
120
|
+
},
|
|
121
|
+
customHeadersBehavior: {
|
|
122
|
+
customHeaders: [],
|
|
123
|
+
},
|
|
124
|
+
securityHeadersBehavior: {
|
|
125
|
+
contentSecurityPolicy: { contentSecurityPolicy: 'default-src https:;', override: true },
|
|
126
|
+
contentTypeOptions: { override: true },
|
|
127
|
+
frameOptions: { frameOption: HeadersFrameOption.DENY, override: true },
|
|
128
|
+
referrerPolicy: { referrerPolicy: HeadersReferrerPolicy.NO_REFERRER, override: true },
|
|
129
|
+
strictTransportSecurity: { accessControlMaxAge: Duration.seconds(600), includeSubdomains: true, override: true },
|
|
130
|
+
xssProtection: { protection: true, modeBlock: false, reportUri: xssReportUri, override: true },
|
|
131
|
+
},
|
|
132
|
+
removeHeaders: ['Server'],
|
|
133
|
+
serverTimingSamplingRate: 50,
|
|
134
|
+
});
|
|
135
|
+
return rval;
|
|
136
|
+
}
|
|
98
137
|
}
|
|
99
138
|
//# sourceMappingURL=epsilon-stack-util.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"epsilon-stack-util.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-stack-util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,uCAAuC,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,6CAA6C,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"epsilon-stack-util.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-stack-util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,uCAAuC,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,6CAA6C,CAAC;AAC5E,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAI9D,OAAO,EAAE,YAAY,EAAE,MAAM,4CAA4C,CAAC;AAC1E,OAAO,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAE9G,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,MAAM,OAAO,gBAAgB;IAG3B,gBAAuB,CAAC;IAEjB,MAAM,CAAC,sBAAsB,CAAC,KAA4B;QAC/D,MAAM,IAAI,GAA2B,EAAE,CAAC;QACxC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YACtB,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC/B,IAAI,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/C,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,MAAM,CAAC,gCAAgC,CAC5C,KAA2B,EAC3B,mBAA0B,EAC1B,mBAA0B,EAC1B,WAAkB;QAElB,MAAM,IAAI,GAAsB,CAAC,KAAK,CAAC,0BAA0B,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;YAC9E,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,qBAAqB,EAAE,sBAAsB,EAAE,mBAAmB,CAAC;gBAC7E,SAAS,EAAE,CAAC,oBAAoB,CAAC;aAClC,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,eAAe,EAAE,kBAAkB,CAAC;gBAC9C,SAAS,EAAE,CAAC,eAAe,CAAC;aAC7B,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,OAAO,CAAC;gBAClB,SAAS,EAAE,CAAC,mBAAmB,CAAC,QAAQ,CAAC;aAC1C,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,OAAO,CAAC;gBAClB,SAAS,EAAE,CAAC,mBAAmB,CAAC,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC;aAChE,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,SAAS,CAAC;gBACpB,SAAS,EAAE,CAAC,GAAG,CAAC;aACjB,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,4BAA4B,CAAC;gBACvC,SAAS,EAAE,CAAC,GAAG,CAAC;aACjB,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,qBAAqB,CAAC;gBAChC,SAAS,EAAE,CAAC,GAAG,CAAC;aACjB,CAAC;YACF,IAAI,eAAe,CAAC;gBAClB,MAAM,EAAE,MAAM,CAAC,KAAK;gBACpB,OAAO,EAAE,CAAC,kBAAkB,CAAC;gBAC7B,SAAS,EAAE,CAAC,GAAG,CAAC;aACjB,CAAC;SACH,CAAC,CAAC;QACH,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,IAAI,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,MAAM,CAAU,SAAS,GAAoB,IAAI,eAAe,CAAC;QACtE,MAAM,EAAE,MAAM,CAAC,KAAK;QACpB,OAAO,EAAE,CAAC,OAAO,CAAC;QAClB,SAAS,EAAE,CAAC,GAAG,CAAC;KACjB,CAAC,CAAC;IAEI,MAAM,CAAU,SAAS,GAAoB,IAAI,eAAe,CAAC;QACtE,MAAM,EAAE,MAAM,CAAC,KAAK;QACpB,OAAO,EAAE,CAAC,iCAAiC,EAAE,mBAAmB,EAAE,4BAA4B,EAAE,2BAA2B,CAAC;QAC5H,SAAS,EAAE,CAAC,GAAG,CAAC;KACjB,CAAC,CAAC;IAEI,MAAM,CAAU,qBAAqB,GAAoB,IAAI,eAAe,CAAC;QAClF,MAAM,EAAE,MAAM,CAAC,KAAK;QACpB,OAAO,EAAE,CAAC,sBAAsB,EAAE,mBAAmB,EAAE,yBAAyB,EAAE,qBAAqB,CAAC;QACxG,SAAS,EAAE,CAAC,GAAG,CAAC;KACjB,CAAC,CAAC;IAGI,MAAM,CAAU,4BAA4B,GAAsB;QACvE,IAAI,eAAe,CAAC;YAClB,MAAM,EAAE,MAAM,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,mBAAmB,CAAC;YAC9B,SAAS,EAAE,CAAC,GAAG,CAAC;SACjB,CAAC;QACF,IAAI,eAAe,CAAC;YAClB,MAAM,EAAE,MAAM,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,+BAA+B,CAAC;YAC1C,SAAS,EAAE,CAAC,GAAG,CAAC;SACjB,CAAC;QACF,IAAI,eAAe,CAAC;YAClB,MAAM,EAAE,MAAM,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,aAAa,CAAC;YACxB,SAAS,EAAE,CAAC,GAAG,CAAC;SACjB,CAAC;KACH,CAAC;IAEK,MAAM,CAAU,qBAAqB,GAAsB;QAChE,gBAAgB,CAAC,SAAS;QAC1B,gBAAgB,CAAC,SAAS;QAC1B,gBAAgB,CAAC,qBAAqB;KACvC,CAAC,MAAM,CAAC,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;IAGjD,MAAM,CAAC,iBAAiB,CAAC,UAAkB;QAChD,MAAM,MAAM,GAAa,aAAa,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC1E,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,YAAY,CAAC,iBAAiB,CAAC,8BAA8B,EAAE,UAAU,CAAC,CAAC;QAC7E,CAAC;QACD,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACrE,CAAC;IAEM,MAAM,CAAC,uBAAuB,CAAC,GAAc,EAAE,EAAU,EAAE,YAAoB;QAEpF,MAAM,IAAI,GAA0B,IAAI,qBAAqB,CAAC,GAAG,EAAE,EAAE,GAAC,qBAAqB,EAAE;YAC3F,yBAAyB,EAAE,EAAE,GAAC,wBAAwB;YACtD,OAAO,EAAE,2CAA2C;YACpD,YAAY,EACV;gBACA,6BAA6B,EAAE,KAAK;gBACpC,yBAAyB,EAAE,CAAC,GAAG,CAAC;gBAChC,yBAAyB,EAAE,CAAC,GAAG,CAAC;gBAChC,yBAAyB,EAAE,CAAC,GAAG,CAAC;gBAChC,0BAA0B,EAAE,EAAE;gBAC9B,mBAAmB,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC;gBAC1C,cAAc,EAAE,KAAK;aACtB;YACD,qBAAqB,EAAE;gBACrB,aAAa,EAAE,EAGd;aACF;YACD,uBAAuB,EAAE;gBACvB,qBAAqB,EAAE,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,QAAQ,EAAE,IAAI,EAAE;gBACvF,kBAAkB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;gBACtC,YAAY,EAAE,EAAE,WAAW,EAAE,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE;gBACtE,cAAc,EAAE,EAAE,cAAc,EAAE,qBAAqB,CAAC,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE;gBACrF,uBAAuB,EAAE,EAAE,mBAAmB,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,iBAAiB,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE;gBAChH,aAAa,EAAE,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE;aAC/F;YACD,aAAa,EAAE,CAAC,QAAQ,CAAC;YACzB,wBAAwB,EAAE,EAAE;SAC7B,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC"}
|
|
@@ -3,19 +3,15 @@ import { SimpleAdditionalS3WebsiteMapping } from './simple-additional-s3-website
|
|
|
3
3
|
import { EpsilonLambdaToCloudfrontPathMapping } from './epsilon-lambda-to-cloudfront-path-mapping.js';
|
|
4
4
|
import { Behavior } from 'aws-cdk-lib/aws-cloudfront';
|
|
5
5
|
import { EpsilonWebsiteCacheBehavior } from './epsilon-website-cache-behavior.js';
|
|
6
|
+
import { EpsilonRoute53Handling } from "./epsilon-route-53-handling.js";
|
|
6
7
|
export interface EpsilonWebsiteStackProps extends StackProps {
|
|
7
8
|
targetBucketName: string;
|
|
8
9
|
cloudFrontHttpsCertificateArn: string;
|
|
9
10
|
cloudFrontDomainNames: string[];
|
|
10
11
|
apiMappings: EpsilonLambdaToCloudfrontPathMapping[];
|
|
11
12
|
pathsToAssets: string[];
|
|
12
|
-
route53Handling:
|
|
13
|
+
route53Handling: EpsilonRoute53Handling;
|
|
13
14
|
simpleAdditionalMappings?: SimpleAdditionalS3WebsiteMapping[];
|
|
14
15
|
websiteCacheBehavior?: EpsilonWebsiteCacheBehavior;
|
|
15
16
|
websiteBehaviorOverride?: Behavior[];
|
|
16
17
|
}
|
|
17
|
-
export declare const EpsilonWebsiteStackPropsRoute53Handling: {
|
|
18
|
-
Update: string;
|
|
19
|
-
DoNotUpdate: string;
|
|
20
|
-
};
|
|
21
|
-
export type EpsilonWebsiteStackPropsRoute53Handling = (typeof EpsilonWebsiteStackPropsRoute53Handling)[keyof typeof EpsilonWebsiteStackPropsRoute53Handling];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"epsilon-website-stack-props.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-website-stack-props.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"epsilon-website-stack-props.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-website-stack-props.ts"],"names":[],"mappings":""}
|
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
import { Stack } from
|
|
2
|
-
import { Construct } from
|
|
3
|
-
import { EpsilonWebsiteStackProps } from
|
|
1
|
+
import { Stack } from "aws-cdk-lib";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
import { EpsilonWebsiteStackProps } from "./epsilon-website-stack-props.js";
|
|
4
4
|
export declare class EpsilonWebsiteStack extends Stack {
|
|
5
5
|
constructor(scope: Construct, id: string, props?: EpsilonWebsiteStackProps);
|
|
6
|
-
static extractApexDomain(domainName: string): string;
|
|
7
6
|
}
|
|
@@ -1,14 +1,15 @@
|
|
|
1
|
-
import { Bucket, BucketEncryption } from
|
|
2
|
-
import { Duration, Stack } from
|
|
3
|
-
import path from
|
|
4
|
-
import {
|
|
5
|
-
import { HostedZone, RecordSet, RecordType } from
|
|
6
|
-
import { CloudFrontTarget } from
|
|
7
|
-
import { BucketDeployment, Source } from
|
|
8
|
-
import {
|
|
9
|
-
import {
|
|
10
|
-
import {
|
|
11
|
-
import {
|
|
1
|
+
import { Bucket, BucketEncryption } from "aws-cdk-lib/aws-s3";
|
|
2
|
+
import { Duration, Stack } from "aws-cdk-lib";
|
|
3
|
+
import path from "path";
|
|
4
|
+
import { AllowedMethods, CachePolicy, Distribution, OriginAccessIdentity, PriceClass, ResponseHeadersPolicy, SSLMethod, ViewerProtocolPolicy } from "aws-cdk-lib/aws-cloudfront";
|
|
5
|
+
import { HostedZone, RecordSet, RecordType } from "aws-cdk-lib/aws-route53";
|
|
6
|
+
import { CloudFrontTarget } from "aws-cdk-lib/aws-route53-targets";
|
|
7
|
+
import { BucketDeployment, Source } from "aws-cdk-lib/aws-s3-deployment";
|
|
8
|
+
import { EpsilonStackUtil } from "./epsilon-stack-util.js";
|
|
9
|
+
import { EpsilonRoute53Handling } from "./epsilon-route-53-handling";
|
|
10
|
+
import { FunctionUrlOrigin, S3BucketOrigin } from "aws-cdk-lib/aws-cloudfront-origins";
|
|
11
|
+
import { Certificate } from "aws-cdk-lib/aws-certificatemanager";
|
|
12
|
+
import { Logger } from "@bitblit/ratchet-common/logger/logger";
|
|
12
13
|
export class EpsilonWebsiteStack extends Stack {
|
|
13
14
|
constructor(scope, id, props) {
|
|
14
15
|
super(scope, id, props);
|
|
@@ -19,139 +20,68 @@ export class EpsilonWebsiteStack extends Stack {
|
|
|
19
20
|
publicReadAccess: false,
|
|
20
21
|
encryption: BucketEncryption.S3_MANAGED,
|
|
21
22
|
});
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
const nextBS = {
|
|
27
|
-
bucket: nextBucket,
|
|
28
|
-
sourceConfig: {
|
|
29
|
-
s3OriginSource: {
|
|
30
|
-
s3BucketSource: nextBucket,
|
|
31
|
-
originAccessIdentity: originAccessId,
|
|
32
|
-
},
|
|
33
|
-
behaviors: [
|
|
34
|
-
{
|
|
35
|
-
pathPattern: eb.pathPattern,
|
|
36
|
-
isDefaultBehavior: false,
|
|
37
|
-
compress: true,
|
|
38
|
-
defaultTtl: Duration.seconds(1),
|
|
39
|
-
minTtl: Duration.seconds(1),
|
|
40
|
-
maxTtl: Duration.seconds(1),
|
|
41
|
-
forwardedValues: {
|
|
42
|
-
queryString: false,
|
|
43
|
-
},
|
|
44
|
-
},
|
|
45
|
-
],
|
|
46
|
-
},
|
|
47
|
-
};
|
|
48
|
-
return nextBS;
|
|
23
|
+
const cachePolicy = new CachePolicy(this, id + 'ShortCachePolicy', {
|
|
24
|
+
defaultTtl: Duration.seconds(1),
|
|
25
|
+
maxTtl: Duration.seconds(1),
|
|
26
|
+
minTtl: Duration.seconds(1),
|
|
49
27
|
});
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
let websiteBehaviors;
|
|
57
|
-
switch (props.websiteCacheBehavior) {
|
|
58
|
-
case EpsilonWebsiteCacheBehavior.NoCache:
|
|
59
|
-
websiteBehaviors = [
|
|
60
|
-
{
|
|
61
|
-
isDefaultBehavior: true,
|
|
62
|
-
compress: true,
|
|
63
|
-
defaultTtl: Duration.seconds(0),
|
|
64
|
-
minTtl: Duration.seconds(0),
|
|
65
|
-
maxTtl: Duration.seconds(0),
|
|
66
|
-
forwardedValues: {
|
|
67
|
-
queryString: false,
|
|
68
|
-
},
|
|
69
|
-
},
|
|
70
|
-
];
|
|
71
|
-
break;
|
|
72
|
-
case EpsilonWebsiteCacheBehavior.Custom:
|
|
73
|
-
websiteBehaviors = props.websiteBehaviorOverride;
|
|
74
|
-
break;
|
|
75
|
-
default:
|
|
76
|
-
websiteBehaviors = [
|
|
77
|
-
{
|
|
78
|
-
isDefaultBehavior: true,
|
|
79
|
-
compress: true,
|
|
80
|
-
defaultTtl: Duration.seconds(1),
|
|
81
|
-
minTtl: Duration.seconds(1),
|
|
82
|
-
maxTtl: Duration.seconds(1),
|
|
83
|
-
forwardedValues: {
|
|
84
|
-
queryString: false,
|
|
85
|
-
},
|
|
86
|
-
},
|
|
87
|
-
];
|
|
88
|
-
break;
|
|
89
|
-
}
|
|
90
|
-
const assetSource = {
|
|
91
|
-
s3OriginSource: {
|
|
92
|
-
s3BucketSource: websiteBucket,
|
|
93
|
-
originAccessIdentity: originAccessId,
|
|
94
|
-
},
|
|
95
|
-
behaviors: websiteBehaviors,
|
|
28
|
+
const defaultBehavior = {
|
|
29
|
+
origin: S3BucketOrigin.withOriginAccessIdentity(websiteBucket, { originAccessIdentity: originAccessId }),
|
|
30
|
+
compress: true,
|
|
31
|
+
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
32
|
+
cachePolicy: cachePolicy,
|
|
33
|
+
allowedMethods: AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
|
|
96
34
|
};
|
|
97
|
-
const
|
|
98
|
-
const next = {
|
|
99
|
-
customOriginSource: {
|
|
100
|
-
domainName: s.apiDomainName,
|
|
101
|
-
originProtocolPolicy: OriginProtocolPolicy.HTTPS_ONLY,
|
|
102
|
-
},
|
|
103
|
-
behaviors: [
|
|
104
|
-
{
|
|
105
|
-
compress: true,
|
|
106
|
-
forwardedValues: {
|
|
107
|
-
queryString: true,
|
|
108
|
-
cookies: {
|
|
109
|
-
forward: 'whitelist',
|
|
110
|
-
whitelistedNames: ['idToken'],
|
|
111
|
-
},
|
|
112
|
-
headers: ['Accept', 'Referer', 'Authorization', 'Content-Type'],
|
|
113
|
-
},
|
|
114
|
-
pathPattern: s.pathPattern,
|
|
115
|
-
defaultTtl: Duration.seconds(0),
|
|
116
|
-
maxTtl: Duration.seconds(0),
|
|
117
|
-
minTtl: Duration.seconds(0),
|
|
118
|
-
allowedMethods: CloudFrontAllowedMethods.ALL,
|
|
119
|
-
cachedMethods: CloudFrontAllowedCachedMethods.GET_HEAD,
|
|
120
|
-
},
|
|
121
|
-
],
|
|
122
|
-
};
|
|
123
|
-
return next;
|
|
124
|
-
});
|
|
35
|
+
const httpsCertificate = Certificate.fromCertificateArn(this, id + 'HttpsCert', props.cloudFrontHttpsCertificateArn);
|
|
125
36
|
const distributionProps = {
|
|
126
|
-
|
|
37
|
+
defaultBehavior: defaultBehavior,
|
|
127
38
|
defaultRootObject: 'index.html',
|
|
128
|
-
|
|
129
|
-
|
|
39
|
+
priceClass: PriceClass.PRICE_CLASS_ALL,
|
|
40
|
+
certificate: httpsCertificate,
|
|
41
|
+
domainNames: props.cloudFrontDomainNames,
|
|
42
|
+
sslSupportMethod: SSLMethod.SNI,
|
|
43
|
+
additionalBehaviors: {},
|
|
44
|
+
errorResponses: [
|
|
130
45
|
{
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
46
|
+
httpStatus: 404,
|
|
47
|
+
ttl: Duration.seconds(300),
|
|
48
|
+
responseHttpStatus: 200,
|
|
134
49
|
responsePagePath: '/index.html',
|
|
135
50
|
},
|
|
136
51
|
{
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
52
|
+
httpStatus: 403,
|
|
53
|
+
ttl: Duration.seconds(300),
|
|
54
|
+
responseHttpStatus: 200,
|
|
140
55
|
responsePagePath: '/index.html',
|
|
141
56
|
},
|
|
142
57
|
],
|
|
143
|
-
priceClass: PriceClass.PRICE_CLASS_ALL,
|
|
144
|
-
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
145
|
-
viewerCertificate: {
|
|
146
|
-
aliases: props.cloudFrontDomainNames,
|
|
147
|
-
props: {
|
|
148
|
-
acmCertificateArn: props.cloudFrontHttpsCertificateArn,
|
|
149
|
-
sslSupportMethod: 'sni-only',
|
|
150
|
-
},
|
|
151
|
-
},
|
|
152
58
|
};
|
|
153
|
-
|
|
154
|
-
|
|
59
|
+
(props.apiMappings || []).forEach(s => {
|
|
60
|
+
const next = {
|
|
61
|
+
origin: new FunctionUrlOrigin(s.lambdaFunctionUrl),
|
|
62
|
+
compress: true,
|
|
63
|
+
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
64
|
+
cachePolicy: CachePolicy.CACHING_DISABLED,
|
|
65
|
+
allowedMethods: AllowedMethods.ALLOW_ALL,
|
|
66
|
+
responseHeadersPolicy: s.responseHeadersPolicyCreator ? s.responseHeadersPolicyCreator(scope, id) : ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS
|
|
67
|
+
};
|
|
68
|
+
distributionProps.additionalBehaviors[s.pathPattern] = next;
|
|
69
|
+
});
|
|
70
|
+
(props.simpleAdditionalMappings || []).forEach((eb) => {
|
|
71
|
+
const nextBucket = Bucket.fromBucketAttributes(this, eb.bucketName + 'ImportedBucket', {
|
|
72
|
+
bucketName: eb.bucketName,
|
|
73
|
+
});
|
|
74
|
+
const behaviorOptions = {
|
|
75
|
+
origin: S3BucketOrigin.withOriginAccessIdentity(nextBucket, { originAccessIdentity: originAccessId }),
|
|
76
|
+
compress: true,
|
|
77
|
+
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
78
|
+
cachePolicy: cachePolicy,
|
|
79
|
+
allowedMethods: AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
|
|
80
|
+
};
|
|
81
|
+
distributionProps.additionalBehaviors[eb.pathPattern] = behaviorOptions;
|
|
82
|
+
});
|
|
83
|
+
const cloudfrontDistro = new Distribution(this, id + 'CloudfrontDistro', distributionProps);
|
|
84
|
+
if (props?.route53Handling === EpsilonRoute53Handling.Update) {
|
|
155
85
|
if (props?.cloudFrontDomainNames?.length) {
|
|
156
86
|
for (let i = 0; i < props.cloudFrontDomainNames.length; i++) {
|
|
157
87
|
const domain = new RecordSet(this, id + 'DomainName-' + props.cloudFrontDomainNames[i], {
|
|
@@ -160,24 +90,19 @@ export class EpsilonWebsiteStack extends Stack {
|
|
|
160
90
|
target: {
|
|
161
91
|
aliasTarget: new CloudFrontTarget(cloudfrontDistro),
|
|
162
92
|
},
|
|
163
|
-
zone: HostedZone.fromLookup(this, id, { domainName:
|
|
93
|
+
zone: HostedZone.fromLookup(this, id, { domainName: EpsilonStackUtil.extractApexDomain(props.cloudFrontDomainNames[i]) }),
|
|
164
94
|
});
|
|
165
95
|
}
|
|
166
96
|
}
|
|
167
97
|
}
|
|
98
|
+
const assetSources = props.pathsToAssets.map((inPath) => Source.asset(path.resolve(inPath)));
|
|
99
|
+
Logger.info('Found %d asset sources to push to S3', assetSources.length);
|
|
168
100
|
new BucketDeployment(this, id + 'SiteDeploy', {
|
|
169
|
-
sources:
|
|
101
|
+
sources: assetSources,
|
|
170
102
|
destinationBucket: websiteBucket,
|
|
171
103
|
distribution: cloudfrontDistro,
|
|
172
104
|
distributionPaths: ['/*'],
|
|
173
105
|
});
|
|
174
106
|
}
|
|
175
|
-
static extractApexDomain(domainName) {
|
|
176
|
-
const pieces = StringRatchet.trimToEmpty(domainName).split('.');
|
|
177
|
-
if (pieces.length < 2) {
|
|
178
|
-
ErrorRatchet.throwFormattedErr('Not a valid domain name : %s', domainName);
|
|
179
|
-
}
|
|
180
|
-
return pieces[pieces.length - 2] + '.' + pieces[pieces.length - 1];
|
|
181
|
-
}
|
|
182
107
|
}
|
|
183
108
|
//# sourceMappingURL=epsilon-website-stack.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"epsilon-website-stack.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-website-stack.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAE9C,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,
|
|
1
|
+
{"version":3,"file":"epsilon-website-stack.js","sourceRoot":"","sources":["../../../src/deployment/cdk/epsilon-website-stack.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAE9C,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EACL,cAAc,EAEd,WAAW,EACX,YAAY,EAEZ,oBAAoB,EACpB,UAAU,EACV,qBAAqB,EACrB,SAAS,EACT,oBAAoB,EACrB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAW,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAElF,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACvF,OAAO,EAAE,WAAW,EAAgB,MAAM,oCAAoC,CAAC;AAC/E,OAAO,EAAE,MAAM,EAAE,MAAM,uCAAuC,CAAC;AAE/D,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAC5C,YAAY,KAAgB,EAAE,EAAU,EAAE,KAAgC;QACxE,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QAExB,MAAM,cAAc,GAAyB,IAAI,oBAAoB,CAAC,IAAI,EAAE,EAAE,GAAG,gBAAgB,CAAC,CAAC;QAEnG,MAAM,aAAa,GAAW,IAAI,MAAM,CAAC,IAAI,EAAE,EAAE,GAAG,cAAc,EAAE;YAClE,UAAU,EAAE,KAAK,CAAC,gBAAgB;YAGlC,SAAS,EAAE,KAAK;YAChB,gBAAgB,EAAE,KAAK;YACvB,UAAU,EAAE,gBAAgB,CAAC,UAAU;SACxC,CAAC,CAAC;QAEH,MAAM,WAAW,GAAgB,IAAI,WAAW,CAAC,IAAI,EAAE,EAAE,GAAC,kBAAkB,EAAE;YAC5E,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC/B,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC3B,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;SAC5B,CAAC,CAAC;QAEH,MAAM,eAAe,GAAoB;YACvC,MAAM,EAAE,cAAc,CAAC,wBAAwB,CAAC,aAAa,EAAE,EAAC,oBAAoB,EAAC,cAAc,EAAC,CAAC;YACrG,QAAQ,EAAE,IAAI;YACd,oBAAoB,EAAE,oBAAoB,CAAC,iBAAiB;YAC5D,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,cAAc,CAAC,sBAAsB;SACtD,CAAC;QAEF,MAAM,gBAAgB,GAAiB,WAAW,CAAC,kBAAkB,CAAC,IAAI,EAAE,EAAE,GAAG,WAAW,EAAE,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAEnI,MAAM,iBAAiB,GAAsB;YAC3C,eAAe,EAAE,eAAe;YAChC,iBAAiB,EAAE,YAAY;YAC/B,UAAU,EAAE,UAAU,CAAC,eAAe;YACtC,WAAW,EAAE,gBAAgB;YAC7B,WAAW,EAAE,KAAK,CAAC,qBAAqB;YACxC,gBAAgB,EAAE,SAAS,CAAC,GAAG;YAC/B,mBAAmB,EAAE,EAAE;YACvB,cAAc,EAAE;gBACd;oBACE,UAAU,EAAE,GAAG;oBACf,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC;oBAC1B,kBAAkB,EAAE,GAAG;oBACvB,gBAAgB,EAAE,aAAa;iBAChC;gBACD;oBACE,UAAU,EAAE,GAAG;oBACf,GAAG,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC;oBAC1B,kBAAkB,EAAE,GAAG;oBACvB,gBAAgB,EAAE,aAAa;iBAChC;aACF;SACF,CAAC;QAGF,CAAC,KAAK,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA,EAAE;YACnC,MAAM,IAAI,GAAoB;gBAC5B,MAAM,EAAE,IAAI,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC;gBAClD,QAAQ,EAAE,IAAI;gBACd,oBAAoB,EAAE,oBAAoB,CAAC,iBAAiB;gBAC5D,WAAW,EAAE,WAAW,CAAC,gBAAgB;gBACzC,cAAc,EAAE,cAAc,CAAC,SAAS;gBACxC,qBAAqB,EAAE,CAAC,CAAC,4BAA4B,CAAC,CAAC,CAAC,CAAC,CAAC,4BAA4B,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,0DAA0D;aACrL,CAAC;YACF,iBAAiB,CAAC,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC;QAC9D,CAAC,CAAC,CAAC;QAIH,CAAC,KAAK,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;YACpD,MAAM,UAAU,GAAG,MAAM,CAAC,oBAAoB,CAAC,IAAI,EAAE,EAAE,CAAC,UAAU,GAAG,gBAAgB,EAAE;gBACrF,UAAU,EAAE,EAAE,CAAC,UAAU;aAC1B,CAAC,CAAC;YAEH,MAAM,eAAe,GAAoB;gBACvC,MAAM,EAAE,cAAc,CAAC,wBAAwB,CAAC,UAAU,EAAE,EAAC,oBAAoB,EAAC,cAAc,EAAC,CAAC;gBAClG,QAAQ,EAAE,IAAI;gBACd,oBAAoB,EAAE,oBAAoB,CAAC,iBAAiB;gBAC5D,WAAW,EAAE,WAAW;gBACxB,cAAc,EAAE,cAAc,CAAC,sBAAsB;aACtD,CAAC;YAEF,iBAAiB,CAAC,mBAAmB,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,eAAe,CAAC;QAC1E,CAAC,CAAC,CAAC;QAGH,MAAM,gBAAgB,GAAiB,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,GAAG,kBAAkB,EAAE,iBAAiB,CAAC,CAAC;QAG1G,IAAI,KAAK,EAAE,eAAe,KAAK,sBAAsB,CAAC,MAAM,EAAE,CAAC;YAC7D,IAAI,KAAK,EAAE,qBAAqB,EAAE,MAAM,EAAE,CAAC;gBACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,qBAAqB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC5D,MAAM,MAAM,GAAc,IAAI,SAAS,CAAC,IAAI,EAAE,EAAE,GAAG,aAAa,GAAG,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,EAAE;wBACjG,UAAU,EAAE,UAAU,CAAC,CAAC;wBACxB,UAAU,EAAE,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;wBAC1C,MAAM,EAAE;4BACN,WAAW,EAAE,IAAI,gBAAgB,CAAC,gBAAgB,CAAC;yBACpD;wBACD,IAAI,EAAE,UAAU,CAAC,UAAU,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,UAAU,EAAE,gBAAgB,CAAC,iBAAiB,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;qBAC1H,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,YAAY,GAAc,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACxG,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC;QAIzE,IAAI,gBAAgB,CAAC,IAAI,EAAE,EAAE,GAAG,YAAY,EAAE;YAC5C,OAAO,EAAE,YAAY;YACrB,iBAAiB,EAAE,aAAa;YAChC,YAAY,EAAE,gBAAgB;YAC9B,iBAAiB,EAAE,CAAC,IAAI,CAAC;SAC1B,CAAC,CAAC;IACL,CAAC;CAEF"}
|
package/lib/deployment/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/deployment/index.ts"],"names":[],"mappings":"AAIA,cAAc,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/deployment/index.ts"],"names":[],"mappings":"AAIA,cAAc,mCAAmC,CAAC;AAClD,cAAc,oCAAoC,CAAC;AACnD,cAAc,kCAAkC,CAAC;AACjD,cAAc,4BAA4B,CAAC;AAC3C,cAAc,oDAAoD,CAAC;AACnE,cAAc,6BAA6B,CAAC;AAC5C,cAAc,yCAAyC,CAAC;AACxD,cAAc,sCAAsC,CAAC;AACrD,cAAc,gCAAgC,CAAC;AAC/C,cAAc,+CAA+C,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@bitblit/ratchet-epsilon-deployment",
|
|
3
|
-
"version": "5.0.
|
|
3
|
+
"version": "5.0.112",
|
|
4
4
|
"description": "Epsilon CDK extensions to simplify deployment",
|
|
5
5
|
"sideEffects": false,
|
|
6
6
|
"type": "module",
|
|
@@ -50,15 +50,15 @@
|
|
|
50
50
|
},
|
|
51
51
|
"license": "Apache-2.0",
|
|
52
52
|
"dependencies": {
|
|
53
|
-
"@bitblit/ratchet-aws": "5.0.
|
|
54
|
-
"@bitblit/ratchet-common": "5.0.
|
|
55
|
-
"@bitblit/ratchet-epsilon-common": "5.0.
|
|
56
|
-
"aws-cdk-lib": "2.
|
|
53
|
+
"@bitblit/ratchet-aws": "5.0.112",
|
|
54
|
+
"@bitblit/ratchet-common": "5.0.112",
|
|
55
|
+
"@bitblit/ratchet-epsilon-common": "5.0.112",
|
|
56
|
+
"aws-cdk-lib": "2.161.1",
|
|
57
57
|
"constructs": "10.3.0"
|
|
58
58
|
},
|
|
59
59
|
"peerDependencies": {
|
|
60
|
-
"@bitblit/ratchet-common": "5.0.
|
|
61
|
-
"aws-cdk-lib": "^2.
|
|
60
|
+
"@bitblit/ratchet-common": "5.0.112",
|
|
61
|
+
"aws-cdk-lib": "^2.161.1",
|
|
62
62
|
"constructs": "^10.3.0"
|
|
63
63
|
}
|
|
64
64
|
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"bucket-and-source-configuration.js","sourceRoot":"","sources":["../../../src/deployment/cdk/bucket-and-source-configuration.ts"],"names":[],"mappings":""}
|