@certenza/aws-cdk-infrastructure-commons 2.4.3 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/apigateway.d.ts +8 -1
- package/dist/src/apigateway.js +30 -5
- package/dist/src/lambda.js +7 -0
- package/package.json +3 -3
package/dist/src/apigateway.d.ts
CHANGED
|
@@ -49,4 +49,11 @@ declare const createHttpApiGatewayLambdaEndpoint: (method: "POST" | "GET" | "PUT
|
|
|
49
49
|
* @returns The HTTP API Gateway SQS endpoint
|
|
50
50
|
*/
|
|
51
51
|
declare const createHttpApiGatewaySQSEndpoint: (method: "POST" | "GET" | "PUT" | "DELETE" | "PATCH" | "OPTIONS" | "HEAD", path: string, queue: sqs.IQueue, api: apigatewayv2.HttpApi) => apigatewayv2.IHttpRoute[];
|
|
52
|
-
|
|
52
|
+
/**
|
|
53
|
+
* Associates a WAF to a REST API Gateway
|
|
54
|
+
* @param scope - The scope of the construct
|
|
55
|
+
* @param api - The REST API Gateway to associate the WAF to
|
|
56
|
+
* @param webACLArn - The ARN of the WAF to associate
|
|
57
|
+
*/
|
|
58
|
+
declare const associateWebACLToRestApiGateway: (scope: Construct, api: apigateway.RestApi, webACLArn: string) => void;
|
|
59
|
+
export { createApiGateway, createHttpApiGateway, createHttpApiGatewayLambdaEndpoint, createHttpApiGatewaySQSEndpoint, getApiGatewayDomainName, associateWebACLToRestApiGateway, };
|
package/dist/src/apigateway.js
CHANGED
|
@@ -33,7 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
33
33
|
};
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.getApiGatewayDomainName = exports.createHttpApiGatewaySQSEndpoint = exports.createHttpApiGatewayLambdaEndpoint = exports.createHttpApiGateway = exports.createApiGateway = void 0;
|
|
36
|
+
exports.associateWebACLToRestApiGateway = exports.getApiGatewayDomainName = exports.createHttpApiGatewaySQSEndpoint = exports.createHttpApiGatewayLambdaEndpoint = exports.createHttpApiGateway = exports.createApiGateway = void 0;
|
|
37
37
|
const apigateway = __importStar(require("aws-cdk-lib/aws-apigateway"));
|
|
38
38
|
const apigatewayv2 = __importStar(require("aws-cdk-lib/aws-apigatewayv2"));
|
|
39
39
|
const apigatewayv2_integrations = __importStar(require("aws-cdk-lib/aws-apigatewayv2-integrations"));
|
|
@@ -41,6 +41,7 @@ const logs = __importStar(require("aws-cdk-lib/aws-logs"));
|
|
|
41
41
|
const route53 = __importStar(require("aws-cdk-lib/aws-route53"));
|
|
42
42
|
const route53targets = __importStar(require("aws-cdk-lib/aws-route53-targets"));
|
|
43
43
|
const aws_apigatewayv2_authorizers_1 = require("aws-cdk-lib/aws-apigatewayv2-authorizers");
|
|
44
|
+
const wafv2 = __importStar(require("aws-cdk-lib/aws-wafv2"));
|
|
44
45
|
const iam = __importStar(require("aws-cdk-lib/aws-iam"));
|
|
45
46
|
const cdk = __importStar(require("aws-cdk-lib"));
|
|
46
47
|
const acm_1 = require("./acm");
|
|
@@ -215,11 +216,35 @@ const createHttpApiGatewaySQSEndpoint = (method, path, queue, api) => {
|
|
|
215
216
|
integration: new apigatewayv2_integrations.HttpSqsIntegration(`${method}-${sanitizedPath}`, {
|
|
216
217
|
queue: queue,
|
|
217
218
|
// Configure parameter mapping to use the entire request body as the message body
|
|
218
|
-
//
|
|
219
|
-
|
|
220
|
-
|
|
221
|
-
|
|
219
|
+
// and set the QueueUrl. Both are required for SQS-SendMessage operation
|
|
220
|
+
// Using the same approach as the default implementation
|
|
221
|
+
parameterMapping: new apigatewayv2.ParameterMapping()
|
|
222
|
+
.custom("QueueUrl", queue.queueUrl)
|
|
223
|
+
.custom("MessageBody", "$request.body"),
|
|
222
224
|
}),
|
|
223
225
|
});
|
|
224
226
|
};
|
|
225
227
|
exports.createHttpApiGatewaySQSEndpoint = createHttpApiGatewaySQSEndpoint;
|
|
228
|
+
/**
|
|
229
|
+
* Associates a WAF to a REST API Gateway
|
|
230
|
+
* @param scope - The scope of the construct
|
|
231
|
+
* @param api - The REST API Gateway to associate the WAF to
|
|
232
|
+
* @param webACLArn - The ARN of the WAF to associate
|
|
233
|
+
*/
|
|
234
|
+
const associateWebACLToRestApiGateway = (scope, api, webACLArn) => {
|
|
235
|
+
// Construct the stage ARN
|
|
236
|
+
// Format: arn:aws:apigateway:{region}::/restapis/{api-id}/stages/{stage-name}
|
|
237
|
+
const stageArn = cdk.Fn.join("", [
|
|
238
|
+
`arn:aws:apigateway:us-east-1::/restapis/`,
|
|
239
|
+
api.restApiId,
|
|
240
|
+
`/stages/prod`,
|
|
241
|
+
]);
|
|
242
|
+
// Create the WAF association
|
|
243
|
+
const association = new wafv2.CfnWebACLAssociation(scope, `${api.restApiName}WAFAssociation`, {
|
|
244
|
+
webAclArn: webACLArn,
|
|
245
|
+
resourceArn: stageArn,
|
|
246
|
+
});
|
|
247
|
+
// Add dependency to the stage to ensure it exists before association
|
|
248
|
+
association.node.addDependency(api.deploymentStage);
|
|
249
|
+
};
|
|
250
|
+
exports.associateWebACLToRestApiGateway = associateWebACLToRestApiGateway;
|
package/dist/src/lambda.js
CHANGED
|
@@ -42,6 +42,7 @@ const lambda = __importStar(require("aws-cdk-lib/aws-lambda"));
|
|
|
42
42
|
const nodejs = __importStar(require("aws-cdk-lib/aws-lambda-nodejs"));
|
|
43
43
|
const logs = __importStar(require("aws-cdk-lib/aws-logs"));
|
|
44
44
|
const apigateway = __importStar(require("aws-cdk-lib/aws-apigateway"));
|
|
45
|
+
const secretsmanager_1 = require("./secretsmanager");
|
|
45
46
|
/**
|
|
46
47
|
* Creates a lambda function with the given parameters
|
|
47
48
|
* @param scope - The scope of the lambda function
|
|
@@ -59,6 +60,11 @@ const createLambdaFunction = (scope, functionName, environment, props = {}) => {
|
|
|
59
60
|
const environmentVariables = props.environmentVariables ?? {};
|
|
60
61
|
// Define the options of the lambda function
|
|
61
62
|
const options = props.options ?? {};
|
|
63
|
+
// Get the internal api token from secrets manager
|
|
64
|
+
const internalApiToken = (0, secretsmanager_1.getSecret)(scope, `Internal-API-Token`, "Internal-API-Token");
|
|
65
|
+
const internalApiTokenValue = internalApiToken
|
|
66
|
+
.secretValueFromJson("token")
|
|
67
|
+
.toString();
|
|
62
68
|
// Create the lambda function
|
|
63
69
|
const lambdaFunction = new nodejs.NodejsFunction(scope, id, {
|
|
64
70
|
entry: `src/lambdas/${functionName}/handler.ts`,
|
|
@@ -70,6 +76,7 @@ const createLambdaFunction = (scope, functionName, environment, props = {}) => {
|
|
|
70
76
|
timeout: cdk.Duration.seconds(30),
|
|
71
77
|
environment: {
|
|
72
78
|
ENVIRONMENT: environment,
|
|
79
|
+
INTERNAL_API_TOKEN: internalApiTokenValue,
|
|
73
80
|
NODE_ENV: environment === "production" ? "production" : "development",
|
|
74
81
|
...environmentVariables,
|
|
75
82
|
},
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@certenza/aws-cdk-infrastructure-commons",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.5.0",
|
|
4
4
|
"description": "Common infrastructure reusable utilities and resources for Certenza projects",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -40,11 +40,11 @@
|
|
|
40
40
|
},
|
|
41
41
|
"homepage": "https://github.com/certenza/aws-cdk-infrastructure-commons#readme",
|
|
42
42
|
"dependencies": {
|
|
43
|
-
"aws-cdk-lib": "^2.
|
|
43
|
+
"aws-cdk-lib": "^2.235.0"
|
|
44
44
|
},
|
|
45
45
|
"devDependencies": {
|
|
46
46
|
"@types/node": "^24.0.0",
|
|
47
|
-
"prettier": "^3.
|
|
47
|
+
"prettier": "^3.8.0",
|
|
48
48
|
"rimraf": "^6.1.2",
|
|
49
49
|
"typescript": "^5.9.3"
|
|
50
50
|
},
|