@certenza/aws-cdk-infrastructure-commons 2.4.4 → 2.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/apigateway.d.ts +8 -1
- package/dist/src/apigateway.js +25 -1
- package/dist/src/lambda.js +8 -0
- package/package.json +3 -3
package/dist/src/apigateway.d.ts
CHANGED
|
@@ -49,4 +49,11 @@ declare const createHttpApiGatewayLambdaEndpoint: (method: "POST" | "GET" | "PUT
|
|
|
49
49
|
* @returns The HTTP API Gateway SQS endpoint
|
|
50
50
|
*/
|
|
51
51
|
declare const createHttpApiGatewaySQSEndpoint: (method: "POST" | "GET" | "PUT" | "DELETE" | "PATCH" | "OPTIONS" | "HEAD", path: string, queue: sqs.IQueue, api: apigatewayv2.HttpApi) => apigatewayv2.IHttpRoute[];
|
|
52
|
-
|
|
52
|
+
/**
|
|
53
|
+
* Associates a WAF to a REST API Gateway
|
|
54
|
+
* @param scope - The scope of the construct
|
|
55
|
+
* @param api - The REST API Gateway to associate the WAF to
|
|
56
|
+
* @param webACLArn - The ARN of the WAF to associate
|
|
57
|
+
*/
|
|
58
|
+
declare const associateWebACLToRestApiGateway: (scope: Construct, api: apigateway.RestApi, webACLArn: string) => void;
|
|
59
|
+
export { createApiGateway, createHttpApiGateway, createHttpApiGatewayLambdaEndpoint, createHttpApiGatewaySQSEndpoint, getApiGatewayDomainName, associateWebACLToRestApiGateway, };
|
package/dist/src/apigateway.js
CHANGED
|
@@ -33,7 +33,7 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
33
33
|
};
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.getApiGatewayDomainName = exports.createHttpApiGatewaySQSEndpoint = exports.createHttpApiGatewayLambdaEndpoint = exports.createHttpApiGateway = exports.createApiGateway = void 0;
|
|
36
|
+
exports.associateWebACLToRestApiGateway = exports.getApiGatewayDomainName = exports.createHttpApiGatewaySQSEndpoint = exports.createHttpApiGatewayLambdaEndpoint = exports.createHttpApiGateway = exports.createApiGateway = void 0;
|
|
37
37
|
const apigateway = __importStar(require("aws-cdk-lib/aws-apigateway"));
|
|
38
38
|
const apigatewayv2 = __importStar(require("aws-cdk-lib/aws-apigatewayv2"));
|
|
39
39
|
const apigatewayv2_integrations = __importStar(require("aws-cdk-lib/aws-apigatewayv2-integrations"));
|
|
@@ -41,6 +41,7 @@ const logs = __importStar(require("aws-cdk-lib/aws-logs"));
|
|
|
41
41
|
const route53 = __importStar(require("aws-cdk-lib/aws-route53"));
|
|
42
42
|
const route53targets = __importStar(require("aws-cdk-lib/aws-route53-targets"));
|
|
43
43
|
const aws_apigatewayv2_authorizers_1 = require("aws-cdk-lib/aws-apigatewayv2-authorizers");
|
|
44
|
+
const wafv2 = __importStar(require("aws-cdk-lib/aws-wafv2"));
|
|
44
45
|
const iam = __importStar(require("aws-cdk-lib/aws-iam"));
|
|
45
46
|
const cdk = __importStar(require("aws-cdk-lib"));
|
|
46
47
|
const acm_1 = require("./acm");
|
|
@@ -224,3 +225,26 @@ const createHttpApiGatewaySQSEndpoint = (method, path, queue, api) => {
|
|
|
224
225
|
});
|
|
225
226
|
};
|
|
226
227
|
exports.createHttpApiGatewaySQSEndpoint = createHttpApiGatewaySQSEndpoint;
|
|
228
|
+
/**
|
|
229
|
+
* Associates a WAF to a REST API Gateway
|
|
230
|
+
* @param scope - The scope of the construct
|
|
231
|
+
* @param api - The REST API Gateway to associate the WAF to
|
|
232
|
+
* @param webACLArn - The ARN of the WAF to associate
|
|
233
|
+
*/
|
|
234
|
+
const associateWebACLToRestApiGateway = (scope, api, webACLArn) => {
|
|
235
|
+
// Construct the stage ARN
|
|
236
|
+
// Format: arn:aws:apigateway:{region}::/restapis/{api-id}/stages/{stage-name}
|
|
237
|
+
const stageArn = cdk.Fn.join("", [
|
|
238
|
+
`arn:aws:apigateway:us-east-1::/restapis/`,
|
|
239
|
+
api.restApiId,
|
|
240
|
+
`/stages/prod`,
|
|
241
|
+
]);
|
|
242
|
+
// Create the WAF association
|
|
243
|
+
const association = new wafv2.CfnWebACLAssociation(scope, `${api.restApiName}WAFAssociation`, {
|
|
244
|
+
webAclArn: webACLArn,
|
|
245
|
+
resourceArn: stageArn,
|
|
246
|
+
});
|
|
247
|
+
// Add dependency to the stage to ensure it exists before association
|
|
248
|
+
association.node.addDependency(api.deploymentStage);
|
|
249
|
+
};
|
|
250
|
+
exports.associateWebACLToRestApiGateway = associateWebACLToRestApiGateway;
|
package/dist/src/lambda.js
CHANGED
|
@@ -42,6 +42,7 @@ const lambda = __importStar(require("aws-cdk-lib/aws-lambda"));
|
|
|
42
42
|
const nodejs = __importStar(require("aws-cdk-lib/aws-lambda-nodejs"));
|
|
43
43
|
const logs = __importStar(require("aws-cdk-lib/aws-logs"));
|
|
44
44
|
const apigateway = __importStar(require("aws-cdk-lib/aws-apigateway"));
|
|
45
|
+
const secretsmanager_1 = require("./secretsmanager");
|
|
45
46
|
/**
|
|
46
47
|
* Creates a lambda function with the given parameters
|
|
47
48
|
* @param scope - The scope of the lambda function
|
|
@@ -59,6 +60,12 @@ const createLambdaFunction = (scope, functionName, environment, props = {}) => {
|
|
|
59
60
|
const environmentVariables = props.environmentVariables ?? {};
|
|
60
61
|
// Define the options of the lambda function
|
|
61
62
|
const options = props.options ?? {};
|
|
63
|
+
// Get the internal api token from secrets manager
|
|
64
|
+
// Use function name in the construct ID to ensure uniqueness when multiple functions are created
|
|
65
|
+
const internalApiToken = (0, secretsmanager_1.getSecret)(scope, `${id}-Internal-API-Token`, "Internal-API-Token");
|
|
66
|
+
const internalApiTokenValue = internalApiToken
|
|
67
|
+
.secretValueFromJson("token")
|
|
68
|
+
.toString();
|
|
62
69
|
// Create the lambda function
|
|
63
70
|
const lambdaFunction = new nodejs.NodejsFunction(scope, id, {
|
|
64
71
|
entry: `src/lambdas/${functionName}/handler.ts`,
|
|
@@ -70,6 +77,7 @@ const createLambdaFunction = (scope, functionName, environment, props = {}) => {
|
|
|
70
77
|
timeout: cdk.Duration.seconds(30),
|
|
71
78
|
environment: {
|
|
72
79
|
ENVIRONMENT: environment,
|
|
80
|
+
INTERNAL_API_TOKEN: internalApiTokenValue,
|
|
73
81
|
NODE_ENV: environment === "production" ? "production" : "development",
|
|
74
82
|
...environmentVariables,
|
|
75
83
|
},
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@certenza/aws-cdk-infrastructure-commons",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.5.1",
|
|
4
4
|
"description": "Common infrastructure reusable utilities and resources for Certenza projects",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -40,11 +40,11 @@
|
|
|
40
40
|
},
|
|
41
41
|
"homepage": "https://github.com/certenza/aws-cdk-infrastructure-commons#readme",
|
|
42
42
|
"dependencies": {
|
|
43
|
-
"aws-cdk-lib": "^2.
|
|
43
|
+
"aws-cdk-lib": "^2.235.0"
|
|
44
44
|
},
|
|
45
45
|
"devDependencies": {
|
|
46
46
|
"@types/node": "^24.0.0",
|
|
47
|
-
"prettier": "^3.
|
|
47
|
+
"prettier": "^3.8.0",
|
|
48
48
|
"rimraf": "^6.1.2",
|
|
49
49
|
"typescript": "^5.9.3"
|
|
50
50
|
},
|