@gradientedge/cdk-utils 8.64.0 → 8.66.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/src/lib/construct/site-with-ecs-backend/main.d.ts +1 -0
  2. package/dist/src/lib/construct/site-with-ecs-backend/main.js +5 -1
  3. package/dist/src/lib/manager/aws/efs-manager.js +2 -1
  4. package/dist/src/lib/types/aws/index.d.ts +2 -0
  5. package/package.json +6 -6
  6. package/src/lib/construct/site-with-ecs-backend/main.ts +11 -1
  7. package/src/lib/manager/aws/efs-manager.ts +2 -1
  8. package/src/lib/types/aws/index.ts +2 -0
package/dist/src/lib/construct/site-with-ecs-backend/main.d.ts CHANGED
@@ -37,6 +37,7 @@ export declare class SiteWithEcsBackend extends CommonConstruct {
37
37
  id: string;
38
38
  siteHostedZone: route53.IHostedZone;
39
39
  siteCertificate: certificateManager.ICertificate;
40
+ siteRegionalCertificate: certificateManager.ICertificate;
40
41
  siteEcsPolicy: iam.PolicyDocument;
41
42
  siteEcsRole: iam.Role;
42
43
  siteEcsEnvironment: {
package/dist/src/lib/construct/site-with-ecs-backend/main.js CHANGED
@@ -58,6 +58,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
58
58
  /* site resources */
59
59
  siteHostedZone;
60
60
  siteCertificate;
61
+ siteRegionalCertificate;
61
62
  siteEcsPolicy;
62
63
  siteEcsRole;
63
64
  siteEcsEnvironment;
@@ -131,6 +132,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
131
132
  this.props.siteCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(`${this.id}-certificate-parameter`, this, this.props.siteCertificate.certificateSsmName, this.props.siteCertificate.certificateRegion);
132
133
  }
133
134
  this.siteCertificate = this.acmManager.resolveCertificate(`${this.id}-certificate`, this, this.props.siteCertificate);
135
+ this.siteRegionalCertificate = this.acmManager.resolveCertificate(`${this.id}-regional-certificate`, this, this.props.siteRegionalCertificate, this.siteHostedZone);
134
136
  }
135
137
  /**
136
138
  * @summary Method to resolve secrets from SecretsManager
@@ -230,6 +232,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
230
232
  serviceName: `${this.id}-${this.props.stage}`,
231
233
  cpu: this.props.siteTask.cpu,
232
234
  loadBalancerName: `${this.id}-${this.props.stage}`,
235
+ certificate: this.siteRegionalCertificate,
233
236
  domainName: this.siteInternalDomainName,
234
237
  domainZone: this.siteHostedZone,
235
238
  listenerPort: this.props.siteTask.listenerPort,
@@ -237,6 +240,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
237
240
  healthCheckGracePeriod: cdk.Duration.seconds(60),
238
241
  assignPublicIp: true,
239
242
  minHealthyPercent: this.props.siteTask.minHealthyPercent,
243
+ maxHealthyPercent: this.props.siteTask.maxHealthyPercent,
240
244
  taskDefinition: this.props.siteTask.taskDefinition,
241
245
  taskImageOptions: {
242
246
  enableLogging: true,
@@ -339,7 +343,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
339
343
  createSiteOrigin() {
340
344
  this.siteOrigin = new origins.HttpOrigin(this.siteEcsLoadBalancer.loadBalancerDnsName, {
341
345
  httpPort: this.props.siteTask.listenerPort,
342
- protocolPolicy: cloudfront.OriginProtocolPolicy.HTTP_ONLY,
346
+ protocolPolicy: cloudfront.OriginProtocolPolicy.HTTPS_ONLY,
343
347
  });
344
348
  }
345
349
  /**
package/dist/src/lib/manager/aws/efs-manager.js CHANGED
@@ -70,7 +70,8 @@ class EfsManager {
70
70
  createFileSystem(id, scope, props, vpc, accessPointOptions, securityGroup, vpcSubnets) {
71
71
  if (!props)
72
72
  throw `EFS props undefined for ${id}`;
73
- const fileSystem = new efs.FileSystem(scope, `${id}`, {
73
+ const fileSystemId = props.provisionNewOnDeployment ? `${id}-${new Date().getMilliseconds()}` : `${id}`;
74
+ const fileSystem = new efs.FileSystem(scope, `${fileSystemId}`, {
74
75
  ...props,
75
76
  vpc,
76
77
  securityGroup,
package/dist/src/lib/types/aws/index.d.ts CHANGED
@@ -69,6 +69,7 @@ export interface SiteWithEcsBackendProps extends CommonStackProps {
69
69
  siteCacheInvalidationDockerFilePath?: string;
70
70
  siteHealthCheck: HealthCheck;
71
71
  siteCertificate: AcmProps;
72
+ siteRegionalCertificate: AcmProps;
72
73
  siteCluster: EcsClusterProps;
73
74
  siteDistribution: DistributionProps;
74
75
  siteCloudfrontFunctionProps?: CloudfrontFunctionProps;
@@ -603,6 +604,7 @@ export interface LogQueryWidgetProps extends watch.LogQueryWidgetProps {
603
604
  * @subcategory Properties
604
605
  */
605
606
  export interface EfsFileSystemProps extends efs.FileSystemProps {
607
+ provisionNewOnDeployment?: boolean;
606
608
  rootDirectory?: string;
607
609
  transitEncryption?: string;
608
610
  transitEncryptionPort?: number;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@gradientedge/cdk-utils",
3
- "version": "8.64.0",
3
+ "version": "8.66.0",
4
4
  "description": "Utilities for AWS CDK provisioning",
5
5
  "main": "dist/index.js",
6
6
  "engines": {
@@ -47,12 +47,12 @@
47
47
  },
48
48
  "dependencies": {
49
49
  "@aws-sdk/client-secrets-manager": "^3.338.0",
50
- "@types/lodash": "^4.14.194",
51
- "@types/node": "^20.2.3",
50
+ "@types/lodash": "^4.14.195",
51
+ "@types/node": "^20.2.4",
52
52
  "@types/uuid": "^9.0.1",
53
53
  "app-root-path": "^3.1.0",
54
- "aws-cdk-lib": "^2.80.0",
55
- "constructs": "^10.2.31",
54
+ "aws-cdk-lib": "^2.81.0",
55
+ "constructs": "^10.2.33",
56
56
  "lodash": "^4.17.21",
57
57
  "moment": "^2.29.4",
58
58
  "nconf": "^0.12.0",
@@ -67,7 +67,7 @@
67
67
  "@types/jest": "^29.5.1",
68
68
  "@typescript-eslint/eslint-plugin": "^5.59.7",
69
69
  "@typescript-eslint/parser": "^5.59.7",
70
- "aws-cdk": "^2.80.0",
70
+ "aws-cdk": "^2.81.0",
71
71
  "better-docs": "^2.7.2",
72
72
  "codecov": "^3.8.3",
73
73
  "commitizen": "^4.3.0",
package/src/lib/construct/site-with-ecs-backend/main.ts CHANGED
@@ -43,6 +43,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
43
43
  /* site resources */
44
44
  siteHostedZone: route53.IHostedZone
45
45
  siteCertificate: certificateManager.ICertificate
46
+ siteRegionalCertificate: certificateManager.ICertificate
46
47
  siteEcsPolicy: iam.PolicyDocument
47
48
  siteEcsRole: iam.Role
48
49
  siteEcsEnvironment: { [key: string]: string }
@@ -136,6 +137,13 @@ export class SiteWithEcsBackend extends CommonConstruct {
136
137
  this,
137
138
  this.props.siteCertificate
138
139
  )
140
+
141
+ this.siteRegionalCertificate = this.acmManager.resolveCertificate(
142
+ `${this.id}-regional-certificate`,
143
+ this,
144
+ this.props.siteRegionalCertificate,
145
+ this.siteHostedZone
146
+ )
139
147
  }
140
148
 
141
149
  /**
@@ -253,6 +261,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
253
261
  serviceName: `${this.id}-${this.props.stage}`,
254
262
  cpu: this.props.siteTask.cpu,
255
263
  loadBalancerName: `${this.id}-${this.props.stage}`,
264
+ certificate: this.siteRegionalCertificate,
256
265
  domainName: this.siteInternalDomainName,
257
266
  domainZone: this.siteHostedZone,
258
267
  listenerPort: this.props.siteTask.listenerPort,
@@ -260,6 +269,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
260
269
  healthCheckGracePeriod: cdk.Duration.seconds(60),
261
270
  assignPublicIp: true,
262
271
  minHealthyPercent: this.props.siteTask.minHealthyPercent,
272
+ maxHealthyPercent: this.props.siteTask.maxHealthyPercent,
263
273
  taskDefinition: this.props.siteTask.taskDefinition,
264
274
  taskImageOptions: {
265
275
  enableLogging: true,
@@ -385,7 +395,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
385
395
  protected createSiteOrigin() {
386
396
  this.siteOrigin = new origins.HttpOrigin(this.siteEcsLoadBalancer.loadBalancerDnsName, {
387
397
  httpPort: this.props.siteTask.listenerPort,
388
- protocolPolicy: cloudfront.OriginProtocolPolicy.HTTP_ONLY,
398
+ protocolPolicy: cloudfront.OriginProtocolPolicy.HTTPS_ONLY,
389
399
  })
390
400
  }
391
401
 
package/src/lib/manager/aws/efs-manager.ts CHANGED
@@ -58,7 +58,8 @@ export class EfsManager {
58
58
  ) {
59
59
  if (!props) throw `EFS props undefined for ${id}`
60
60
 
61
- const fileSystem = new efs.FileSystem(scope, `${id}`, {
61
+ const fileSystemId = props.provisionNewOnDeployment ? `${id}-${new Date().getMilliseconds()}` : `${id}`
62
+ const fileSystem = new efs.FileSystem(scope, `${fileSystemId}`, {
62
63
  ...props,
63
64
  vpc,
64
65
  securityGroup,
package/src/lib/types/aws/index.ts CHANGED
@@ -72,6 +72,7 @@ export interface SiteWithEcsBackendProps extends CommonStackProps {
72
72
  siteCacheInvalidationDockerFilePath?: string
73
73
  siteHealthCheck: HealthCheck
74
74
  siteCertificate: AcmProps
75
+ siteRegionalCertificate: AcmProps
75
76
  siteCluster: EcsClusterProps
76
77
  siteDistribution: DistributionProps
77
78
  siteCloudfrontFunctionProps?: CloudfrontFunctionProps
@@ -641,6 +642,7 @@ export interface LogQueryWidgetProps extends watch.LogQueryWidgetProps {
641
642
  * @subcategory Properties
642
643
  */
643
644
  export interface EfsFileSystemProps extends efs.FileSystemProps {
645
+ provisionNewOnDeployment?: boolean
644
646
  rootDirectory?: string
645
647
  transitEncryption?: string
646
648
  transitEncryptionPort?: number