PyPI - cdk-factory - Versions diffs - 0.14.1__tar.gz → 0.15.1__tar.gz - Mend

cdk-factory 0.14.1tar.gz → 0.15.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cdk-factory might be problematic. Click here for more details.

Files changed (157) hide show

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cdk_factory
-Version: 0.14.1
+Version: 0.15.1
 Summary: CDK Factory. A QuickStarter and best practices setup for CDK projects
 Author-email: Eric Wilson <eric.wilson@geekcafe.com>
 License: MIT License

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/pyproject.toml RENAMED Viewed

@@ -33,7 +33,7 @@ markers = [
 [project]
 name = "cdk_factory"
-version = "0.14.1"
+version = "0.15.1"
 authors = [
   { name="Eric Wilson", email="eric.wilson@geekcafe.com" }
 ]

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/src/cdk_factory/configurations/resources/rds.py RENAMED Viewed

@@ -130,3 +130,8 @@ class RdsConfig(EnhancedBaseConfig):
     def vpc_id(self, value: str):
         """Sets the VPC ID for the Security Group"""
         self.__config["vpc_id"] = value
+    @property
+    def ssm_imports(self) -> Dict[str, str]:
+        """SSM parameter imports for the RDS instance"""
+        return self.__config.get("ssm_imports", {})

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/src/cdk_factory/configurations/resources/route53.py RENAMED Viewed

@@ -26,11 +26,16 @@ class Route53Config:
     def hosted_zone_id(self) -> Optional[str]:
         """Hosted zone ID"""
         return self.__config.get("hosted_zone_id")
+    @property
+    def existing_hosted_zone_id(self) -> Optional[str]:
+        """Existing hosted zone ID (alias for hosted_zone_id)"""
+        return self.__config.get("existing_hosted_zone_id") or self.__config.get("hosted_zone_id")
     @property
     def domain_name(self) -> Optional[str]:
-        """Domain name"""
-        return self.__config.get("domain_name")
+        """Domain name (also checks hosted_zone_name)"""
+        return self.__config.get("domain_name") or self.__config.get("hosted_zone_name")
     @property
     def record_names(self) -> List[str]:

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/src/cdk_factory/configurations/resources/security_group_full_stack.py RENAMED Viewed

@@ -61,3 +61,8 @@ class SecurityGroupFullStackConfig:
     def tags(self) -> Dict[str, str]:
         """Tags to apply to the Security Group"""
         return self.__config.get("tags", {})
+    @property
+    def ssm_imports(self) -> Dict[str, str]:
+        """SSM parameter imports for the Security Group"""
+        return self.__config.get("ssm_imports", {})

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/src/cdk_factory/constructs/cloudfront/cloudfront_distribution_construct.py RENAMED Viewed

@@ -292,8 +292,9 @@ class CloudFrontDistributionConstruct(Construct):
                 logger.info(f"Using IP gate Lambda ARN from SSM: {ip_gate_ssm_path}")
                 # Add the IP gating Lambda@Edge association
+                # MUST use viewer-request to run BEFORE cache check!
                 lambda_edge_associations = [{
-                    "event_type": "origin-request",
+                    "event_type": "viewer-request",
                     "lambda_arn": f"{{{{ssm:{ip_gate_ssm_path}}}}}",
                     "include_body": False
                 }]

{cdk_factory-0.14.1 → cdk_factory-0.15.1}/src/cdk_factory/lambdas/edge/ip_gate/handler.py RENAMED Viewed

@@ -178,7 +178,58 @@ def lambda_handler(event, context):
             print(f"IP {client_ip} is allowed")
             return request
-        # IP not allowed - redirect to maintenance page
+        # IP not allowed - either redirect or proxy maintenance page
+        # Check response mode from SSM (default: redirect for backward compatibility)
+        response_mode_param = f"/{function_name}/response-mode"
+        response_mode = get_ssm_parameter(response_mode_param, default='redirect')
+        if response_mode == 'proxy':
+            # Proxy mode: Fetch and return maintenance content (keeps URL the same)
+            print(f"IP {client_ip} is NOT allowed, proxying content from {maint_cf_host}")
+            try:
+                import urllib3
+                http = urllib3.PoolManager()
+                # Fetch the maintenance page
+                maint_response = http.request(
+                    'GET',
+                    f'https://{maint_cf_host}',
+                    headers={'User-Agent': 'CloudFront-IP-Gate-Proxy'},
+                    timeout=3.0
+                )
+                # Return the maintenance content
+                response = {
+                    'status': str(maint_response.status),
+                    'statusDescription': 'OK' if maint_response.status == 200 else 'Service Unavailable',
+                    'headers': {
+                        'content-type': [{
+                            'key': 'Content-Type',
+                            'value': maint_response.headers.get('Content-Type', 'text/html')
+                        }],
+                        'cache-control': [{
+                            'key': 'Cache-Control',
+                            'value': 'no-cache, no-store, must-revalidate, max-age=0'
+                        }],
+                        'x-ip-gate-mode': [{
+                            'key': 'X-IP-Gate-Mode',
+                            'value': 'proxy'
+                        }]
+                    },
+                    'body': maint_response.data.decode('utf-8')
+                }
+                print(f"Successfully proxied maintenance page (status {maint_response.status})")
+                return response
+            except Exception as proxy_error:
+                print(f"Error proxying maintenance content: {str(proxy_error)}")
+                # Fall back to redirect if proxy fails
+                print(f"Falling back to redirect mode")
+                response_mode = 'redirect'
+        # Redirect mode (default): HTTP 302 redirect to maintenance site
         print(f"IP {client_ip} is NOT allowed, redirecting to {maint_cf_host}")
         response = {
@@ -192,6 +243,10 @@ def lambda_handler(event, context):
                 'cache-control': [{
                     'key': 'Cache-Control',
                     'value': 'no-cache, no-store, must-revalidate'
+                }],
+                'x-ip-gate-mode': [{
+                    'key': 'X-IP-Gate-Mode',
+                    'value': 'redirect'
                 }]
             }
         }

cdk-factory 0.14.1__tar.gz → 0.15.1__tar.gz

Potentially problematic release.

cdk-factory 0.14.1tar.gz → 0.15.1tar.gz