-
-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
16 changed files
with
488 additions
and
43 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,6 +2,10 @@ | |
| .idea | ||
| .vscode | ||
|
|
||
| # CDK asset staging directory | ||
| .cdk.staging | ||
| cdk.out | ||
|
|
||
| dist | ||
| reports | ||
| node_modules | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| *.ts | ||
| !*.d.ts | ||
|
|
||
| # CDK asset staging directory | ||
| .cdk.staging | ||
| cdk.out |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| { | ||
| "app": "npx ts-node --prefer-ts-exts deployment/cdk.ts", | ||
| "watch": { | ||
| "include": [ | ||
| "**" | ||
| ], | ||
| "exclude": [ | ||
| "README.md", | ||
| "cdk*.json", | ||
| "**/*.d.ts", | ||
| "**/*.js", | ||
| "tsconfig.json", | ||
| "package*.json", | ||
| "pnpm*.json", | ||
| "yarn.lock", | ||
| "node_modules", | ||
| "test" | ||
| ] | ||
| }, | ||
| "context": { | ||
| "@aws-cdk/aws-lambda:recognizeLayerVersion": true, | ||
| "@aws-cdk/core:checkSecretUsage": true, | ||
| "@aws-cdk/core:target-partitions": [ | ||
| "aws", | ||
| "aws-cn" | ||
| ], | ||
| "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true, | ||
| "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true, | ||
| "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true, | ||
| "@aws-cdk/aws-iam:minimizePolicies": true, | ||
| "@aws-cdk/core:validateSnapshotRemovalPolicy": true, | ||
| "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true, | ||
| "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true, | ||
| "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true, | ||
| "@aws-cdk/aws-apigateway:disableCloudWatchRole": true, | ||
| "@aws-cdk/core:enablePartitionLiterals": true, | ||
| "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true, | ||
| "@aws-cdk/aws-iam:standardizedServicePrincipals": true, | ||
| "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true, | ||
| "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true, | ||
| "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true, | ||
| "@aws-cdk/aws-route53-patters:useCertificate": true, | ||
| "@aws-cdk/customresources:installLatestAwsSdkDefault": false, | ||
| "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true, | ||
| "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true, | ||
| "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| # Welcome to your CDK TypeScript project | ||
|
|
||
| This is a blank project for CDK development with TypeScript. | ||
|
|
||
| The `cdk.json` file tells the CDK Toolkit how to execute your app. | ||
|
|
||
| ## Useful commands | ||
|
|
||
| * `npm run build` compile typescript to js | ||
| * `npm run watch` watch for changes and compile | ||
| * `npm run test` perform the jest unit tests | ||
| * `cdk deploy` deploy this stack to your default AWS account/region | ||
| * `cdk diff` compare deployed stack with current state | ||
| * `cdk synth` emits the synthesized CloudFormation template |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| #!/usr/bin/env node | ||
| import 'source-map-support/register'; | ||
| import * as cdk from 'aws-cdk-lib'; | ||
| import { name } from '../package.json'; | ||
| import { CdkStack } from './lib/cdkStack'; | ||
|
|
||
| const app = new cdk.App(); | ||
| // eslint-disable-next-line no-new | ||
| new CdkStack(app, name, { | ||
| env: { | ||
| account: process.env.CDK_DEFAULT_ACCOUNT, | ||
| region: 'us-east-1' // must be us-east-1 to allow Lambda@Edge | ||
| } | ||
|
|
||
| /* Uncomment the next line if you know exactly what Account and Region you | ||
| * want to deploy the stack to. */ | ||
| // env: { account: '123456789012', region: 'us-east-1' }, | ||
|
|
||
| /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */ | ||
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| // import * as cdk from 'aws-cdk-lib'; | ||
| // import { Template } from 'aws-cdk-lib/assertions'; | ||
| // import * as Cdk from '../lib/cdk-stack'; | ||
|
|
||
| // example test. To run these tests, uncomment this file along with the | ||
| // example resource in lib/cdk-stack.ts | ||
| import { it } from 'vitest'; | ||
|
|
||
| it.skip('SQS Queue Created', () => { | ||
| // const app = new cdk.App(); | ||
| // // WHEN | ||
| // const stack = new Cdk.CdkStack(app, 'MyTestStack'); | ||
| // // THEN | ||
| // const template = Template.fromStack(stack); | ||
|
|
||
| // template.hasResourceProperties('AWS::SQS::Queue', { | ||
| // VisibilityTimeout: 300 | ||
| // }); | ||
| }); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,140 @@ | ||
| import path from 'node:path'; | ||
| import { HttpApi } from '@aws-cdk/aws-apigatewayv2-alpha'; | ||
| import { HttpLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha'; | ||
| import { Duration, Stack } from 'aws-cdk-lib'; | ||
| import { Certificate } from 'aws-cdk-lib/aws-certificatemanager'; | ||
| import { | ||
| AllowedMethods, CacheCookieBehavior, CacheHeaderBehavior, | ||
| CachePolicy, CacheQueryStringBehavior, | ||
| Distribution, | ||
| OriginRequestCookieBehavior, | ||
| OriginRequestHeaderBehavior, | ||
| OriginRequestPolicy, | ||
| OriginRequestQueryStringBehavior, | ||
| PriceClass, | ||
| ViewerProtocolPolicy | ||
| } from 'aws-cdk-lib/aws-cloudfront'; | ||
| import { HttpOrigin, S3Origin } from 'aws-cdk-lib/aws-cloudfront-origins'; | ||
| import { CompositePrincipal, Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam'; | ||
| import { Runtime, Tracing } from 'aws-cdk-lib/aws-lambda'; | ||
| import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; | ||
| import { RetentionDays } from 'aws-cdk-lib/aws-logs'; | ||
| import { ARecord, HostedZone, RecordTarget } from 'aws-cdk-lib/aws-route53'; | ||
| import { CloudFrontTarget } from 'aws-cdk-lib/aws-route53-targets'; | ||
| import { Bucket } from 'aws-cdk-lib/aws-s3'; | ||
| import { BucketDeployment, CacheControl, Source } from 'aws-cdk-lib/aws-s3-deployment'; | ||
| import { ParameterTier, StringParameter } from 'aws-cdk-lib/aws-ssm'; | ||
| import type { StackProps } from 'aws-cdk-lib'; | ||
| import type { AddBehaviorOptions } from 'aws-cdk-lib/aws-cloudfront'; | ||
| import type { Construct } from 'constructs'; | ||
|
|
||
| export class CdkStack extends Stack { | ||
| readonly distributionUrlParameterName = '/remix/distribution/url'; | ||
| readonly domainName = 'trance-stack.vsbmeza.com'; | ||
| readonly certificateArn = 'arn:aws:acm:us-east-1:816237403055:certificate/028f6e6d-99c3-493b-92e6-3d17c6f37a48'; | ||
|
|
||
| constructor(scope: Construct, id: string, props?: StackProps) { | ||
| super(scope, id, props); | ||
|
|
||
| const bucket = new Bucket(this, 'TranceStackBucket'); | ||
|
|
||
| // eslint-disable-next-line no-new | ||
| new BucketDeployment(this, 'DeployStaticAssets', { | ||
| sources: [Source.asset(path.join(__dirname, '../../public'))], | ||
| destinationBucket: bucket, | ||
| destinationKeyPrefix: '_static', | ||
| cacheControl: [ | ||
| CacheControl.maxAge(Duration.days(365)), | ||
| CacheControl.sMaxAge(Duration.days(365)) | ||
| ] | ||
| }); | ||
|
|
||
| const lambdaRole = new Role(this, 'TranceStackLambdaRole', { | ||
| assumedBy: new CompositePrincipal(new ServicePrincipal('lambda.amazonaws.com')) | ||
| }); | ||
|
|
||
| const fn = new NodejsFunction(this, 'TranceStackRequestHandler', { | ||
| runtime: Runtime.NODEJS_18_X, | ||
| entry: path.join(__dirname, '../../server/index.js'), | ||
| bundling: { | ||
| nodeModules: ['@remix-run/architect', 'react', 'react-dom'] | ||
| }, | ||
| timeout: Duration.seconds(10), | ||
| logRetention: RetentionDays.THREE_DAYS, | ||
| tracing: Tracing.ACTIVE, | ||
| role: lambdaRole | ||
| }); | ||
|
|
||
| const integration = new HttpLambdaIntegration('TranceStackHttpLambdaIntegration', fn); | ||
|
|
||
| const httpApi = new HttpApi(this, 'TranceStackApi', { | ||
| defaultIntegration: integration | ||
| }); | ||
|
|
||
| const httpApiUrl = `${httpApi.httpApiId}.execute-api.${Stack.of(this).region}.${Stack.of(this).urlSuffix}`; | ||
| const originRequestPolicy = new OriginRequestPolicy(this, 'TranceStackRequestHandlerPolicy', { | ||
| originRequestPolicyName: 'website-request-handler', | ||
| queryStringBehavior: OriginRequestQueryStringBehavior.all(), | ||
| cookieBehavior: OriginRequestCookieBehavior.all(), | ||
| // https://stackoverflow.com/questions/65243953/pass-query-params-from-cloudfront-to-api-gateway | ||
| headerBehavior: OriginRequestHeaderBehavior.allowList( | ||
| 'Accept-Charset', 'Origin', 'Access-Control-Request-Method', 'Access-Control-Request-Headers', 'Referer', 'Accept-Language', 'Accept-Datetime' | ||
| ) | ||
| }); | ||
|
|
||
| const cachePolicy = new CachePolicy(this, 'TranceStackCachePolicy', { | ||
| cachePolicyName: 'remix-cache-policy', | ||
| defaultTtl: Duration.seconds(86400), | ||
| minTtl: Duration.seconds(0), | ||
| maxTtl: Duration.seconds(31536000), | ||
| cookieBehavior: CacheCookieBehavior.none(), | ||
| headerBehavior: CacheHeaderBehavior.allowList('Origin', 'Access-Control-Request-Method', 'Access-Control-Request-Headers', 'Referer', 'Accept-Language', 'Accept-Datetime'), | ||
| queryStringBehavior: CacheQueryStringBehavior.none() | ||
| }); | ||
| const requestHandlerBehavior: AddBehaviorOptions = { | ||
| allowedMethods: AllowedMethods.ALLOW_ALL, | ||
| viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS, | ||
| cachePolicy: cachePolicy, | ||
| originRequestPolicy: originRequestPolicy | ||
| }; | ||
|
|
||
| const assetOrigin = new S3Origin(bucket); | ||
| const assetBehaviorOptions = { | ||
| viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS | ||
| }; | ||
|
|
||
| const distribution = new Distribution(this, 'TranceStackCloudFront', { | ||
| domainNames: [this.domainName], | ||
| certificate: Certificate.fromCertificateArn(this, 'TranceStackCertificate', this.certificateArn), | ||
| defaultBehavior: { | ||
| compress: true, | ||
| origin: new HttpOrigin(httpApiUrl), | ||
| ...requestHandlerBehavior | ||
| }, | ||
| priceClass: PriceClass.PRICE_CLASS_ALL, | ||
| additionalBehaviors: { | ||
| '/_static/*': { | ||
| origin: assetOrigin, | ||
| ...assetBehaviorOptions | ||
| } | ||
| } | ||
| }); | ||
|
|
||
| // eslint-disable-next-line no-new | ||
| new ARecord(this, 'TranceStackAliasRecord', { | ||
| zone: HostedZone.fromHostedZoneAttributes(this, 'HostedZone', { | ||
| hostedZoneId: 'Z2UAK2IOFEOI1W', | ||
| zoneName: 'vsbmeza.com' | ||
| }), | ||
| recordName: this.domainName, | ||
| target: RecordTarget.fromAlias(new CloudFrontTarget(distribution)) | ||
| }); | ||
|
|
||
| // eslint-disable-next-line no-new | ||
| new StringParameter(this, 'TranceStackDistributionUrlParameter', { | ||
| parameterName: this.distributionUrlParameterName, | ||
| stringValue: distribution.distributionDomainName, | ||
| tier: ParameterTier.STANDARD | ||
| }); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.