A collection of AWS CDK constructs and utils written in python
Project description
Custom AWS CDK Constructs
Contains a set of higher level AWS CDK constructs.
see also https://github.com/aws/aws-cdk
Following components are available:
- ALB
Support for HTTPS is implemented. There are additional methods to register target groups of type EC2 and lambda. Create a simple ALB on port 443 with security groups and with "401 Access denied" fix response as default action:
from awscdk_components.elb.alb_https import (
AlbHttpsConstruct,
AlbCfg,
add_access_denied_fix_response
)
# create the config
app = core.App()
stack = GenericTestStack(app, 'test-stack')
alb_cfg = AlbCfg(
alb_name='TestALB',
vpc=stack.vpc,
subnets=stack.subnets,
certificate_arns=['arn:aws:acm:us-east-1:023475735288:certificate/ff6967d7-0fdf-4967-bd68-4caffc983447'],
cidr_ingress_ranges=['10.0.0.0/16'],
icmp_ranges=['10.0.0.0/16']
)
alb_construct = AlbHttpsConstruct(stack, 'albhttps', alb_cfg)
add_access_denied_fix_response('fix401resp', alb_construct.https_listener)
To add a target group for a given EC2 instance, accessible under /ec2 path, which has a service run also on port 443 (change the port parameter if necessary, i.e. port=8443):
from awscdk_components.elb.alb_utils import (
register_ec2_as_alb_target
)
alb_construct = AlbHttpsConstruct(stack, 'albhttps', alb_cfg)
ec2 = aws_ec2.Instance(
scope=stack,
id='ec2foralb',
vpc=stack.vpc,
instance_type=aws_ec2.InstanceType(instance_type_identifier='t3.micro'),
machine_image=aws_ec2.MachineImage.latest_amazon_linux()
)
register_ec2_as_alb_target(
stack,
ec2=ec2,
listener=alb_construct.https_listener,
vpc=stack.vpc,
path_pattern_values=['/ec2'],
port=443
)
add_access_denied_fix_response('fix401resp', alb_construct.https_listener)
More complicated utility method is registering lambda function behind authentication with AWS Cognito rule (currently the low level Cfn constructs for the UserPool are implemented only):
from awscdk_components.elb.alb_utils import (
register_lambda_target_group_with_cognito_auth_rule
)
alb_construct = AlbHttpsConstruct(stack, 'albhttps', alb_cfg)
function = aws_lambda.Function(
stack,
"lambda_function",
runtime=aws_lambda.Runtime.PYTHON_3_7,
handler="index.handler",
code=aws_lambda.Code.from_inline(
"def handler(event, context): return { 'statusCode': 200, 'body': 'Lambda was invoked successfully.' }"
),
vpc=stack.vpc
)
register_lambda_target_group_with_cognito_auth_rule(
scope=stack,
fn=function,
vpc=stack.vpc,
listener=alb_construct.https_listener,
user_pool=user_pool_cfn,
user_pool_app_client=user_pool_app_client_cfn,
user_pool_domain=user_pool_domain_cfn,
path_pattern_values=['/mylambda', '/mylambda/*']
)
add_access_denied_fix_response('fix401resp', alb_construct.https_listener)
For more details see the unittests in the tests package.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for rbi-oss-awscdk-components-pkg-0.3.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6c6883c0108bf89f0741a98f407da2840d9f3215a916f639ce5bbd84d56eeca2 |
|
MD5 | 5104f80151bed656bc03c3389a6388d3 |
|
BLAKE2b-256 | c0a628e1d328685cc0f4de90c1945024741fbc330e6c5b7cb4c627241827a683 |
Hashes for rbi_oss_awscdk_components_pkg-0.3.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 7a211b079fe1ec2f15fbaeac64f5715f1a2f8b03d8c4af2a5e4ca85d26528204 |
|
MD5 | 4df88aa7098dc38c6d4b88a0700fb595 |
|
BLAKE2b-256 | c5e7d4ac2cd098d03e6be00bd4403e0e55f0d1ebfeb02f6c722e5c5f872be919 |