Skip to content

Commit

Permalink
feat(aws-cloudfront): add support for "webAclId" (#969)
Browse files Browse the repository at this point in the history
Expose the webAclId property on CloudFront distributions. This allows
linking of AWS WAF WebACL resources to protect the CloudFront
distribution.
  • Loading branch information
PaulMaddox authored and Elad Ben-Israel committed Oct 19, 2018
1 parent a5f5e2c commit 3ec9d76
Showing 1 changed file with 13 additions and 6 deletions.
19 changes: 13 additions & 6 deletions packages/@aws-cdk/aws-cloudfront/lib/web_distribution.ts
Original file line number Diff line number Diff line change
Expand Up @@ -163,7 +163,7 @@ export interface SourceConfiguration {
*
* @default no additional headers are passed
*/
readonly originHeaders?: {[key: string]: string};
readonly originHeaders?: { [key: string]: string };
}

/**
Expand Down Expand Up @@ -431,6 +431,12 @@ export interface CloudFrontWebDistributionProps {
* How CloudFront should handle requests that are no successful (eg PageNotFound)
*/
errorConfigurations?: cloudformation.DistributionResource.CustomErrorResponseProperty[];

/**
* Optional AWS WAF WebACL to associate with this CloudFront distribution
*/
webACLId?: string;

}

/**
Expand Down Expand Up @@ -528,6 +534,7 @@ export class CloudFrontWebDistribution extends cdk.Construct {
ipv6Enabled: props.enableIpV6 || true,
// tslint:disable-next-line:max-line-length
customErrorResponses: props.errorConfigurations, // TODO: validation : https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-customerrorresponse.html#cfn-cloudfront-distribution-customerrorresponse-errorcachingminttl
webAclId: props.webACLId,
};

const behaviors: BehaviorWithOrigin[] = [];
Expand Down Expand Up @@ -585,7 +592,7 @@ export class CloudFrontWebDistribution extends cdk.Construct {
};
}
for (const behavior of originConfig.behaviors) {
behaviors.push({...behavior, targetOriginId: originId});
behaviors.push({ ...behavior, targetOriginId: originId });
}
origins.push(originProperty);
originIndex++;
Expand Down Expand Up @@ -647,26 +654,26 @@ export class CloudFrontWebDistribution extends cdk.Construct {
};
}

const distribution = new cloudformation.DistributionResource(this, 'CFDistribution', {distributionConfig});
const distribution = new cloudformation.DistributionResource(this, 'CFDistribution', { distributionConfig });
this.domainName = distribution.distributionDomainName;
this.distributionId = distribution.distributionId;
}

private toBehavior(input: BehaviorWithOrigin, protoPolicy?: ViewerProtocolPolicy) {
let toReturn = {
let toReturn = {
allowedMethods: this.METHOD_LOOKUP_MAP[input.allowedMethods || CloudFrontAllowedMethods.GET_HEAD],
cachedMethods: this.METHOD_LOOKUP_MAP[input.cachedMethods || CloudFrontAllowedCachedMethods.GET_HEAD],
compress: input.compress,
defaultTtl: input.defaultTtlSeconds,
forwardedValues: input.forwardedValues || { queryString: false, cookies: {forward: "none"} },
forwardedValues: input.forwardedValues || { queryString: false, cookies: { forward: "none" } },
maxTtl: input.maxTtlSeconds,
minTtl: input.minTtlSeconds,
trustedSigners: input.trustedSigners,
targetOriginId: input.targetOriginId,
viewerProtocolPolicy: protoPolicy || ViewerProtocolPolicy.RedirectToHTTPS,
};
if (!input.isDefaultBehavior) {
toReturn = Object.assign(toReturn, {pathPattern: input.pathPattern});
toReturn = Object.assign(toReturn, { pathPattern: input.pathPattern });
}
return toReturn;
}
Expand Down

0 comments on commit 3ec9d76

Please sign in to comment.