feat(aws-s3objectlambda): add L2 construct for S3 Object Lambda

aws · Feb 17, 2022 · f9175ac · f9175ac
1 parent 9d01cfc
commit f9175ac
Show file tree

Hide file tree

Showing 6 changed files with 477 additions and 5 deletions.
diff --git a/packages/@aws-cdk/aws-s3objectlambda/README.md b/packages/@aws-cdk/aws-s3objectlambda/README.md
@@ -9,6 +9,14 @@
 >
 > [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib
 
+![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge)
+
+> The APIs of higher level constructs in this module are experimental and under active development.
+> They are subject to non-backward compatible changes or removal in any future version. These are
+> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be
+> announced in the release notes. This means that while you may use them, you may need to update
+> your source code when upgrading to a newer version of this package.
+
 ---
 
 <!--END STABILITY BANNER-->

diff --git a/packages/@aws-cdk/aws-s3objectlambda/lib/acess-point.ts b/packages/@aws-cdk/aws-s3objectlambda/lib/acess-point.ts
@@ -0,0 +1,159 @@
+import * as iam from '@aws-cdk/aws-iam';
+import * as lambda from '@aws-cdk/aws-lambda';
+import * as s3 from '@aws-cdk/aws-s3';
+import * as core from '@aws-cdk/core';
+import { Construct } from 'constructs';
+import { CfnAccessPoint } from './s3objectlambda.generated';
+
+/**
+  * Creates an S3 Object Lambda Access Point, which can intercept
+  * and transform `GetObject` requests.
+  *
+  * @param fn The Lambda function
+  * @param props Configuration for this Access Point
+  */
+export interface AccessPointProps {
+  /**
+   * The bucket to which this access point belongs.
+   */
+  readonly bucket: s3.IBucket
+
+  /**
+   * The Lambda function used to transform objects.
+   */
+  readonly fn: lambda.IFunction
+
+  /**
+   * The name of the access point access point.
+   */
+  readonly name: string
+
+  /**
+   * Whether CloudWatch metrics are enabled for the access point.
+   *
+   * @default false
+   */
+  readonly cloudWatchMetricsEnabled?: boolean
+
+  /**
+   * Whether the Lambda function can process `GetObject-Range` requests.
+   *
+   * @default false
+   */
+  readonly supportsGetObjectRange?: boolean
+
+  /**
+   * Whether the Lambda function can process `GetObject-PartNumber` requests.
+   *
+   * @default false
+   */
+  readonly supportsGetObjectPartNumber?: boolean
+
+  /**
+   * Additional JSON that provides supplemental data passed to the
+   * Lambda function on every request.
+   *
+   * @default - No data.
+   */
+  readonly payload?: string
+}
+
+/**
+  * An S3 Object Lambda Access Point for intercepting and
+  * transforming `GetObject` requests.
+  */
+export class AccessPoint extends core.Resource {
+  private readonly acessPoint: CfnAccessPoint
+
+  constructor(scope: Construct, id: string, props: AccessPointProps) {
+    super(scope, id);
+
+    const supporting = new s3.CfnAccessPoint(this, 'AccessPoint', {
+      bucket: props.bucket.bucketName,
+    });
+    supporting.addPropertyOverride('Name', `${props.name}-access-point`);
+
+    const allowedFeatures = [];
+    if (props.supportsGetObjectPartNumber) {
+      allowedFeatures.push('GetObject-PartNumber');
+    }
+    if (props.supportsGetObjectRange) {
+      allowedFeatures.push('GetObject-Range');
+    }
+
+    this.acessPoint = new CfnAccessPoint(this, 'LambdaAccessPoint', {
+      name: props.name.toLowerCase(),
+      objectLambdaConfiguration: {
+        allowedFeatures,
+        cloudWatchMetricsEnabled: props.cloudWatchMetricsEnabled,
+        supportingAccessPoint: supporting.getAtt('Arn').toString(),
+        transformationConfigurations: [
+          {
+            actions: ['GetObject'],
+            contentTransformation: {
+              AwsLambda: {
+                FunctionArn: props.fn.functionArn,
+                FunctionPayload: props.payload ?? '',
+              },
+            },
+          },
+        ],
+      },
+    });
+    this.acessPoint.addDependsOn(supporting);
+
+    props.fn.addToRolePolicy(
+      new iam.PolicyStatement({
+        actions: ['s3-object-lambda:WriteGetObjectResponse'],
+        resources: ['*'],
+      }),
+    );
+  }
+
+  /**
+   * The ARN of the access point.
+   */
+  get arn(): string {
+    return this.acessPoint.getAtt('Arn').toString();
+  }
+
+  /**
+   * The IPv4 DNS name of the access point.
+   */
+  get domainName(): string {
+    const urlSuffix = this.stack.urlSuffix;
+    return `${this.acessPoint.name}-${this.stack.account}.s3-object-lambda.${urlSuffix}`;
+  }
+
+  /**
+   * The regional domain name of the access point.
+   */
+  get regionalDomainName(): string {
+    const urlSuffix = this.stack.urlSuffix;
+    const region = this.stack.region;
+    return `${this.acessPoint.name}-${this.stack.account}.s3-object-lambda.${region}.${urlSuffix}`;
+  }
+
+  /**
+   * The virtual hosted-style URL of an S3 object through this access point.
+   * Specify `regional: false` at the options for non-regional URL.
+   * @param key The S3 key of the object. If not specified, the URL of the
+   *      bucket is returned.
+   * @param options Options for generating URL.
+   * @returns an ObjectS3Url token
+   */
+  public virtualHostedUrlForObject(key?: string, options?: s3.VirtualHostedStyleUrlOptions): string {
+    const domainName = options?.regional ?? true ? this.regionalDomainName : this.domainName;
+    const prefix = `https://${domainName}`;
+    if (typeof key !== 'string') {
+      return prefix;
+    }
+    if (key.startsWith('/')) {
+      key = key.slice(1);
+    }
+    if (key.endsWith('/')) {
+      key = key.slice(0, -1);
+    }
+    return `${prefix}/${key}`;
+  }
+}
diff --git a/packages/@aws-cdk/aws-s3objectlambda/lib/index.ts b/packages/@aws-cdk/aws-s3objectlambda/lib/index.ts
@@ -1,2 +1,4 @@
+export * from './object-lambda';
+
 // AWS::S3ObjectLambda CloudFormation Resources:
 export * from './s3objectlambda.generated';
diff --git a/packages/@aws-cdk/aws-s3objectlambda/package.json b/packages/@aws-cdk/aws-s3objectlambda/package.json
@@ -85,25 +85,35 @@
   "devDependencies": {
     "@aws-cdk/assertions": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
+    "@aws-cdk/cdk-integ-tools": "0.0.0",
     "@aws-cdk/cfn2ts": "0.0.0",
     "@aws-cdk/pkglint": "0.0.0",
-    "@types/jest": "^27.4.0"
+    "@types/jest": "^27.4.0",
+    "jest": "^27.5.1"
   },
   "dependencies": {
-    "@aws-cdk/core": "0.0.0"
+    "@aws-cdk/aws-iam": "0.0.0",
+    "@aws-cdk/aws-lambda": "0.0.0",
+    "@aws-cdk/aws-s3": "0.0.0",
+    "@aws-cdk/core": "0.0.0",
+    "constructs": "^3.3.69"
   },
   "peerDependencies": {
-    "@aws-cdk/core": "0.0.0"
+    "@aws-cdk/aws-iam": "0.0.0",
+    "@aws-cdk/aws-lambda": "0.0.0",
+    "@aws-cdk/aws-s3": "0.0.0",
+    "@aws-cdk/core": "0.0.0",
+    "constructs": "^3.3.69"
   },
   "engines": {
     "node": ">= 10.13.0 <13 || >=13.7.0"
   },
   "stability": "experimental",
-  "maturity": "cfn-only",
+  "maturity": "experimental",
   "awscdkio": {
     "announce": false
   },
   "publishConfig": {
     "tag": "latest"
   }
-}
+}