Skip to content

Instantly share code, notes, and snippets.

@mjzone
Last active June 12, 2021 17:28
Show Gist options
  • Save mjzone/16571ab07b1e2e48b7574ed02bde9f92 to your computer and use it in GitHub Desktop.
Save mjzone/16571ab07b1e2e48b7574ed02bde9f92 to your computer and use it in GitHub Desktop.
import * as cdk from "@aws-cdk/core";
import { Bucket } from "@aws-cdk/aws-s3";
import { BucketDeployment, Source } from "@aws-cdk/aws-s3-deployment";
import * as origins from "@aws-cdk/aws-cloudfront-origins";
import * as acm from "@aws-cdk/aws-certificatemanager";
import {
OriginAccessIdentity,
AllowedMethods,
ViewerProtocolPolicy,
OriginProtocolPolicy,
Distribution,
} from "@aws-cdk/aws-cloudfront";
interface CustomStackProps extends cdk.StackProps {
stage: string;
}
export class CloudfrontDemoStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props: CustomStackProps) {
super(scope, id, props);
// Importing ALB domain name
const loadBalancerDomain = cdk.Fn.importValue("loadBalancerUrl");
// Getting external configuration values from cdk.json file
const config = this.node.tryGetContext("stages")[props.stage];
// SSL certificate
const certificateArn = acm.Certificate.fromCertificateArn(this, "tlsCertificate", config.certificateArn);
// Web hosting bucket
let websiteBucket = new Bucket(this, "websiteBucket", {
versioned: false,
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
// Trigger frontend deployment
new BucketDeployment(this, "websiteDeployment", {
sources: [Source.asset("../frontend/app/build")],
destinationBucket: websiteBucket as any
});
// Create Origin Access Identity for CloudFront
const originAccessIdentity = new OriginAccessIdentity(this, "cloudfrontOAI", {
comment: "OAI for web application cloudfront distribution",
});
// Creating CloudFront distribution
let cloudFrontDist = new Distribution(this, "cloudfrontDist", {
defaultRootObject: "index.html",
domainNames: ["enlearacademy.tk"],
certificate: certificateArn,
defaultBehavior: {
origin: new origins.S3Origin(websiteBucket as any, {
originAccessIdentity: originAccessIdentity as any,
}) as any,
compress: true,
allowedMethods: AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
viewerProtocolPolicy: ViewerProtocolPolicy.ALLOW_ALL,
},
});
// Creating custom origin for the application load balancer
const loadBalancerOrigin = new origins.HttpOrigin(loadBalancerDomain, {
protocolPolicy: OriginProtocolPolicy.HTTP_ONLY,
});
// Creating the path pattern to direct to the load balancer origin
cloudFrontDist.addBehavior("/generate/*", loadBalancerOrigin as any, {
compress: true,
viewerProtocolPolicy: ViewerProtocolPolicy.ALLOW_ALL,
allowedMethods: AllowedMethods.ALLOW_ALL,
});
new cdk.CfnOutput(this, "cloudfrontDomainUrl", {
value: cloudFrontDist.distributionDomainName,
exportName: "cloudfrontDomainUrl",
});
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment