Update to version v1.81.0

.viperlightignore

@@ -34,5 +34,5 @@ source/patterns/@aws-solutions-constructs/aws-apigateway-iot/test/integ.override
 source/patterns/@aws-solutions-constructs/aws-apigateway-iot/test/test.apigateway-iot.test.ts:29
 source/patterns/@aws-solutions-constructs/aws-apigateway-iot/test/integ.override_auth_api_keys.expected.json:253
 source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/test.cloudfront-s3.test.ts:106
-source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-s3-helper.test.ts:200
+source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-s3-helper.test.ts:202
 source/patterns/@aws-solutions-constructs/aws-s3-sqs/test/test.s3-sqs.test.ts:251

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## 1.81.0 (2021-01-14)
+
+### Changed
+- Upgraded all patterns to CDK v1.81.0
+- Fixed the issue related to adding custom lambda@edge removes insertHttpSecurityHeaders lambda@edge for all `aws-cloudfront-*` patterns ([#114](https://github.com/awslabs/aws-solutions-constructs/issues/114))
+
 ## 1.80.0 (2021-01-11)
 
 ### Changed

source/lerna.json

@@ -6,5 +6,5 @@
     "./patterns/@aws-solutions-constructs/*"
   ],
   "rejectCycles": "true",
-  "version": "1.80.0"
+  "version": "1.81.0"
 }

source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-helper.ts

@@ -120,9 +120,9 @@ export function CloudFrontDistributionForApiGateway(scope: cdk.Construct,
     });
   }
 
-  if (cloudFrontDistributionProps && cloudFrontDistributionProps.loggingConfig) {
+  if (cloudFrontDistributionProps && cloudFrontDistributionProps.enableLogging && cloudFrontDistributionProps.logBucket) {
     defaultprops = DefaultCloudFrontWebDistributionForApiGatewayProps(apiEndPoint,
-      cloudFrontDistributionProps.loggingConfig.bucket, _httpSecurityHeaders,
+      cloudFrontDistributionProps.logBucket, _httpSecurityHeaders,
       edgeLambdaVersion);
   } else {
     loggingBucket = createLoggingBucket(scope, 'CloudfrontLoggingBucket');
@@ -131,7 +131,7 @@ export function CloudFrontDistributionForApiGateway(scope: cdk.Construct,
       edgeLambdaVersion);
   }
 
-  const cfprops = cloudFrontDistributionProps ? overrideProps(defaultprops, cloudFrontDistributionProps) : defaultprops;
+  const cfprops = cloudFrontDistributionProps ? overrideProps(defaultprops, cloudFrontDistributionProps, true) : defaultprops;
   // Create the Cloudfront Distribution
   const cfDistribution: cloudfront.Distribution = new cloudfront.Distribution(scope, 'CloudFrontDistribution', cfprops);
   updateSecurityPolicy(cfDistribution);
@@ -156,16 +156,16 @@ export function CloudFrontDistributionForS3(scope: cdk.Construct,
     });
   }
 
-  if (cloudFrontDistributionProps && cloudFrontDistributionProps.loggingConfig) {
+  if (cloudFrontDistributionProps && cloudFrontDistributionProps.enableLogging && cloudFrontDistributionProps.logBucket) {
     defaultprops = DefaultCloudFrontWebDistributionForS3Props(sourceBucket,
-      cloudFrontDistributionProps.loggingConfig.bucket, _httpSecurityHeaders, edgeLambdaVersion);
+      cloudFrontDistributionProps.logBucket, _httpSecurityHeaders, edgeLambdaVersion);
   } else {
     loggingBucket = createLoggingBucket(scope, 'CloudfrontLoggingBucket');
     defaultprops = DefaultCloudFrontWebDistributionForS3Props(sourceBucket, loggingBucket,
       _httpSecurityHeaders, edgeLambdaVersion);
   }
 
-  const cfprops = cloudFrontDistributionProps ? overrideProps(defaultprops, cloudFrontDistributionProps) : defaultprops;
+  const cfprops = cloudFrontDistributionProps ? overrideProps(defaultprops, cloudFrontDistributionProps, true) : defaultprops;
   // Create the Cloudfront Distribution
   const cfDistribution: cloudfront.Distribution = new cloudfront.Distribution(scope, 'CloudFrontDistribution', cfprops);
   updateSecurityPolicy(cfDistribution);
@@ -248,7 +248,7 @@ export function CloudFrontDistributionForMediaStore(scope: cdk.Construct,
   let cfprops: cloudfront.DistributionProps;
 
   if (cloudFrontDistributionProps) {
-    cfprops = overrideProps(defaultprops, cloudFrontDistributionProps);
+    cfprops = overrideProps(defaultprops, cloudFrontDistributionProps, true);
   } else {
     cfprops = defaultprops;
   }

source/patterns/@aws-solutions-constructs/core/test/cloudfront-distribution-api-gateway-helper.test.ts

@@ -21,6 +21,7 @@ import * as s3 from '@aws-cdk/aws-s3';
 import { CloudFrontDistributionForApiGateway } from '../lib/cloudfront-distribution-helper';
 import '@aws-cdk/assert/jest';
 import * as origins from '@aws-cdk/aws-cloudfront-origins';
+import { LambdaEdgeEventType } from '@aws-cdk/aws-cloudfront';
 
 test('cloudfront distribution for ApiGateway with default params', () => {
   const stack = new Stack();
@@ -59,7 +60,7 @@ test('cloudfront distribution for ApiGateway without security headers', () => {
 test('test cloudfront for Api Gateway with user provided logging bucket', () => {
   const stack = new Stack();
 
-  const loggingBucket: s3.Bucket = new s3.Bucket(stack, 'MyCloudfrontLoggingBucket', defaults.DefaultS3Props());
+  const logBucket: s3.Bucket = new s3.Bucket(stack, 'MyCloudfrontLoggingBucket', defaults.DefaultS3Props());
 
   const inProps: lambda.FunctionProps = {
     code: lambda.Code.fromAsset(`${__dirname}/lambda-test`),
@@ -68,9 +69,8 @@ test('test cloudfront for Api Gateway with user provided logging bucket', () =>
   };
 
   const cfdProps = {
-    loggingConfig: {
-      bucket: loggingBucket
-    }
+    enableLogging: true,
+    logBucket
   };
 
   const func = defaults.deployLambdaFunction(stack, inProps);
@@ -277,4 +277,283 @@ test('test cloudfront for Api Gateway override properties', () => {
     }
   });
 
+});
+
+test('test override cloudfront add custom lambda@edge', () => {
+  const stack = new Stack();
+
+  // custom lambda@edg function
+  const handler = new lambda.Function(stack, 'SomeHandler', {
+    functionName: 'SomeHandler',
+    runtime: lambda.Runtime.NODEJS_12_X,
+    handler: 'index.handler',
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+  });
+
+  const handlerVersion = new lambda.Version(stack, 'SomeHandlerVersion', {
+    lambda: handler,
+  });
+
+  // APIG Lambda function
+  const lambdaFunctionProps: lambda.FunctionProps = {
+    runtime: lambda.Runtime.NODEJS_12_X,
+    handler: 'index.handler',
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`)
+  };
+
+  const func = new lambda.Function(stack, 'LambdaFunction', lambdaFunctionProps);
+  const _api = new api.LambdaRestApi(stack, 'RestApi', {
+    handler: func
+  });
+  CloudFrontDistributionForApiGateway(stack, _api, {
+    defaultBehavior: {
+      edgeLambdas: [
+        {
+          eventType: LambdaEdgeEventType.VIEWER_REQUEST,
+          includeBody: false,
+          functionVersion: handlerVersion,
+        }
+      ]
+    }
+  });
+
+  expect(stack).toHaveResource("AWS::CloudFront::Distribution", {
+    DistributionConfig: {
+      DefaultCacheBehavior: {
+        CachePolicyId: "658327ea-f89d-4fab-a63d-7e88639e58f6",
+        Compress: true,
+        LambdaFunctionAssociations: [
+          {
+            EventType: "origin-response",
+            LambdaFunctionARN: {
+              Ref: "SetHttpSecurityHeadersVersion660E2F72"
+            }
+          },
+          {
+            EventType: "viewer-request",
+            IncludeBody: false,
+            LambdaFunctionARN: {
+              Ref: "SomeHandlerVersionDA986E41"
+            }
+          }
+        ],
+        TargetOriginId: "CloudFrontDistributionOrigin176EC3A12",
+        ViewerProtocolPolicy: "redirect-to-https"
+      },
+      Enabled: true,
+      HttpVersion: "http2",
+      IPV6Enabled: true,
+      Logging: {
+        Bucket: {
+          "Fn::GetAtt": [
+            "CloudfrontLoggingBucket3C3EFAA7",
+            "RegionalDomainName"
+          ]
+        }
+      },
+      Origins: [
+        {
+          CustomOriginConfig: {
+            OriginProtocolPolicy: "https-only",
+            OriginSSLProtocols: [
+              "TLSv1.2"
+            ]
+          },
+          DomainName: {
+            "Fn::Select": [
+              0,
+              {
+                "Fn::Split": [
+                  "/",
+                  {
+                    "Fn::Select": [
+                      1,
+                      {
+                        "Fn::Split": [
+                          "://",
+                          {
+                            "Fn::Join": [
+                              "",
+                              [
+                                "https://",
+                                {
+                                  Ref: "RestApi0C43BF4B"
+                                },
+                                ".execute-api.",
+                                {
+                                  Ref: "AWS::Region"
+                                },
+                                ".",
+                                {
+                                  Ref: "AWS::URLSuffix"
+                                },
+                                "/",
+                                {
+                                  Ref: "RestApiDeploymentStageprod3855DE66"
+                                },
+                                "/"
+                              ]
+                            ]
+                          }
+                        ]
+                      }
+                    ]
+                  }
+                ]
+              }
+            ]
+          },
+          Id: "CloudFrontDistributionOrigin176EC3A12",
+          OriginPath: {
+            "Fn::Join": [
+              "",
+              [
+                "/",
+                {
+                  Ref: "RestApiDeploymentStageprod3855DE66"
+                }
+              ]
+            ]
+          }
+        }
+      ]
+    }
+  });
+});
+
+test('test override cloudfront replace custom lambda@edge', () => {
+  const stack = new Stack();
+
+  // custom lambda@edg function
+  const handler = new lambda.Function(stack, 'SomeHandler', {
+    functionName: 'SomeHandler',
+    runtime: lambda.Runtime.NODEJS_12_X,
+    handler: 'index.handler',
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`),
+  });
+
+  const handlerVersion = new lambda.Version(stack, 'SomeHandlerVersion', {
+    lambda: handler,
+  });
+
+  // APIG Lambda function
+  const lambdaFunctionProps: lambda.FunctionProps = {
+    runtime: lambda.Runtime.NODEJS_12_X,
+    handler: 'index.handler',
+    code: lambda.Code.fromAsset(`${__dirname}/lambda`)
+  };
+
+  const func = new lambda.Function(stack, 'LambdaFunction', lambdaFunctionProps);
+  const _api = new api.LambdaRestApi(stack, 'RestApi', {
+    handler: func
+  });
+  CloudFrontDistributionForApiGateway(stack, _api, {
+    defaultBehavior: {
+      edgeLambdas: [
+        {
+          eventType: LambdaEdgeEventType.VIEWER_REQUEST,
+          includeBody: false,
+          functionVersion: handlerVersion,
+        }
+      ]
+    }
+  },
+  false);
+
+  expect(stack).toHaveResource("AWS::CloudFront::Distribution", {
+    DistributionConfig: {
+      DefaultCacheBehavior: {
+        CachePolicyId: "658327ea-f89d-4fab-a63d-7e88639e58f6",
+        Compress: true,
+        LambdaFunctionAssociations: [
+          {
+            EventType: "viewer-request",
+            IncludeBody: false,
+            LambdaFunctionARN: {
+              Ref: "SomeHandlerVersionDA986E41"
+            }
+          }
+        ],
+        TargetOriginId: "CloudFrontDistributionOrigin176EC3A12",
+        ViewerProtocolPolicy: "redirect-to-https"
+      },
+      Enabled: true,
+      HttpVersion: "http2",
+      IPV6Enabled: true,
+      Logging: {
+        Bucket: {
+          "Fn::GetAtt": [
+            "CloudfrontLoggingBucket3C3EFAA7",
+            "RegionalDomainName"
+          ]
+        }
+      },
+      Origins: [
+        {
+          CustomOriginConfig: {
+            OriginProtocolPolicy: "https-only",
+            OriginSSLProtocols: [
+              "TLSv1.2"
+            ]
+          },
+          DomainName: {
+            "Fn::Select": [
+              0,
+              {
+                "Fn::Split": [
+                  "/",
+                  {
+                    "Fn::Select": [
+                      1,
+                      {
+                        "Fn::Split": [
+                          "://",
+                          {
+                            "Fn::Join": [
+                              "",
+                              [
+                                "https://",
+                                {
+                                  Ref: "RestApi0C43BF4B"
+                                },
+                                ".execute-api.",
+                                {
+                                  Ref: "AWS::Region"
+                                },
+                                ".",
+                                {
+                                  Ref: "AWS::URLSuffix"
+                                },
+                                "/",
+                                {
+                                  Ref: "RestApiDeploymentStageprod3855DE66"
+                                },
+                                "/"
+                              ]
+                            ]
+                          }
+                        ]
+                      }
+                    ]
+                  }
+                ]
+              }
+            ]
+          },
+          Id: "CloudFrontDistributionOrigin176EC3A12",
+          OriginPath: {
+            "Fn::Join": [
+              "",
+              [
+                "/",
+                {
+                  Ref: "RestApiDeploymentStageprod3855DE66"
+                }
+              ]
+            ]
+          }
+        }
+      ]
+    }
+  });
 });