-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.ts
67 lines (54 loc) · 2.01 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import { App, Construct, Stack, StackProps } from "@aws-cdk/core";
import { HostedZone } from "@aws-cdk/aws-route53";
import { DnsValidatedCertificate } from "@aws-cdk/aws-certificatemanager";
import { ParameterTier, StringParameter } from "@aws-cdk/aws-ssm";
export class WildcardCertConstruct extends Construct {
constructor(scope: Construct, id: string, props: { domainName: string, region?: string }) {
super(scope, id)
const zone = HostedZone.fromLookup(this, `${id}-HostedZone`, {
domainName: props.domainName,
});
// wildcard certificate
const cert = new DnsValidatedCertificate(
this,
`${id}-DnsValidatedCertificate`,
{
domainName: `*.${props.domainName}`,
hostedZone: zone,
region: props.region || 'us-east-1', // Cloudfront only checks this region for certificates.
},
);
new StringParameter(this, `${id}-CertParameter`, {
description: "Value of my main domain's wildcard certificate",
parameterName: 'certificateArn',
stringValue: cert.certificateArn,
tier: ParameterTier.STANDARD
})
}
}
export class DomainNameParameterConstruct extends Construct {
constructor(scope: Construct, id: string, props: { domainName: string, region?: string }) {
super(scope, id)
new StringParameter(this, `${id}-Parameter`, {
description: 'Value of my main domain name and corresponding Route 53 Hosted Zone',
parameterName: 'domainName',
stringValue: props.domainName,
tier: ParameterTier.STANDARD
})
}
}
class WildcardCertStack extends Stack {
constructor(scope: Construct, id: string, stackProps: StackProps) {
super(scope, id, stackProps);
const props = { domainName: 'mattgilbride.com' }
new WildcardCertConstruct(this, id, props)
new DomainNameParameterConstruct(this, `${id}-SSM`, props)
}
}
const app = new App()
new WildcardCertStack(app, 'wildcard-certificate', {
env: {
region: process.env.AWS_DEFAULT_REGION,
account: process.env.AWS_ACCOUNT_NUMBER,
}
})