169 lines
5.3 KiB
TypeScript
169 lines
5.3 KiB
TypeScript
import type { Construct } from 'constructs';
|
|
import type { IpAddressType } from './api';
|
|
import type { IBucket } from '../../../aws-s3';
|
|
import type { IResource } from '../../../core';
|
|
import { Resource } from '../../../core';
|
|
import type { ICertificateRef } from '../../../interfaces/generated/aws-certificatemanager-interfaces.generated';
|
|
import type { DomainNameReference, IDomainNameRef } from '../apigatewayv2.generated';
|
|
/**
|
|
* The minimum version of the SSL protocol that you want API Gateway to use for HTTPS connections.
|
|
*/
|
|
export declare enum SecurityPolicy {
|
|
/** Cipher suite TLS 1.0 */
|
|
TLS_1_0 = "TLS_1_0",
|
|
/** Cipher suite TLS 1.2 */
|
|
TLS_1_2 = "TLS_1_2"
|
|
}
|
|
/**
|
|
* Endpoint type for a domain name.
|
|
*/
|
|
export declare enum EndpointType {
|
|
/**
|
|
* For an edge-optimized custom domain name.
|
|
*/
|
|
EDGE = "EDGE",
|
|
/**
|
|
* For a regional custom domain name.
|
|
*/
|
|
REGIONAL = "REGIONAL"
|
|
}
|
|
/**
|
|
* Represents an APIGatewayV2 DomainName
|
|
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html
|
|
*/
|
|
export interface IDomainName extends IResource, IDomainNameRef {
|
|
/**
|
|
* The custom domain name
|
|
* @attribute
|
|
*/
|
|
readonly name: string;
|
|
/**
|
|
* The domain name associated with the regional endpoint for this custom domain name.
|
|
* @attribute
|
|
*/
|
|
readonly regionalDomainName: string;
|
|
/**
|
|
* The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint.
|
|
* @attribute
|
|
*/
|
|
readonly regionalHostedZoneId: string;
|
|
}
|
|
/**
|
|
* custom domain name attributes
|
|
*/
|
|
export interface DomainNameAttributes {
|
|
/**
|
|
* domain name string
|
|
*/
|
|
readonly name: string;
|
|
/**
|
|
* The domain name associated with the regional endpoint for this custom domain name.
|
|
*/
|
|
readonly regionalDomainName: string;
|
|
/**
|
|
* The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint.
|
|
*/
|
|
readonly regionalHostedZoneId: string;
|
|
}
|
|
/**
|
|
* properties used for creating the DomainName
|
|
*/
|
|
export interface DomainNameProps extends EndpointOptions {
|
|
/**
|
|
* The custom domain name
|
|
*/
|
|
readonly domainName: string;
|
|
/**
|
|
* The mutual TLS authentication configuration for a custom domain name.
|
|
* @default - mTLS is not configured.
|
|
*/
|
|
readonly mtls?: MTLSConfig;
|
|
}
|
|
/**
|
|
* properties for creating a domain name endpoint
|
|
*/
|
|
export interface EndpointOptions {
|
|
/**
|
|
* The ACM certificate for this domain name.
|
|
* Certificate can be both ACM issued or imported.
|
|
*/
|
|
readonly certificate: ICertificateRef;
|
|
/**
|
|
* The user-friendly name of the certificate that will be used by the endpoint for this domain name.
|
|
* @default - No friendly certificate name
|
|
*/
|
|
readonly certificateName?: string;
|
|
/**
|
|
* The type of endpoint for this DomainName.
|
|
* @default EndpointType.REGIONAL
|
|
*/
|
|
readonly endpointType?: EndpointType;
|
|
/**
|
|
* The Transport Layer Security (TLS) version + cipher suite for this domain name.
|
|
* @default SecurityPolicy.TLS_1_2
|
|
*/
|
|
readonly securityPolicy?: SecurityPolicy;
|
|
/**
|
|
* A public certificate issued by ACM to validate that you own a custom domain. This parameter is required
|
|
* only when you configure mutual TLS authentication and you specify an ACM imported or private CA certificate
|
|
* for `certificate`. The ownership certificate validates that you have permissions to use the domain name.
|
|
* @default - only required when configuring mTLS
|
|
*/
|
|
readonly ownershipCertificate?: ICertificateRef;
|
|
/**
|
|
* The IP address types that can invoke the API.
|
|
*
|
|
* @see https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-ip-address-type.html
|
|
*
|
|
* @default undefined - AWS default is IPV4
|
|
*/
|
|
readonly ipAddressType?: IpAddressType;
|
|
}
|
|
/**
|
|
* The mTLS authentication configuration for a custom domain name.
|
|
*/
|
|
export interface MTLSConfig {
|
|
/**
|
|
* The bucket that the trust store is hosted in.
|
|
*/
|
|
readonly bucket: IBucket;
|
|
/**
|
|
* The key in S3 to look at for the trust store
|
|
*/
|
|
readonly key: string;
|
|
/**
|
|
* The version of the S3 object that contains your truststore.
|
|
* To specify a version, you must have versioning enabled for the S3 bucket.
|
|
* @default - latest version
|
|
*/
|
|
readonly version?: string;
|
|
}
|
|
/**
|
|
* Custom domain resource for the API
|
|
*/
|
|
export declare class DomainName extends Resource implements IDomainName {
|
|
/**
|
|
* Uniquely identifies this class.
|
|
*/
|
|
static readonly PROPERTY_INJECTION_ID: string;
|
|
/**
|
|
* Import from attributes
|
|
*/
|
|
static fromDomainNameAttributes(scope: Construct, id: string, attrs: DomainNameAttributes): IDomainName;
|
|
readonly name: string;
|
|
private readonly domainNameConfigurations;
|
|
private readonly resource;
|
|
constructor(scope: Construct, id: string, props: DomainNameProps);
|
|
private configureMTLS;
|
|
/**
|
|
* Adds an endpoint to a domain name.
|
|
* @param options domain name endpoint properties to be set
|
|
*/
|
|
addEndpoint(options: EndpointOptions): void;
|
|
private validateEndpointType;
|
|
get regionalDomainName(): string;
|
|
get regionalHostedZoneId(): string;
|
|
private get domainNameArn();
|
|
get domainNameRef(): DomainNameReference;
|
|
}
|