taimos / cdk-serverless Goto Github PK
View Code? Open in Web Editor NEWAWS CDK Serverless Toolsuite
License: Apache License 2.0
AWS CDK Serverless Toolsuite
License: Apache License 2.0
feature
The HttpApi generates an API Gateway (v2), all API methods are accessible without authentication.
If enabled, API methods can be defined as protected. Access is only possible for users defined in the Cognito User Pool.
It's necessary to create an App Client in the Cognito User Pool.
IAuthentication
to pass an existing App Client.AuthenticationProps
.Using the User Pool and the App Client, I would create an HttpUserPoolAuthorizer and attach it to each apiGw.HttpRoute
which is created in method addCustomRoute()
.
How to configure which API methods should be protected? In the OpenAPI definition, a protected API method can be defined using keyword security
. If this keyword is set, I would propose to add the HttpUserPoolAuthorizer to the API method. This approach provides the advantage, that no additional configuration is necessary to specify which API methods should be protected.
Please let me know if I can implement the feature and create a pull request. If you have some optimizations, please let me know, too.
AppSync now supports unit resolvers to be written in JS
Feature
Hi Thorsten,
I have some feedback after I started doing a small demo project with cdk-serverless.
Could you please check my findings? From my point of view, it's possible solve them in the coding (add support or display errors/warnings) or just mention it in the documentation.
bug
I started with the OpenAPI definition which is provided as an example if you open https://editor.swagger.io/ the first time.
In the generated Lambda function, requests with body will show this error:
Type '{ parameters: { body: { body: { id?: number | undefined; category?: { id?: number | undefined; name?: string | undefined; } | undefined; name: string; photoUrls: string[]; tags?: { id?: number | undefined; name?: string | undefined; }[] | undefined; status?: "available" | ... 2 more ... | undefined; }; }; }; respons...' does not satisfy the constraint 'OperationWithRequestBody'.
Property 'requestBody' is missing in type '{ parameters: { body: { body: { id?: number | undefined; category?: { id?: number | undefined; name?: string | undefined; } | undefined; name: string; photoUrls: string[]; tags?: { id?: number | undefined; name?: string | undefined; }[] | undefined; status?: "available" | ... 2 more ... | undefined; }; }; }; respons...' but required in type 'OperationWithRequestBody'.ts(2344)
The Open API file uses version swagger: "2.0"
where keyword requestBody
is missing. After I converted the openapi.yaml to OpenAPI 3.0, the error disappeared.
Suggested options:
*/*
not supportedThe example API definition from https://editor.swagger.io/ uses content type */*
instead of application/json
. This leads to the following error in the generated Lambda function:
Type '{ responses: { default: unknown; }; requestBody: { content: { "*/*": { id?: number | undefined; username?: string | undefined; firstName?: string | undefined; lastName?: string | undefined; email?: string | undefined; password?: string | undefined; phone?: string | undefined; userStatus?: number | undefined; }; }; }...' does not satisfy the constraint 'OperationWithRequestBody'.
The types of 'requestBody.content' are incompatible between these types.
Property ''application/json'' is missing in type '{ "*/*": { id?: number | undefined; username?: string | undefined; firstName?: string | undefined; lastName?: string | undefined; email?: string | undefined; password?: string | undefined; phone?: string | undefined; userStatus?: number | undefined; }; }' but required in type '{ 'application/json': any; }'.ts(2344)
Caused by this API method:
requestBody:
description: Created user object
content:
'*/*':
schema:
$ref: '#/components/schemas/User'
Suggested options:
application/json
is supported in the request body.application/x-www-form-urlencoded
not supportedSimilar to problem 2: Content type application/x-www-form-urlencoded is not supported.
Type '{ parameters: { path: { petId: number; }; }; responses: { 405: unknown; }; requestBody: { content: { "application/x-www-form-urlencoded": { name?: string | undefined; status?: string | undefined; }; }; }; }' does not satisfy the constraint 'OperationWithRequestBody'.
The types of 'requestBody.content' are incompatible between these types.
Property ''application/json'' is missing in type '{ "application/x-www-form-urlencoded": { name?: string | undefined; status?: string | undefined; }; }' but required in type '{ 'application/json': any; }'.ts(2344)
Caused by this API method:
requestBody:
content:
application/x-www-form-urlencoded:
schema:
properties:
multipart/form-data
not supportedSimilar to problem 2: Content type multipart/form-data is not supported.
Type '{ parameters: { path: { petId: number; }; }; responses: { 200: { content: { "application/json": { code?: number | undefined; type?: string | undefined; message?: string | undefined; }; }; }; }; requestBody: { ...; }; }' does not satisfy the constraint 'OperationWithRequestBody'.
The types of 'requestBody.content' are incompatible between these types.
Property ''application/json'' is missing in type '{ "multipart/form-data": { additionalMetadata?: string | undefined; file?: string | undefined; }; }' but required in type '{ 'application/json': any; }'.ts(2344)
Caused by this API method:
requestBody:
content:
multipart/form-data:
schema:
properties:
Import API definition from https://editor.swagger.io/ and execute projen generate:api
. Next, open the generated lambda coding in the IDE to see the errors.
For tests with OpenAPI 3, convert the file from https://editor.swagger.io/ using Edit --> Convert to OpenAPI 3 in the online editor.
No error messages displayed in the IDE for the generated coding.
cdk-serverless version 0.1.42
For me, it's not necessary to add those functions to cdk-serverless. It would be sufficient to describe those limitations in the readme. If you agree to it, I can add it to the readme and create a pull request.
I would also suggest to link the openapi.yaml file from your demo project in the quick start section to provide a fully supported OpenAPI definition as an example.
After updating to 2.8.0 the file graphql-codegen.api.yml
is no longer generated in GraphQL setups.
Seems like the move of the files to synthesize
has some side effects.
@DerDackel do you have any idea?
bug
Add cdk-serverless to a new projen project. After adding HttpApiAspect to .projenrc.js, the projen command fails:
Error: Must specify at least one of 'contents' or 'source'.
at new SampleFile (/Users/julian/dev/serverless-example/node_modules/projen/lib/sample-file.js:33:19)
at new HttpApiAspect (/Users/julian/dev/serverless-example/node_modules/cdk-serverless/lib/projen/http-api.js:35:9)
at Object.<anonymous> (/Users/julian/dev/serverless-example/.projenrc.js:27:1)
at Module._compile (internal/modules/cjs/loader.js:1063:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
at Module.load (internal/modules/cjs/loader.js:928:32)
at Function.Module._load (internal/modules/cjs/loader.js:769:14)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
at internal/main/run_main_module.js:17:47
Command projen should create an empty file called openapi.yaml.
cdk-serverless: 0.1.40
projen: 0.24.11
Since projen version 0.24.10, class SampleFile checks if a content was specified. For openapi.yaml no content in cdk-serverless is specified, therefore the projen command fails.
Bug
target: route53.RecordTarget.fromAlias(new route53Target.ApiGatewayv2Domain(dn)),
^
TypeError: route53Target.ApiGatewayv2Domain is not a constructor
at new HttpApi (/Users/hoegertn/tmp/aurora-sls/node_modules/cdk-serverless/src/constructs/http-api.ts:129:46)
at new MyStack (/Users/hoegertn/tmp/aurora-sls/src/main.ts:9:5)
at Object.<anonymous> (/Users/hoegertn/tmp/aurora-sls/src/main.ts:29:1)
at Module._compile (node:internal/modules/cjs/loader:1108:14)
at Module.m._compile (/Users/hoegertn/tmp/aurora-sls/node_modules/ts-node/src/index.ts:1056:23)
at Module._extensions..js (node:internal/modules/cjs/loader:1137:10)
at Object.require.extensions.<computed> [as .ts] (/Users/hoegertn/tmp/aurora-sls/node_modules/ts-node/src/index.ts:1059:12)
at Module.load (node:internal/modules/cjs/loader:988:32)
at Function.Module._load (node:internal/modules/cjs/loader:828:14)
at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:76:12)
This is a new feature
Deploy an ALB-backed REST API without API GW
Command:
npx esbuild --bundle --sourcemap=inline --sources-content=false --target=esnext --platform=node --format=esm --external:@aws-appsync/utils --outdir=src/js-resolver src/js-resolver/*.ts
Hi,
bug
cdk deploy
fails with circular dependency error:
my-http-stack-dev failed: Error [ValidationError]: Circular dependency between resources: [ApiAuthenticationGroupadmin1F3B381D, ApiFnremoveTodo3270A2EC, ApiFngetTodoById6950F289, ApiDELETEtodosidHttpIntegration01b2222bbca1e140051e74b75d02a6799AB1AEF8, ApiDELETEtodosid87BC86DA, ApiGETtodos9447D15A, ApiPOSTtodosDBE932CC, ApiGETtodosmyhttpstackdevApiGETtodos6F4DA541PermissionD940D7E9, ApiDELETEtodosidmyhttpstackdevApiDELETEtodosidCB5EB443PermissionB8D09DC9, ApiFnaddTodo2C053AD6, ApiAuthenticationCustomMessageFunctionCustomMessageCognito6BA0E215, ApiMonitoringDashboard86C659C4, ApiFngetTodos2277752E, ApiGETtodosidmyhttpstackdevApiGETtodosid594DCC8APermission3A22A070, ApiAuthenticationUserPool7FA29541, ApiGETtodosidHttpIntegration7b25c63f258d2c5123860c9dc5fac2193E95C7A6, ApiGETtodosid3DAAA533, ApiPOSTtodosmyhttpstackdevApiPOSTtodos997E2D9DPermission5AEBEF5E, ApiPOSTtodosHttpIntegration554586fb156f3766b3c7c3e8145235e46F587D89, ApiAuthenticationGroupmoderators200792EB, ApiAuthenticationCustomMessageFunction95A5B159, ApiGETtodosHttpIntegration1ff291e4d950d72be84694163c73b7dbFC2116E5]
at Request.extractError (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/protocol/query.js:50:29)
at Request.callListeners (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:688:14)
at Request.transition (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:690:12)
at Request.callListeners (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
code: 'ValidationError',
time: 2021-06-19T19:09:33.601Z,
requestId: '2591ca80-0195-4698-8d8d-aff09c54ade7',
statusCode: 400,
retryable: false,
retryDelay: 35.58554566236416
}
I checked out the demo project: https://github.com/taimos/cdk-serverless-demo-http
In .projenrc.js, I specified the cdk-serverless version number to use the current version:
deps: [
'[email protected]',
],
In main.ts, I added the authentication configuration to the HttpApi:
authentication: {
groups: {
admin: 'Admins',
moderators: 'Mods',
},
triggers: {
customMessages: true,
},
},
CDK stack should be deployed without circular dependency error.
cdk-serverless: 0.1.42
It worked in previous versions (0.1.2).
If I remove line customMessages: true,
from main.ts, the issue doesn't appear and the stack will be deployed successfully.
cdk-serverless/src/constructs/graphql.ts
Line 324 in 788e565
Feature
Simple construct to create an HttpApi with a backing lambda function that receives all requests.
Hello!
I hope you are doing well!
We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.
Can you enable it, so that we can report it?
Thanks in advance!
PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.