taimos / cdk-serverless Goto Github PK
View Code? Open in Web Editor NEWAWS CDK Serverless Toolsuite
License: Apache License 2.0
cdk-serverless's People
Contributors
![taimos-projen[bot] avatar](https://avatars.githubusercontent.com/u/1290287?v=4 "taimos-projen[bot]")
Stargazers
Watchers
cdk-serverless's Issues
Support authentication in HttpApi
Do you want to request a feature or report a bug?
feature
What is the current behavior?
The HttpApi generates an API Gateway (v2), all API methods are accessible without authentication.
What is the expected behavior?
If enabled, API methods can be defined as protected. Access is only possible for users defined in the Cognito User Pool.
Suggested implementation
It's necessary to create an App Client in the Cognito User Pool.
- For existing authentication, I would add a new property in
IAuthenticationto pass an existing App Client. - If the User Pool is generated in HttpApi, I would add the necessary configuration to
AuthenticationProps.
Using the User Pool and the App Client, I would create an HttpUserPoolAuthorizer and attach it to each apiGw.HttpRoute which is created in method addCustomRoute().
How to configure which API methods should be protected? In the OpenAPI definition, a protected API method can be defined using keyword security. If this keyword is set, I would propose to add the HttpUserPoolAuthorizer to the API method. This approach provides the advantage, that no additional configuration is necessary to specify which API methods should be protected.
Please let me know if I can implement the feature and create a pull request. If you have some optimizations, please let me know, too.
AppSync: Use unit resolvers for JS instead of pipeline resolvers
AppSync now supports unit resolvers to be written in JS
Add grantReadAssets method to LambdaFunction
Add feature to modify LambdaFunction config
Do you want to request a feature or report a bug?
Feature
Open API 2.0 and unsupported content types in OpenAPI 3.0
Hi Thorsten,
I have some feedback after I started doing a small demo project with cdk-serverless.
Could you please check my findings? From my point of view, it's possible solve them in the coding (add support or display errors/warnings) or just mention it in the documentation.
Do you want to request a feature or report a bug?
bug
What is the current behavior?
1) OpenAPI in version 2.0 (swagger)
I started with the OpenAPI definition which is provided as an example if you open https://editor.swagger.io/ the first time.
In the generated Lambda function, requests with body will show this error:
Type '{ parameters: { body: { body: { id?: number | undefined; category?: { id?: number | undefined; name?: string | undefined; } | undefined; name: string; photoUrls: string[]; tags?: { id?: number | undefined; name?: string | undefined; }[] | undefined; status?: "available" | ... 2 more ... | undefined; }; }; }; respons...' does not satisfy the constraint 'OperationWithRequestBody'.
Property 'requestBody' is missing in type '{ parameters: { body: { body: { id?: number | undefined; category?: { id?: number | undefined; name?: string | undefined; } | undefined; name: string; photoUrls: string[]; tags?: { id?: number | undefined; name?: string | undefined; }[] | undefined; status?: "available" | ... 2 more ... | undefined; }; }; }; respons...' but required in type 'OperationWithRequestBody'.ts(2344)
The Open API file uses version swagger: "2.0" where keyword requestBody is missing. After I converted the openapi.yaml to OpenAPI 3.0, the error disappeared.
Suggested options:
- Add to documentation: Only OpenAPI 3.0 and above is supported. Maybe check OpenAPI version in the generator and throw an error if an unsupported version is used.
- Solve underlying issue.
2. Content type */* not supported
The example API definition from https://editor.swagger.io/ uses content type */* instead of application/json. This leads to the following error in the generated Lambda function:
Type '{ responses: { default: unknown; }; requestBody: { content: { "*/*": { id?: number | undefined; username?: string | undefined; firstName?: string | undefined; lastName?: string | undefined; email?: string | undefined; password?: string | undefined; phone?: string | undefined; userStatus?: number | undefined; }; }; }...' does not satisfy the constraint 'OperationWithRequestBody'.
The types of 'requestBody.content' are incompatible between these types.
Property ''application/json'' is missing in type '{ "*/*": { id?: number | undefined; username?: string | undefined; firstName?: string | undefined; lastName?: string | undefined; email?: string | undefined; password?: string | undefined; phone?: string | undefined; userStatus?: number | undefined; }; }' but required in type '{ 'application/json': any; }'.ts(2344)
Caused by this API method:
requestBody:
description: Created user object
content:
'*/*':
schema:
$ref: '#/components/schemas/User'
Suggested options:
- Add to documentation: Only content type
application/jsonis supported in the request body. - Solve underlying issue.
3. Content type application/x-www-form-urlencoded not supported
Similar to problem 2: Content type application/x-www-form-urlencoded is not supported.
Type '{ parameters: { path: { petId: number; }; }; responses: { 405: unknown; }; requestBody: { content: { "application/x-www-form-urlencoded": { name?: string | undefined; status?: string | undefined; }; }; }; }' does not satisfy the constraint 'OperationWithRequestBody'.
The types of 'requestBody.content' are incompatible between these types.
Property ''application/json'' is missing in type '{ "application/x-www-form-urlencoded": { name?: string | undefined; status?: string | undefined; }; }' but required in type '{ 'application/json': any; }'.ts(2344)
Caused by this API method:
requestBody:
content:
application/x-www-form-urlencoded:
schema:
properties:
4. Content type multipart/form-data not supported
Similar to problem 2: Content type multipart/form-data is not supported.
Type '{ parameters: { path: { petId: number; }; }; responses: { 200: { content: { "application/json": { code?: number | undefined; type?: string | undefined; message?: string | undefined; }; }; }; }; requestBody: { ...; }; }' does not satisfy the constraint 'OperationWithRequestBody'.
The types of 'requestBody.content' are incompatible between these types.
Property ''application/json'' is missing in type '{ "multipart/form-data": { additionalMetadata?: string | undefined; file?: string | undefined; }; }' but required in type '{ 'application/json': any; }'.ts(2344)
Caused by this API method:
requestBody:
content:
multipart/form-data:
schema:
properties:
If the current behavior is a bug, please provide the steps to reproduce it.
Import API definition from https://editor.swagger.io/ and execute projen generate:api. Next, open the generated lambda coding in the IDE to see the errors.
For tests with OpenAPI 3, convert the file from https://editor.swagger.io/ using Edit --> Convert to OpenAPI 3 in the online editor.
What is the expected behavior?
No error messages displayed in the IDE for the generated coding.
Which versions of CDK Serverless are affected by this issue? Did this work in previous versions?
cdk-serverless version 0.1.42
Additional remarks
For me, it's not necessary to add those functions to cdk-serverless. It would be sufficient to describe those limitations in the readme. If you agree to it, I can add it to the readme and create a pull request.
I would also suggest to link the openapi.yaml file from your demo project in the quick start section to provide a fully supported OpenAPI definition as an example.
Fall back to current region for Cognito SES config
Regression: graphql-codegen.api.yml is no longer generated
After updating to 2.8.0 the file graphql-codegen.api.yml is no longer generated in GraphQL setups.
Seems like the move of the files to synthesize has some side effects.
@DerDackel do you have any idea?
Adding openapi.yaml in HttpApiAspect fails
Do you want to request a feature or report a bug?
bug
If the current behavior is a bug, please provide the steps to reproduce it.
Add cdk-serverless to a new projen project. After adding HttpApiAspect to .projenrc.js, the projen command fails:
Error: Must specify at least one of 'contents' or 'source'.
at new SampleFile (/Users/julian/dev/serverless-example/node_modules/projen/lib/sample-file.js:33:19)
at new HttpApiAspect (/Users/julian/dev/serverless-example/node_modules/cdk-serverless/lib/projen/http-api.js:35:9)
at Object.<anonymous> (/Users/julian/dev/serverless-example/.projenrc.js:27:1)
at Module._compile (internal/modules/cjs/loader.js:1063:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
at Module.load (internal/modules/cjs/loader.js:928:32)
at Function.Module._load (internal/modules/cjs/loader.js:769:14)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
at internal/main/run_main_module.js:17:47
What is the expected behavior?
Command projen should create an empty file called openapi.yaml.
Which versions of CDK Serverless are affected by this issue? Did this work in previous versions?
cdk-serverless: 0.1.40
projen: 0.24.11
Since projen version 0.24.10, class SampleFile checks if a content was specified. For openapi.yaml no content in cdk-serverless is specified, therefore the projen command fails.
Dashboard name cannot contain spaces
Support hostedZone as prop in RestApi / BaseApi
Breaking change in CDK 1.100.0
Do you want to request a feature or report a bug?
Bug
What is the current behavior?
target: route53.RecordTarget.fromAlias(new route53Target.ApiGatewayv2Domain(dn)),
^
TypeError: route53Target.ApiGatewayv2Domain is not a constructor
at new HttpApi (/Users/hoegertn/tmp/aurora-sls/node_modules/cdk-serverless/src/constructs/http-api.ts:129:46)
at new MyStack (/Users/hoegertn/tmp/aurora-sls/src/main.ts:9:5)
at Object.<anonymous> (/Users/hoegertn/tmp/aurora-sls/src/main.ts:29:1)
at Module._compile (node:internal/modules/cjs/loader:1108:14)
at Module.m._compile (/Users/hoegertn/tmp/aurora-sls/node_modules/ts-node/src/index.ts:1056:23)
at Module._extensions..js (node:internal/modules/cjs/loader:1137:10)
at Object.require.extensions.<computed> [as .ts] (/Users/hoegertn/tmp/aurora-sls/node_modules/ts-node/src/index.ts:1059:12)
at Module.load (node:internal/modules/cjs/loader:988:32)
at Function.Module._load (node:internal/modules/cjs/loader:828:14)
at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:76:12)
Helper classes for unit testing serverless applications
- API GW Request/Event Builder
- Lambda Context object
- DataStore Mock
- expect helper for HTTP/REST responses
Implement an HTTP API Construct using ALB instead of API GW
Do you want to request a feature or report a bug?
This is a new feature
What is the expected behavior?
Deploy an ALB-backed REST API without API GW
[GraphQL]: addLambdaResolver returns wrong type
Auth: support PreSignUpTriggerFunction
Support provisioned concurrency for Lambda functions
Support auto-bundling of TypeScript resolvers in AppSync
Command:
npx esbuild --bundle --sourcemap=inline --sources-content=false --target=esnext --platform=node --format=esm --external:@aws-appsync/utils --outdir=src/js-resolver src/js-resolver/*.ts
Circular dependency when using authentication with customMessages in HttpApi
Hi,
Do you want to request a feature or report a bug?
bug
What is the current behavior?
cdk deploy fails with circular dependency error:
my-http-stack-dev failed: Error [ValidationError]: Circular dependency between resources: [ApiAuthenticationGroupadmin1F3B381D, ApiFnremoveTodo3270A2EC, ApiFngetTodoById6950F289, ApiDELETEtodosidHttpIntegration01b2222bbca1e140051e74b75d02a6799AB1AEF8, ApiDELETEtodosid87BC86DA, ApiGETtodos9447D15A, ApiPOSTtodosDBE932CC, ApiGETtodosmyhttpstackdevApiGETtodos6F4DA541PermissionD940D7E9, ApiDELETEtodosidmyhttpstackdevApiDELETEtodosidCB5EB443PermissionB8D09DC9, ApiFnaddTodo2C053AD6, ApiAuthenticationCustomMessageFunctionCustomMessageCognito6BA0E215, ApiMonitoringDashboard86C659C4, ApiFngetTodos2277752E, ApiGETtodosidmyhttpstackdevApiGETtodosid594DCC8APermission3A22A070, ApiAuthenticationUserPool7FA29541, ApiGETtodosidHttpIntegration7b25c63f258d2c5123860c9dc5fac2193E95C7A6, ApiGETtodosid3DAAA533, ApiPOSTtodosmyhttpstackdevApiPOSTtodos997E2D9DPermission5AEBEF5E, ApiPOSTtodosHttpIntegration554586fb156f3766b3c7c3e8145235e46F587D89, ApiAuthenticationGroupmoderators200792EB, ApiAuthenticationCustomMessageFunction95A5B159, ApiGETtodosHttpIntegration1ff291e4d950d72be84694163c73b7dbFC2116E5]
at Request.extractError (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/protocol/query.js:50:29)
at Request.callListeners (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
at Request.emit (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
at Request.emit (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:688:14)
at Request.transition (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:22:10)
at AcceptorStateMachine.runTo (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/state_machine.js:14:12)
at /usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/state_machine.js:26:10
at Request.<anonymous> (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:38:9)
at Request.<anonymous> (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/request.js:690:12)
at Request.callListeners (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/sequential_executor.js:116:18) {
code: 'ValidationError',
time: 2021-06-19T19:09:33.601Z,
requestId: '2591ca80-0195-4698-8d8d-aff09c54ade7',
statusCode: 400,
retryable: false,
retryDelay: 35.58554566236416
}
If the current behavior is a bug, please provide the steps to reproduce it.
I checked out the demo project: https://github.com/taimos/cdk-serverless-demo-http
In .projenrc.js, I specified the cdk-serverless version number to use the current version:
deps: [
'[email protected]',
],
In main.ts, I added the authentication configuration to the HttpApi:
authentication: {
groups: {
admin: 'Admins',
moderators: 'Mods',
},
triggers: {
customMessages: true,
},
},
What is the expected behavior?
CDK stack should be deployed without circular dependency error.
Which versions of CDK Serverless are affected by this issue? Did this work in previous versions?
cdk-serverless: 0.1.42
It worked in previous versions (0.1.2).
If I remove line customMessages: true, from main.ts, the issue doesn't appear and the stack will be deployed successfully.
Use SINGLE_FILE bundling for AppSync JS resolvers
cdk-serverless/src/constructs/graphql.ts
Line 324 in 788e565
Create Lambda code from function reference
Add a construct for a webhook
Do you want to request a feature or report a bug?
Feature
What is the expected behavior?
Simple construct to create an HttpApi with a backing lambda function that receives all requests.
Out-of-the-box support for cdk-monitoring-constructs
Reporting a vulnerability
Hello!
I hope you are doing well!
We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.
Can you enable it, so that we can report it?
Thanks in advance!
PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.