├── .github ├── ISSUE_TEMPLATE.yaml └── PULL_REQUEST_TEMPLATE.md ├── .gitignore ├── .npmignore ├── CHANGELOG ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── NOTICE ├── README.md ├── SECURITY.md ├── SUPPORT.md ├── assets ├── archi.png └── output_cdk.png ├── cdk.json ├── jest.config.js ├── package-lock.json ├── package.json ├── src ├── front │ ├── .eslintrc.json │ ├── .gitattributes │ ├── .gitignore │ ├── .mergify.yml │ ├── .npmignore │ ├── .projen │ │ ├── deps.json │ │ ├── files.json │ │ └── tasks.json │ ├── .projenrc.js │ ├── LICENSE │ ├── README.md │ ├── package.json │ ├── public │ │ ├── 403.html │ │ ├── android-icon-144x144.png │ │ ├── android-icon-192x192.png │ │ ├── android-icon-36x36.png │ │ ├── android-icon-48x48.png │ │ ├── android-icon-72x72.png │ │ ├── android-icon-96x96.png │ │ ├── apple-icon-114x114.png │ │ ├── apple-icon-120x120.png │ │ ├── apple-icon-144x144.png │ │ ├── apple-icon-152x152.png │ │ ├── apple-icon-180x180.png │ │ ├── apple-icon-57x57.png │ │ ├── apple-icon-60x60.png │ │ ├── apple-icon-72x72.png │ │ ├── apple-icon-76x76.png │ │ ├── apple-icon-precomposed.png │ │ ├── apple-icon.png │ │ ├── browserconfig.xml │ │ ├── favicon-16x16.png │ │ ├── favicon-32x32.png │ │ ├── favicon-96x96.png │ │ ├── favicon.ico │ │ ├── index.html │ │ ├── manifest.json │ │ ├── ms-icon-144x144.png │ │ ├── ms-icon-150x150.png │ │ ├── ms-icon-310x310.png │ │ ├── ms-icon-70x70.png │ │ └── robots.txt │ ├── src │ │ ├── App.css │ │ ├── App.tsx │ │ ├── Book.ts │ │ ├── NavHeader.tsx │ │ ├── PageBooks.tsx │ │ ├── PageEditBook.tsx │ │ ├── index.css │ │ ├── index.tsx │ │ ├── reportWebVitals.ts │ │ └── test │ │ │ └── PageBooks.test.js │ ├── tsconfig.dev.json │ ├── tsconfig.json │ └── yarn.lock ├── functions │ ├── auth │ │ └── auth.mjs │ └── books │ │ └── books.ts └── infra │ ├── BackendStack.ts │ ├── BookApp.ts │ ├── BookStack.ts │ └── FrontendStack.ts └── tsconfig.json /.github/ISSUE_TEMPLATE.yaml: -------------------------------------------------------------------------------- 1 | name: Bug Report 2 | description: File a bug report 3 | title: "[Bug]: " 4 | labels: ["bug", "triage"] 5 | assignees: 6 | - jeromevdl 7 | body: 8 | - type: markdown 9 | attributes: 10 | value: | 11 | Thanks for taking the time to fill out this bug report! 12 | - type: textarea 13 | id: what-happened 14 | attributes: 15 | label: What happened? 16 | description: Also tell us, what did you expect to happen? 17 | placeholder: Tell us what you see! 18 | value: "A bug happened!" 19 | validations: 20 | required: true 21 | - type: textarea 22 | id: logs 23 | attributes: 24 | label: Relevant log output 25 | description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. 26 | render: shell 27 | - type: checkboxes 28 | id: terms 29 | attributes: 30 | label: Code of Conduct 31 | description: By submitting this issue, you agree to follow our [Code of Conduct](https://example.com) 32 | options: 33 | - label: I agree to follow this project's Code of Conduct 34 | required: true -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | # Pull Request Template 2 | 3 | ## Description 4 | 5 | Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change. 6 | 7 | Fixes # (issue) 8 | 9 | ## Type of change 10 | 11 | Please delete options that are not relevant. 12 | 13 | - [ ] Bug fix (non-breaking change which fixes an issue) 14 | - [ ] New feature (non-breaking change which adds functionality) 15 | - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) 16 | - [ ] This change requires a documentation update 17 | 18 | ## How Has This Been Tested? 19 | 20 | Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration 21 | 22 | - [ ] Test A 23 | - [ ] Test B 24 | 25 | **Test Configuration**: 26 | * Tools versions (node, CDK, SDK, ...) 27 | 28 | ## Checklist: 29 | 30 | - [ ] My code follows the style guidelines of this project 31 | - [ ] I have performed a self-review of my own code 32 | - [ ] I have commented my code, particularly in hard-to-understand areas 33 | - [ ] I have made corresponding changes to the documentation 34 | - [ ] My changes generate no new warnings 35 | - [ ] I have added tests that prove my fix is effective or that my feature works 36 | - [ ] New and existing unit tests pass locally with my changes 37 | - [ ] Any dependent changes have been merged and published in downstream modules 38 | - [ ] I have checked my code and corrected any misspellings -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | !jest.config.js 2 | *.d.ts 3 | node_modules 4 | build 5 | 6 | # CDK asset staging directory 7 | .cdk.staging 8 | cdk.out 9 | 10 | .idea/ 11 | 12 | repolinter -------------------------------------------------------------------------------- /.npmignore: -------------------------------------------------------------------------------- 1 | *.ts 2 | !*.d.ts 3 | 4 | # CDK asset staging directory 5 | .cdk.staging 6 | cdk.out 7 | -------------------------------------------------------------------------------- /CHANGELOG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/CHANGELOG -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional 4 | documentation, we greatly value feedback and contributions from our community. 5 | 6 | Please read through this document before submitting any issues or pull requests to ensure we have all the necessary 7 | information to effectively respond to your bug report or contribution. 8 | 9 | 10 | ## Reporting Bugs/Feature Requests 11 | 12 | We welcome you to use the GitHub issue tracker to report bugs or suggest features. 13 | 14 | When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already 15 | reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: 16 | 17 | * A reproducible test case or series of steps 18 | * The version of our code being used 19 | * Any modifications you've made relevant to the bug 20 | * Anything unusual about your environment or deployment 21 | 22 | 23 | ## Contributing via Pull Requests 24 | Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: 25 | 26 | 1. You are working against the latest source on the *main* branch. 27 | 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. 28 | 3. You open an issue to discuss any significant work - we would hate for your time to be wasted. 29 | 30 | To send us a pull request, please: 31 | 32 | 1. Fork the repository. 33 | 2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. 34 | 3. Ensure local tests pass. 35 | 4. Commit to your fork using clear commit messages. 36 | 5. Send us a pull request, answering any default questions in the pull request interface. 37 | 6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. 38 | 39 | GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and 40 | [creating a pull request](https://help.github.com/articles/creating-a-pull-request/). 41 | 42 | 43 | ## Finding contributions to work on 44 | Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start. 45 | 46 | 47 | ## Code of Conduct 48 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 49 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 50 | opensource-codeofconduct@amazon.com with any additional questions or comments. 51 | 52 | 53 | ## Security issue notifications 54 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. 55 | 56 | 57 | ## Licensing 58 | 59 | See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. 60 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | SPDX-License-Identifier: MIT-0 3 | 4 | Permission is hereby granted, free of charge, to any person obtaining a copy of this 5 | software and associated documentation files (the "Software"), to deal in the Software 6 | without restriction, including without limitation the rights to use, copy, modify, 7 | merge, publish, distribute, sublicense, and/or sell copies of the Software, and to 8 | permit persons to whom the Software is furnished to do so. 9 | 10 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 11 | INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 12 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 13 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 14 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 15 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 16 | -------------------------------------------------------------------------------- /NOTICE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/NOTICE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Protecting a Lambda Function URL with Amazon CloudFront and Lambda@Edge 2 | 3 | This repository is provided in support to an AWS blog post: [Protecting a Lambda Function URL with Amazon CloudFront and Lambda@Edge](https://aws.amazon.com/blogs/compute/protecting-an-aws-lambda-function-url-with-amazon-cloudfront-and-lambdaedge/) 4 | 5 | ## Overview 6 | 7 | ### Architecture 8 | 9 | The solution is based on the following architecture: 10 | 11 | ![Architecture](assets/archi.png) 12 | 13 | More details can be found in the blog post. 14 | 15 | ### Structure of the solution 16 | 17 | This repository contains 3 main components, available in the src folder: 18 | - The frontend, a single page web application built with React and CloudScape. 19 | - The AWS Lambda functions code. The application is a simple CRUD around books. 20 | - The infrastructure code, provided as AWS CDK. 21 | 22 | ## Pre-requisites 23 | 24 | To deploy this solution you need the following pre-requisites: 25 | 26 | - An AWS Account. 27 | - The AWS Command Line Interface (CLI) installed and configured for use. Refer this link to install the CLI. https://aws.amazon.com/cli/ 28 | 29 | The user profile used to implement this reference solution should have enough privileges to create the following resources: 30 | - IAM roles and policies 31 | - Lambda function and function url 32 | - Cloudfront Distribution & Lambda@Edge function 33 | - Systems Manager parameters 34 | 35 | - Node JS is installed ( pre-requisite to install AWS CDK ). Download Node JS from here: https://nodejs.org/en/download/ 36 | 37 | - The AWS CDK V2 is installed. Refer this link to install AWS CDK V2: https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html#getting_started_install 38 | 39 | - If you've never deployed a solution with CDK, the AWS account must be bootstrapped (more info here: https://docs.aws.amazon.com/cdk/v2/guide/bootstrapping.html). 40 | Execute the following command to create the necessary AWS resources (S3 bucket, IAM role/s, etc...) that CDK will use to provision AWS resources for the solution. 41 | Replace ACCOUNT-NUMBER and REGION with your account and region where you wish to deploy the solution: 42 | ```shell 43 | $ cdk bootstrap aws://ACCOUNT-NUMBER/REGION 44 | ``` 45 | 46 | ## Deployment 47 | 1. Clone the current repository 48 | 2. Execute the following commands: 49 | 50 | ```shell 51 | $ cd lambda-function-url-lambda-edge 52 | $ npm install 53 | $ cdk deploy --all 54 | ``` 55 | 56 | Note: the deployment can take up to 15 minutes to finish 57 | 58 | 3. Once the deployment is successful, you should have several URLs in the output of CDK: 59 | ![CDK output](assets/output_cdk.png) 60 | 4. You can test the deployed solution by using the frontend. URL is available in the `FrontendURL` in CDK outputs. 61 | 62 | ## Clean-up 63 | To remove the deployed resources from your AWS account: 64 | 1. You must first remove the replicas of the Lambda@Edge function. Refer to https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-edge-delete-replicas.html 65 | 2. Execute the following command: 66 | ```shell 67 | $ cdk destroy --all 68 | ``` 69 | 70 | ## License 71 | See [License](LICENSE) of the project. -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | ## Reporting a Vulnerability 4 | 5 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security 6 | via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. 7 | 8 | Please do **not** create a public GitHub issue. -------------------------------------------------------------------------------- /SUPPORT.md: -------------------------------------------------------------------------------- 1 | If you are having trouble running this sample, make sure you have a recent version of terraform and npm and read the 2 | [requirements](README.md#-requirements) carefully. 3 | 4 | If you find a bug, please submit it to our issue tracker and label it as a bug. -------------------------------------------------------------------------------- /assets/archi.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/assets/archi.png -------------------------------------------------------------------------------- /assets/output_cdk.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/assets/output_cdk.png -------------------------------------------------------------------------------- /cdk.json: -------------------------------------------------------------------------------- 1 | { 2 | "app": "npx ts-node --prefer-ts-exts src/infra/BookApp.ts", 3 | "watch": { 4 | "include": [ 5 | "**" 6 | ], 7 | "exclude": [ 8 | "README.md", 9 | "cdk*.json", 10 | "**/*.d.ts", 11 | "**/*.js", 12 | "tsconfig.json", 13 | "package*.json", 14 | "yarn.lock", 15 | "node_modules", 16 | "test" 17 | ] 18 | }, 19 | "context": { 20 | "@aws-cdk/aws-lambda:recognizeLayerVersion": true, 21 | "@aws-cdk/core:checkSecretUsage": true, 22 | "@aws-cdk/core:target-partitions": [ 23 | "aws", 24 | "aws-cn" 25 | ], 26 | "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true, 27 | "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true, 28 | "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true, 29 | "@aws-cdk/aws-iam:minimizePolicies": true, 30 | "@aws-cdk/core:validateSnapshotRemovalPolicy": true, 31 | "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true, 32 | "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true, 33 | "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true, 34 | "@aws-cdk/aws-apigateway:disableCloudWatchRole": true, 35 | "@aws-cdk/core:enablePartitionLiterals": true, 36 | "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true, 37 | "@aws-cdk/aws-iam:standardizedServicePrincipals": true, 38 | "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true, 39 | "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true, 40 | "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true, 41 | "@aws-cdk/aws-route53-patters:useCertificate": true, 42 | "@aws-cdk/customresources:installLatestAwsSdkDefault": false, 43 | "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true, 44 | "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true, 45 | "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true, 46 | "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true, 47 | "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true, 48 | "@aws-cdk/aws-redshift:columnId": true 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /jest.config.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | module.exports = { 6 | testEnvironment: 'node', 7 | roots: ['/test'], 8 | testMatch: ['**/*.test.ts'], 9 | transform: { 10 | '^.+\\.tsx?$': 'ts-jest' 11 | } 12 | }; 13 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "book", 3 | "version": "0.1.0", 4 | "bin": { 5 | "book": "src/infra/BooApp.js" 6 | }, 7 | "scripts": { 8 | "build": "tsc", 9 | "watch": "tsc -w", 10 | "test": "jest", 11 | "cdk": "cdk" 12 | }, 13 | "devDependencies": { 14 | "@aws-solutions-constructs/aws-cloudfront-s3": "^2.39.0", 15 | "@types/aws-lambda": "^8.10.115", 16 | "@types/fs-extra": "^11.0.1", 17 | "@types/node": "18.16.14", 18 | "aws-cdk": "2.92.0", 19 | "cdk-nag": "^2.27.18", 20 | "fs-extra": "^11.1.0", 21 | "ts-node": "^10.9.1", 22 | "typescript": "~4.9.5" 23 | }, 24 | "dependencies": { 25 | "@aws-crypto/sha256-js": "^4.0.0", 26 | "@aws-sdk/client-dynamodb": "^3.374.0", 27 | "@aws-sdk/credential-provider-node": "^3.374.0", 28 | "@aws-sdk/credential-providers": "^3.503.1", 29 | "@aws-sdk/protocol-http": "^3.374.0", 30 | "@aws-sdk/signature-v4": "^3.374.0", 31 | "@aws-sdk/util-dynamodb": "^3.374.0", 32 | "aws-cdk-lib": "2.92.0", 33 | "aws-sdk": "^2.1383.0", 34 | "constructs": "^10.2.69", 35 | "source-map-support": "^0.5.21" 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /src/front/.eslintrc.json: -------------------------------------------------------------------------------- 1 | // ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | { 3 | "env": { 4 | "jest": true, 5 | "node": true 6 | }, 7 | "root": true, 8 | "plugins": [ 9 | "@typescript-eslint", 10 | "import" 11 | ], 12 | "parser": "@typescript-eslint/parser", 13 | "parserOptions": { 14 | "ecmaVersion": 2018, 15 | "sourceType": "module", 16 | "project": "./tsconfig.dev.json" 17 | }, 18 | "extends": [ 19 | "plugin:import/typescript" 20 | ], 21 | "settings": { 22 | "import/parsers": { 23 | "@typescript-eslint/parser": [ 24 | ".ts", 25 | ".tsx" 26 | ] 27 | }, 28 | "import/resolver": { 29 | "node": {}, 30 | "typescript": { 31 | "project": "./tsconfig.dev.json", 32 | "alwaysTryTypes": true 33 | } 34 | } 35 | }, 36 | "ignorePatterns": [ 37 | "*.js", 38 | "*.d.ts", 39 | "node_modules/", 40 | "*.generated.ts", 41 | "coverage", 42 | "!.projenrc.js" 43 | ], 44 | "rules": { 45 | "indent": [ 46 | "off" 47 | ], 48 | "@typescript-eslint/indent": [ 49 | "error", 50 | 2 51 | ], 52 | "quotes": [ 53 | "error", 54 | "single", 55 | { 56 | "avoidEscape": true 57 | } 58 | ], 59 | "comma-dangle": [ 60 | "error", 61 | "always-multiline" 62 | ], 63 | "comma-spacing": [ 64 | "error", 65 | { 66 | "before": false, 67 | "after": true 68 | } 69 | ], 70 | "no-multi-spaces": [ 71 | "error", 72 | { 73 | "ignoreEOLComments": false 74 | } 75 | ], 76 | "array-bracket-spacing": [ 77 | "error", 78 | "never" 79 | ], 80 | "array-bracket-newline": [ 81 | "error", 82 | "consistent" 83 | ], 84 | "object-curly-spacing": [ 85 | "error", 86 | "always" 87 | ], 88 | "object-curly-newline": [ 89 | "error", 90 | { 91 | "multiline": true, 92 | "consistent": true 93 | } 94 | ], 95 | "object-property-newline": [ 96 | "error", 97 | { 98 | "allowAllPropertiesOnSameLine": true 99 | } 100 | ], 101 | "keyword-spacing": [ 102 | "error" 103 | ], 104 | "brace-style": [ 105 | "error", 106 | "1tbs", 107 | { 108 | "allowSingleLine": true 109 | } 110 | ], 111 | "space-before-blocks": [ 112 | "error" 113 | ], 114 | "curly": [ 115 | "error", 116 | "multi-line", 117 | "consistent" 118 | ], 119 | "@typescript-eslint/member-delimiter-style": [ 120 | "error" 121 | ], 122 | "semi": [ 123 | "error", 124 | "always" 125 | ], 126 | "max-len": [ 127 | "error", 128 | { 129 | "code": 150, 130 | "ignoreUrls": true, 131 | "ignoreStrings": true, 132 | "ignoreTemplateLiterals": true, 133 | "ignoreComments": true, 134 | "ignoreRegExpLiterals": true 135 | } 136 | ], 137 | "quote-props": [ 138 | "error", 139 | "consistent-as-needed" 140 | ], 141 | "@typescript-eslint/no-require-imports": [ 142 | "error" 143 | ], 144 | "import/no-extraneous-dependencies": [ 145 | "error", 146 | { 147 | "devDependencies": [ 148 | "**/src/**/*.test.tsx", 149 | "**/src/setupTests.ts" 150 | ], 151 | "optionalDependencies": false, 152 | "peerDependencies": true 153 | } 154 | ], 155 | "import/no-unresolved": [ 156 | "error" 157 | ], 158 | "import/order": [ 159 | "warn", 160 | { 161 | "groups": [ 162 | "builtin", 163 | "external" 164 | ], 165 | "alphabetize": { 166 | "order": "asc", 167 | "caseInsensitive": true 168 | } 169 | } 170 | ], 171 | "no-duplicate-imports": [ 172 | "error" 173 | ], 174 | "no-shadow": [ 175 | "off" 176 | ], 177 | "@typescript-eslint/no-shadow": [ 178 | "error" 179 | ], 180 | "key-spacing": [ 181 | "error" 182 | ], 183 | "no-multiple-empty-lines": [ 184 | "error" 185 | ], 186 | "@typescript-eslint/no-floating-promises": [ 187 | "error" 188 | ], 189 | "no-return-await": [ 190 | "off" 191 | ], 192 | "@typescript-eslint/return-await": [ 193 | "error" 194 | ], 195 | "no-trailing-spaces": [ 196 | "error" 197 | ], 198 | "dot-notation": [ 199 | "error" 200 | ], 201 | "no-bitwise": [ 202 | "error" 203 | ], 204 | "@typescript-eslint/member-ordering": [ 205 | "error", 206 | { 207 | "default": [ 208 | "public-static-field", 209 | "public-static-method", 210 | "protected-static-field", 211 | "protected-static-method", 212 | "private-static-field", 213 | "private-static-method", 214 | "field", 215 | "constructor", 216 | "method" 217 | ] 218 | } 219 | ] 220 | }, 221 | "overrides": [ 222 | { 223 | "files": [ 224 | ".projenrc.js" 225 | ], 226 | "rules": { 227 | "@typescript-eslint/no-require-imports": "off", 228 | "import/no-extraneous-dependencies": "off" 229 | } 230 | } 231 | ] 232 | } 233 | -------------------------------------------------------------------------------- /src/front/.gitattributes: -------------------------------------------------------------------------------- 1 | # ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | 3 | /.eslintrc.json linguist-generated 4 | /.gitattributes linguist-generated 5 | /.github/pull_request_template.md linguist-generated 6 | /.github/workflows/build.yml linguist-generated 7 | /.github/workflows/pull-request-lint.yml linguist-generated 8 | /.github/workflows/upgrade.yml linguist-generated 9 | /.gitignore linguist-generated 10 | /.mergify.yml linguist-generated 11 | /.npmignore linguist-generated 12 | /.npmrc linguist-generated 13 | /.projen/** linguist-generated 14 | /.projen/deps.json linguist-generated 15 | /.projen/files.json linguist-generated 16 | /.projen/tasks.json linguist-generated 17 | /LICENSE linguist-generated 18 | /package.json linguist-generated 19 | /tsconfig.dev.json linguist-generated 20 | /tsconfig.json linguist-generated 21 | /yarn.lock linguist-generated -------------------------------------------------------------------------------- /src/front/.gitignore: -------------------------------------------------------------------------------- 1 | # ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | !/.gitattributes 3 | !/.projen/tasks.json 4 | !/.projen/deps.json 5 | !/.projen/files.json 6 | !/.github/workflows/pull-request-lint.yml 7 | !/package.json 8 | !/LICENSE 9 | !/.npmignore 10 | logs 11 | *.log 12 | npm-debug.log* 13 | yarn-debug.log* 14 | yarn-error.log* 15 | lerna-debug.log* 16 | report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json 17 | pids 18 | *.pid 19 | *.seed 20 | *.pid.lock 21 | lib-cov 22 | coverage 23 | *.lcov 24 | .nyc_output 25 | build/Release 26 | node_modules/ 27 | jspm_packages/ 28 | *.tsbuildinfo 29 | .eslintcache 30 | *.tgz 31 | .yarn-integrity 32 | .cache 33 | !/.projenrc.js 34 | !/.github/workflows/build.yml 35 | !/.mergify.yml 36 | !/.github/workflows/upgrade.yml 37 | !/.github/pull_request_template.md 38 | !/.npmrc 39 | !/test/ 40 | !/tsconfig.json 41 | !/tsconfig.dev.json 42 | !/src/ 43 | /lib 44 | /dist/ 45 | !/.eslintrc.json 46 | /build/ 47 | -------------------------------------------------------------------------------- /src/front/.mergify.yml: -------------------------------------------------------------------------------- 1 | # ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | 3 | queue_rules: 4 | - name: default 5 | update_method: merge 6 | conditions: 7 | - "#approved-reviews-by>=1" 8 | - -label~=(do-not-merge) 9 | - status-success=build 10 | pull_request_rules: 11 | - name: Automatic merge on approval and successful build 12 | actions: 13 | delete_head_branch: {} 14 | queue: 15 | method: squash 16 | name: default 17 | commit_message_template: |- 18 | {{ title }} (#{{ number }}) 19 | 20 | {{ body }} 21 | conditions: 22 | - "#approved-reviews-by>=1" 23 | - -label~=(do-not-merge) 24 | - status-success=build 25 | -------------------------------------------------------------------------------- /src/front/.npmignore: -------------------------------------------------------------------------------- 1 | # ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | /.projen/ 3 | permissions-backup.acl 4 | /.mergify.yml 5 | /test/ 6 | /tsconfig.dev.json 7 | /src/ 8 | !/lib/ 9 | !/lib/**/*.js 10 | !/lib/**/*.d.ts 11 | dist 12 | /tsconfig.json 13 | /.github/ 14 | /.vscode/ 15 | /.idea/ 16 | /.projenrc.js 17 | tsconfig.tsbuildinfo 18 | /.eslintrc.json 19 | /build/ 20 | -------------------------------------------------------------------------------- /src/front/.projen/deps.json: -------------------------------------------------------------------------------- 1 | { 2 | "dependencies": [ 3 | { 4 | "name": "@testing-library/jest-dom", 5 | "type": "build" 6 | }, 7 | { 8 | "name": "@testing-library/react", 9 | "type": "build" 10 | }, 11 | { 12 | "name": "@testing-library/user-event", 13 | "type": "build" 14 | }, 15 | { 16 | "name": "@types/jest", 17 | "type": "build" 18 | }, 19 | { 20 | "name": "@types/node", 21 | "version": "^16", 22 | "type": "build" 23 | }, 24 | { 25 | "name": "@types/react", 26 | "type": "build" 27 | }, 28 | { 29 | "name": "@types/react-dom", 30 | "type": "build" 31 | }, 32 | { 33 | "name": "@typescript-eslint/eslint-plugin", 34 | "version": "^5", 35 | "type": "build" 36 | }, 37 | { 38 | "name": "@typescript-eslint/parser", 39 | "version": "^5", 40 | "type": "build" 41 | }, 42 | { 43 | "name": "eslint-import-resolver-node", 44 | "type": "build" 45 | }, 46 | { 47 | "name": "eslint-import-resolver-typescript", 48 | "type": "build" 49 | }, 50 | { 51 | "name": "eslint-plugin-import", 52 | "type": "build" 53 | }, 54 | { 55 | "name": "eslint", 56 | "version": "^8", 57 | "type": "build" 58 | }, 59 | { 60 | "name": "npm-check-updates", 61 | "version": "^16", 62 | "type": "build" 63 | }, 64 | { 65 | "name": "projen", 66 | "type": "build" 67 | }, 68 | { 69 | "name": "typescript", 70 | "version": "^4.0.3", 71 | "type": "build" 72 | }, 73 | { 74 | "name": "@types/express-serve-static-core", 75 | "version": "4.17.30", 76 | "type": "override" 77 | }, 78 | { 79 | "name": "@types/express", 80 | "version": "4.17.13", 81 | "type": "override" 82 | }, 83 | { 84 | "name": "@cloudscape-design/collection-hooks", 85 | "type": "runtime" 86 | }, 87 | { 88 | "name": "@cloudscape-design/components", 89 | "type": "runtime" 90 | }, 91 | { 92 | "name": "@cloudscape-design/global-styles", 93 | "type": "runtime" 94 | }, 95 | { 96 | "name": "react", 97 | "type": "runtime" 98 | }, 99 | { 100 | "name": "react-dom", 101 | "type": "runtime" 102 | }, 103 | { 104 | "name": "react-intl", 105 | "type": "runtime" 106 | }, 107 | { 108 | "name": "react-router-dom", 109 | "type": "runtime" 110 | }, 111 | { 112 | "name": "react-scripts", 113 | "version": "^5", 114 | "type": "runtime" 115 | }, 116 | { 117 | "name": "web-vitals", 118 | "type": "runtime" 119 | } 120 | ], 121 | "//": "~~ Generated by projen. To modify, edit .projenrc.js and run \"npx projen\"." 122 | } 123 | -------------------------------------------------------------------------------- /src/front/.projen/files.json: -------------------------------------------------------------------------------- 1 | { 2 | "files": [ 3 | ".eslintrc.json", 4 | ".gitattributes", 5 | ".github/pull_request_template.md", 6 | ".github/workflows/build.yml", 7 | ".github/workflows/pull-request-lint.yml", 8 | ".github/workflows/upgrade.yml", 9 | ".gitignore", 10 | ".mergify.yml", 11 | ".npmignore", 12 | ".npmrc", 13 | ".projen/deps.json", 14 | ".projen/files.json", 15 | ".projen/tasks.json", 16 | "LICENSE", 17 | "tsconfig.dev.json", 18 | "tsconfig.json" 19 | ], 20 | "//": "~~ Generated by projen. To modify, edit .projenrc.js and run \"npx projen\"." 21 | } 22 | -------------------------------------------------------------------------------- /src/front/.projen/tasks.json: -------------------------------------------------------------------------------- 1 | { 2 | "tasks": { 3 | "build": { 4 | "name": "build", 5 | "description": "Full release build", 6 | "steps": [ 7 | { 8 | "spawn": "default" 9 | }, 10 | { 11 | "spawn": "pre-compile" 12 | }, 13 | { 14 | "spawn": "compile" 15 | }, 16 | { 17 | "spawn": "post-compile" 18 | }, 19 | { 20 | "spawn": "test" 21 | }, 22 | { 23 | "spawn": "package" 24 | } 25 | ] 26 | }, 27 | "clobber": { 28 | "name": "clobber", 29 | "description": "hard resets to HEAD of origin and cleans the local repo", 30 | "env": { 31 | "BRANCH": "$(git branch --show-current)" 32 | }, 33 | "steps": [ 34 | { 35 | "exec": "git checkout -b scratch", 36 | "name": "save current HEAD in \"scratch\" branch" 37 | }, 38 | { 39 | "exec": "git checkout $BRANCH" 40 | }, 41 | { 42 | "exec": "git fetch origin", 43 | "name": "fetch latest changes from origin" 44 | }, 45 | { 46 | "exec": "git reset --hard origin/$BRANCH", 47 | "name": "hard reset to origin commit" 48 | }, 49 | { 50 | "exec": "git clean -fdx", 51 | "name": "clean all untracked files" 52 | }, 53 | { 54 | "say": "ready to rock! (unpushed commits are under the \"scratch\" branch)" 55 | } 56 | ], 57 | "condition": "git diff --exit-code > /dev/null" 58 | }, 59 | "compile": { 60 | "name": "compile", 61 | "description": "Only compile", 62 | "steps": [ 63 | { 64 | "exec": "react-scripts build" 65 | } 66 | ] 67 | }, 68 | "default": { 69 | "name": "default", 70 | "description": "Synthesize project files", 71 | "steps": [ 72 | { 73 | "exec": "node .projenrc.js" 74 | } 75 | ] 76 | }, 77 | "dev": { 78 | "name": "dev", 79 | "description": "Starts the react application", 80 | "steps": [ 81 | { 82 | "exec": "react-scripts start" 83 | } 84 | ] 85 | }, 86 | "eject": { 87 | "name": "eject", 88 | "description": "Remove projen from the project", 89 | "env": { 90 | "PROJEN_EJECTING": "true" 91 | }, 92 | "steps": [ 93 | { 94 | "spawn": "default" 95 | } 96 | ] 97 | }, 98 | "eslint": { 99 | "name": "eslint", 100 | "description": "Runs eslint against the codebase", 101 | "steps": [ 102 | { 103 | "exec": "eslint --ext .ts,.tsx --fix --no-error-on-unmatched-pattern src test build-tools .projenrc.js" 104 | } 105 | ] 106 | }, 107 | "install": { 108 | "name": "install", 109 | "description": "Install project dependencies and update lockfile (non-frozen)", 110 | "steps": [ 111 | { 112 | "exec": "yarn install --check-files" 113 | } 114 | ] 115 | }, 116 | "install:ci": { 117 | "name": "install:ci", 118 | "description": "Install project dependencies using frozen lockfile", 119 | "steps": [ 120 | { 121 | "exec": "yarn install --check-files --frozen-lockfile" 122 | } 123 | ] 124 | }, 125 | "package": { 126 | "name": "package", 127 | "description": "Creates the distribution package" 128 | }, 129 | "post-compile": { 130 | "name": "post-compile", 131 | "description": "Runs after successful compilation" 132 | }, 133 | "post-upgrade": { 134 | "name": "post-upgrade", 135 | "description": "Runs after upgrading dependencies" 136 | }, 137 | "pre-compile": { 138 | "name": "pre-compile", 139 | "description": "Prepare the project for compilation" 140 | }, 141 | "test": { 142 | "name": "test", 143 | "description": "Run tests", 144 | "steps": [ 145 | { 146 | "spawn": "eslint" 147 | }, 148 | { 149 | "exec": "react-scripts test --watchAll=false" 150 | } 151 | ] 152 | }, 153 | "upgrade": { 154 | "name": "upgrade", 155 | "description": "upgrade dependencies", 156 | "env": { 157 | "CI": "0" 158 | }, 159 | "steps": [ 160 | { 161 | "exec": "yarn upgrade npm-check-updates" 162 | }, 163 | { 164 | "exec": "npm-check-updates --dep dev --upgrade --target=minor" 165 | }, 166 | { 167 | "exec": "npm-check-updates --dep optional --upgrade --target=minor" 168 | }, 169 | { 170 | "exec": "npm-check-updates --dep peer --upgrade --target=minor" 171 | }, 172 | { 173 | "exec": "npm-check-updates --dep prod --upgrade --target=minor" 174 | }, 175 | { 176 | "exec": "npm-check-updates --dep bundle --upgrade --target=minor" 177 | }, 178 | { 179 | "exec": "yarn install --check-files" 180 | }, 181 | { 182 | "exec": "yarn upgrade" 183 | }, 184 | { 185 | "exec": "npx projen" 186 | }, 187 | { 188 | "spawn": "post-upgrade" 189 | } 190 | ] 191 | }, 192 | "watch": { 193 | "name": "watch", 194 | "description": "Watch & compile in the background", 195 | "steps": [ 196 | { 197 | "exec": "tsc --build -w" 198 | } 199 | ] 200 | } 201 | }, 202 | "env": { 203 | "PATH": "$(npx -c \"node -e \\\"console.log(process.env.PATH)\\\"\")" 204 | }, 205 | "//": "~~ Generated by projen. To modify, edit .projenrc.js and run \"npx projen\"." 206 | } 207 | -------------------------------------------------------------------------------- /src/front/.projenrc.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | const { web } = require('projen'); 6 | const project = new web.ReactTypeScriptProject({ 7 | defaultReleaseBranch: 'main', 8 | name: 'front', 9 | deps: [ 10 | '@cloudscape-design/collection-hooks', 11 | '@cloudscape-design/components', 12 | '@cloudscape-design/global-styles', 13 | 'react-router-dom', 14 | 'react-intl', 15 | ], 16 | // description: undefined, /* The description is just a string that helps people understand the purpose of the package. */ 17 | // devDeps: [], /* Build dependencies for this module. */ 18 | // packageName: undefined, /* The "name" in package.json. */ 19 | }); 20 | project.synth(); -------------------------------------------------------------------------------- /src/front/LICENSE: -------------------------------------------------------------------------------- 1 | 2 | Apache License 3 | Version 2.0, January 2004 4 | http://www.apache.org/licenses/ 5 | 6 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 7 | 8 | 1. Definitions. 9 | 10 | "License" shall mean the terms and conditions for use, reproduction, 11 | and distribution as defined by Sections 1 through 9 of this document. 12 | 13 | "Licensor" shall mean the copyright owner or entity authorized by 14 | the copyright owner that is granting the License. 15 | 16 | "Legal Entity" shall mean the union of the acting entity and all 17 | other entities that control, are controlled by, or are under common 18 | control with that entity. For the purposes of this definition, 19 | "control" means (i) the power, direct or indirect, to cause the 20 | direction or management of such entity, whether by contract or 21 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 22 | outstanding shares, or (iii) beneficial ownership of such entity. 23 | 24 | "You" (or "Your") shall mean an individual or Legal Entity 25 | exercising permissions granted by this License. 26 | 27 | "Source" form shall mean the preferred form for making modifications, 28 | including but not limited to software source code, documentation 29 | source, and configuration files. 30 | 31 | "Object" form shall mean any form resulting from mechanical 32 | transformation or translation of a Source form, including but 33 | not limited to compiled object code, generated documentation, 34 | and conversions to other media types. 35 | 36 | "Work" shall mean the work of authorship, whether in Source or 37 | Object form, made available under the License, as indicated by a 38 | copyright notice that is included in or attached to the work 39 | (an example is provided in the Appendix below). 40 | 41 | "Derivative Works" shall mean any work, whether in Source or Object 42 | form, that is based on (or derived from) the Work and for which the 43 | editorial revisions, annotations, elaborations, or other modifications 44 | represent, as a whole, an original work of authorship. For the purposes 45 | of this License, Derivative Works shall not include works that remain 46 | separable from, or merely link (or bind by name) to the interfaces of, 47 | the Work and Derivative Works thereof. 48 | 49 | "Contribution" shall mean any work of authorship, including 50 | the original version of the Work and any modifications or additions 51 | to that Work or Derivative Works thereof, that is intentionally 52 | submitted to Licensor for inclusion in the Work by the copyright owner 53 | or by an individual or Legal Entity authorized to submit on behalf of 54 | the copyright owner. For the purposes of this definition, "submitted" 55 | means any form of electronic, verbal, or written communication sent 56 | to the Licensor or its representatives, including but not limited to 57 | communication on electronic mailing lists, source code control systems, 58 | and issue tracking systems that are managed by, or on behalf of, the 59 | Licensor for the purpose of discussing and improving the Work, but 60 | excluding communication that is conspicuously marked or otherwise 61 | designated in writing by the copyright owner as "Not a Contribution." 62 | 63 | "Contributor" shall mean Licensor and any individual or Legal Entity 64 | on behalf of whom a Contribution has been received by Licensor and 65 | subsequently incorporated within the Work. 66 | 67 | 2. Grant of Copyright License. Subject to the terms and conditions of 68 | this License, each Contributor hereby grants to You a perpetual, 69 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 70 | copyright license to reproduce, prepare Derivative Works of, 71 | publicly display, publicly perform, sublicense, and distribute the 72 | Work and such Derivative Works in Source or Object form. 73 | 74 | 3. Grant of Patent License. Subject to the terms and conditions of 75 | this License, each Contributor hereby grants to You a perpetual, 76 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 77 | (except as stated in this section) patent license to make, have made, 78 | use, offer to sell, sell, import, and otherwise transfer the Work, 79 | where such license applies only to those patent claims licensable 80 | by such Contributor that are necessarily infringed by their 81 | Contribution(s) alone or by combination of their Contribution(s) 82 | with the Work to which such Contribution(s) was submitted. If You 83 | institute patent litigation against any entity (including a 84 | cross-claim or counterclaim in a lawsuit) alleging that the Work 85 | or a Contribution incorporated within the Work constitutes direct 86 | or contributory patent infringement, then any patent licenses 87 | granted to You under this License for that Work shall terminate 88 | as of the date such litigation is filed. 89 | 90 | 4. Redistribution. You may reproduce and distribute copies of the 91 | Work or Derivative Works thereof in any medium, with or without 92 | modifications, and in Source or Object form, provided that You 93 | meet the following conditions: 94 | 95 | (a) You must give any other recipients of the Work or 96 | Derivative Works a copy of this License; and 97 | 98 | (b) You must cause any modified files to carry prominent notices 99 | stating that You changed the files; and 100 | 101 | (c) You must retain, in the Source form of any Derivative Works 102 | that You distribute, all copyright, patent, trademark, and 103 | attribution notices from the Source form of the Work, 104 | excluding those notices that do not pertain to any part of 105 | the Derivative Works; and 106 | 107 | (d) If the Work includes a "NOTICE" text file as part of its 108 | distribution, then any Derivative Works that You distribute must 109 | include a readable copy of the attribution notices contained 110 | within such NOTICE file, excluding those notices that do not 111 | pertain to any part of the Derivative Works, in at least one 112 | of the following places: within a NOTICE text file distributed 113 | as part of the Derivative Works; within the Source form or 114 | documentation, if provided along with the Derivative Works; or, 115 | within a display generated by the Derivative Works, if and 116 | wherever such third-party notices normally appear. The contents 117 | of the NOTICE file are for informational purposes only and 118 | do not modify the License. You may add Your own attribution 119 | notices within Derivative Works that You distribute, alongside 120 | or as an addendum to the NOTICE text from the Work, provided 121 | that such additional attribution notices cannot be construed 122 | as modifying the License. 123 | 124 | You may add Your own copyright statement to Your modifications and 125 | may provide additional or different license terms and conditions 126 | for use, reproduction, or distribution of Your modifications, or 127 | for any such Derivative Works as a whole, provided Your use, 128 | reproduction, and distribution of the Work otherwise complies with 129 | the conditions stated in this License. 130 | 131 | 5. Submission of Contributions. Unless You explicitly state otherwise, 132 | any Contribution intentionally submitted for inclusion in the Work 133 | by You to the Licensor shall be under the terms and conditions of 134 | this License, without any additional terms or conditions. 135 | Notwithstanding the above, nothing herein shall supersede or modify 136 | the terms of any separate license agreement you may have executed 137 | with Licensor regarding such Contributions. 138 | 139 | 6. Trademarks. This License does not grant permission to use the trade 140 | names, trademarks, service marks, or product names of the Licensor, 141 | except as required for reasonable and customary use in describing the 142 | origin of the Work and reproducing the content of the NOTICE file. 143 | 144 | 7. Disclaimer of Warranty. Unless required by applicable law or 145 | agreed to in writing, Licensor provides the Work (and each 146 | Contributor provides its Contributions) on an "AS IS" BASIS, 147 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 148 | implied, including, without limitation, any warranties or conditions 149 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 150 | PARTICULAR PURPOSE. You are solely responsible for determining the 151 | appropriateness of using or redistributing the Work and assume any 152 | risks associated with Your exercise of permissions under this License. 153 | 154 | 8. Limitation of Liability. In no event and under no legal theory, 155 | whether in tort (including negligence), contract, or otherwise, 156 | unless required by applicable law (such as deliberate and grossly 157 | negligent acts) or agreed to in writing, shall any Contributor be 158 | liable to You for damages, including any direct, indirect, special, 159 | incidental, or consequential damages of any character arising as a 160 | result of this License or out of the use or inability to use the 161 | Work (including but not limited to damages for loss of goodwill, 162 | work stoppage, computer failure or malfunction, or any and all 163 | other commercial damages or losses), even if such Contributor 164 | has been advised of the possibility of such damages. 165 | 166 | 9. Accepting Warranty or Additional Liability. While redistributing 167 | the Work or Derivative Works thereof, You may choose to offer, 168 | and charge a fee for, acceptance of support, warranty, indemnity, 169 | or other liability obligations and/or rights consistent with this 170 | License. However, in accepting such obligations, You may act only 171 | on Your own behalf and on Your sole responsibility, not on behalf 172 | of any other Contributor, and only if You agree to indemnify, 173 | defend, and hold each Contributor harmless for any liability 174 | incurred by, or claims asserted against, such Contributor by reason 175 | of your accepting any such warranty or additional liability. 176 | 177 | END OF TERMS AND CONDITIONS 178 | 179 | APPENDIX: How to apply the Apache License to your work. 180 | 181 | To apply the Apache License to your work, attach the following 182 | boilerplate notice, with the fields enclosed by brackets "[]" 183 | replaced with your own identifying information. (Don't include 184 | the brackets!) The text should be enclosed in the appropriate 185 | comment syntax for the file format. We also recommend that a 186 | file or class name and description of purpose be included on the 187 | same "printed page" as the copyright notice for easier 188 | identification within third-party archives. 189 | 190 | Copyright [yyyy] [name of copyright owner] 191 | 192 | Licensed under the Apache License, Version 2.0 (the "License"); 193 | you may not use this file except in compliance with the License. 194 | You may obtain a copy of the License at 195 | 196 | http://www.apache.org/licenses/LICENSE-2.0 197 | 198 | Unless required by applicable law or agreed to in writing, software 199 | distributed under the License is distributed on an "AS IS" BASIS, 200 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 201 | See the License for the specific language governing permissions and 202 | limitations under the License. 203 | -------------------------------------------------------------------------------- /src/front/README.md: -------------------------------------------------------------------------------- 1 | # Frontend of the solution 2 | Please refer to the main [README](/README.md) for the details of the solution. 3 | 4 | This sub folder only contains the frontend of the application. It is a web application developed with React and Cloudscape and based on projen. 5 | 6 | ## Useful commands 7 | ```shell 8 | npm install # to install the dependencies 9 | npm run build # to build the application (typescript) 10 | npm run dev # to run the frontend locally (you must update the paths to the function URLs) 11 | ``` 12 | 13 | ## License 14 | See [License](/LICENSE) of the project. -------------------------------------------------------------------------------- /src/front/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "front", 3 | "scripts": { 4 | "build": "npx projen build", 5 | "clobber": "npx projen clobber", 6 | "compile": "npx projen compile", 7 | "default": "npx projen default", 8 | "dev": "npx projen dev", 9 | "eject": "npx projen eject", 10 | "eslint": "npx projen eslint", 11 | "package": "npx projen package", 12 | "post-compile": "npx projen post-compile", 13 | "post-upgrade": "npx projen post-upgrade", 14 | "pre-compile": "npx projen pre-compile", 15 | "test": "npx projen test", 16 | "upgrade": "npx projen upgrade", 17 | "watch": "npx projen watch", 18 | "projen": "npx projen" 19 | }, 20 | "devDependencies": { 21 | "@testing-library/jest-dom": "^5.16.5", 22 | "@testing-library/react": "^14.0.0", 23 | "@testing-library/user-event": "^14.4.3", 24 | "@types/jest": "^29.4.0", 25 | "@types/node": "^16", 26 | "@types/react": "^18.0.28", 27 | "@types/react-dom": "^18.0.11", 28 | "@typescript-eslint/eslint-plugin": "^5", 29 | "@typescript-eslint/parser": "^5", 30 | "eslint": "^8", 31 | "eslint-import-resolver-node": "^0.3.7", 32 | "eslint-import-resolver-typescript": "^3.5.3", 33 | "eslint-plugin-import": "^2.27.5", 34 | "npm-check-updates": "^16", 35 | "projen": "^0.71.71", 36 | "typescript": "^4.0.3" 37 | }, 38 | "dependencies": { 39 | "@cloudscape-design/collection-hooks": "^1.0.19", 40 | "@cloudscape-design/components": "^3.0.225", 41 | "@cloudscape-design/global-styles": "^1.0.7", 42 | "react": "^18.2.0", 43 | "react-dom": "^18.2.0", 44 | "react-intl": "^6.3.2", 45 | "react-router-dom": "^6.9.0", 46 | "react-scripts": "^5", 47 | "web-vitals": "^3.3.0" 48 | }, 49 | "resolutions": { 50 | "express": "4.19.2", 51 | "follow-redirects": "1.15.6", 52 | "postcss":"8.4.39", 53 | "ejs": "3.1.10", 54 | "tar": "7.4.0", 55 | "ws": "7.5.10", 56 | "braces": "3.0.3", 57 | "@types/express-serve-static-core": "4.17.30", 58 | "@types/express": "4.17.13", 59 | "nth-check": "2.1.1", 60 | "uuid": "9.0.1" 61 | }, 62 | "license": "Apache-2.0", 63 | "version": "0.0.0", 64 | "eslintConfig": { 65 | "extends": [ 66 | "react-app", 67 | "react-app/jest" 68 | ] 69 | }, 70 | "browserslist": { 71 | "production": [ 72 | ">0.2%", 73 | "not dead", 74 | "not op_mini all" 75 | ], 76 | "development": [ 77 | "last 1 chrome version", 78 | "last 1 firefox version", 79 | "last 1 safari version" 80 | ] 81 | }, 82 | "//": "~~ Generated by projen. To modify, edit .projenrc.js and run \"npx projen\"." 83 | } 84 | -------------------------------------------------------------------------------- /src/front/public/403.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Error 403 5 | 6 | 7 | 403 8 | 9 | -------------------------------------------------------------------------------- /src/front/public/android-icon-144x144.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/android-icon-144x144.png -------------------------------------------------------------------------------- /src/front/public/android-icon-192x192.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/android-icon-192x192.png -------------------------------------------------------------------------------- /src/front/public/android-icon-36x36.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/android-icon-36x36.png -------------------------------------------------------------------------------- /src/front/public/android-icon-48x48.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/android-icon-48x48.png -------------------------------------------------------------------------------- /src/front/public/android-icon-72x72.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/android-icon-72x72.png -------------------------------------------------------------------------------- /src/front/public/android-icon-96x96.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/android-icon-96x96.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-114x114.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-114x114.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-120x120.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-120x120.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-144x144.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-144x144.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-152x152.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-152x152.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-180x180.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-180x180.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-57x57.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-57x57.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-60x60.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-60x60.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-72x72.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-72x72.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-76x76.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-76x76.png -------------------------------------------------------------------------------- /src/front/public/apple-icon-precomposed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon-precomposed.png -------------------------------------------------------------------------------- /src/front/public/apple-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/apple-icon.png -------------------------------------------------------------------------------- /src/front/public/browserconfig.xml: -------------------------------------------------------------------------------- 1 | 2 | #ffffff -------------------------------------------------------------------------------- /src/front/public/favicon-16x16.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/favicon-16x16.png -------------------------------------------------------------------------------- /src/front/public/favicon-32x32.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/favicon-32x32.png -------------------------------------------------------------------------------- /src/front/public/favicon-96x96.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/favicon-96x96.png -------------------------------------------------------------------------------- /src/front/public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/favicon.ico -------------------------------------------------------------------------------- /src/front/public/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 29 | 30 | Books 31 | 32 | 33 | 34 |
35 | 36 | 37 | -------------------------------------------------------------------------------- /src/front/public/manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "App", 3 | "icons": [ 4 | { 5 | "src": "\/android-icon-36x36.png", 6 | "sizes": "36x36", 7 | "type": "image\/png", 8 | "density": "0.75" 9 | }, 10 | { 11 | "src": "\/android-icon-48x48.png", 12 | "sizes": "48x48", 13 | "type": "image\/png", 14 | "density": "1.0" 15 | }, 16 | { 17 | "src": "\/android-icon-72x72.png", 18 | "sizes": "72x72", 19 | "type": "image\/png", 20 | "density": "1.5" 21 | }, 22 | { 23 | "src": "\/android-icon-96x96.png", 24 | "sizes": "96x96", 25 | "type": "image\/png", 26 | "density": "2.0" 27 | }, 28 | { 29 | "src": "\/android-icon-144x144.png", 30 | "sizes": "144x144", 31 | "type": "image\/png", 32 | "density": "3.0" 33 | }, 34 | { 35 | "src": "\/android-icon-192x192.png", 36 | "sizes": "192x192", 37 | "type": "image\/png", 38 | "density": "4.0" 39 | } 40 | ] 41 | } -------------------------------------------------------------------------------- /src/front/public/ms-icon-144x144.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/ms-icon-144x144.png -------------------------------------------------------------------------------- /src/front/public/ms-icon-150x150.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/ms-icon-150x150.png -------------------------------------------------------------------------------- /src/front/public/ms-icon-310x310.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/ms-icon-310x310.png -------------------------------------------------------------------------------- /src/front/public/ms-icon-70x70.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/aws-lambda-function-url-secured/40eb7fed7d02edbb3f3f0ff2d969ed2ff73f8d6c/src/front/public/ms-icon-70x70.png -------------------------------------------------------------------------------- /src/front/public/robots.txt: -------------------------------------------------------------------------------- 1 | # https://www.robotstxt.org/robotstxt.html 2 | User-agent: * 3 | Disallow: 4 | -------------------------------------------------------------------------------- /src/front/src/App.css: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | .App { 6 | text-align: center; 7 | } 8 | 9 | .App-logo { 10 | height: 40vmin; 11 | pointer-events: none; 12 | } 13 | 14 | @media (prefers-reduced-motion: no-preference) { 15 | .App-logo { 16 | animation: App-logo-spin infinite 20s linear; 17 | } 18 | } 19 | 20 | .App-header { 21 | background-color: #282c34; 22 | min-height: 100vh; 23 | display: flex; 24 | flex-direction: column; 25 | align-items: center; 26 | justify-content: center; 27 | font-size: calc(10px + 2vmin); 28 | color: white; 29 | } 30 | 31 | .App-link { 32 | color: #61dafb; 33 | } 34 | 35 | @keyframes App-logo-spin { 36 | from { 37 | transform: rotate(0deg); 38 | } 39 | to { 40 | transform: rotate(360deg); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /src/front/src/App.tsx: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import AppLayout, { AppLayoutProps } from '@cloudscape-design/components/app-layout'; 6 | import React, { createContext, useCallback, useState } from 'react'; 7 | import { Route, Routes } from 'react-router-dom'; 8 | import NavHeader from './NavHeader'; 9 | import PageBooks from './PageBooks'; 10 | import PageEditBook from './PageEditBook'; 11 | 12 | 13 | /** 14 | * Context for updating/retrieving the AppLayout. 15 | */ 16 | export const AppLayoutContext = createContext({ 17 | appLayoutProps: {}, 18 | setAppLayoutProps: (_: AppLayoutProps) => { 19 | }, 20 | }); 21 | 22 | /** 23 | * Defines the App layout and contains logic for routing. 24 | */ 25 | const App: React.FC = () => { 26 | const [appLayoutProps, setAppLayoutProps] = useState({}); 27 | 28 | const setAppLayoutPropsSafe = useCallback( 29 | (props: AppLayoutProps) => { 30 | JSON.stringify(appLayoutProps) !== JSON.stringify(props) && setAppLayoutProps(props); 31 | }, 32 | [appLayoutProps], 33 | ); 34 | 35 | return ( 36 | <> 37 | 38 | 43 | 44 | {/* Define all your routes here */} 45 | }/> 46 | }/> 47 | }/> 48 | }/> 49 | 50 | 51 | } 52 | {...appLayoutProps} 53 | /> 54 | 55 | ); 56 | }; 57 | 58 | export default App; 59 | -------------------------------------------------------------------------------- /src/front/src/Book.ts: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | export interface Book { 6 | id?: string; 7 | author?: string; 8 | name?: string; 9 | releaseDate?: string; 10 | } -------------------------------------------------------------------------------- /src/front/src/NavHeader.tsx: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import { TopNavigation } from '@cloudscape-design/components'; 6 | import React from 'react'; 7 | 8 | /** 9 | * Defines the Navigation Header 10 | */ 11 | const NavHeader: React.FC = () => { 12 | 13 | return ( 14 | 19 | ); 20 | }; 21 | 22 | export default NavHeader; 23 | -------------------------------------------------------------------------------- /src/front/src/PageBooks.tsx: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import { useCollection } from '@cloudscape-design/collection-hooks'; 6 | import { Button, Header, Pagination, SpaceBetween, Table } from '@cloudscape-design/components'; 7 | import React, { useContext, useEffect, useState } from 'react'; 8 | import { useNavigate } from 'react-router-dom'; 9 | import { AppLayoutContext } from './App'; 10 | import { Book } from './Book'; 11 | 12 | const PAGINATION_ARIA = { 13 | nextPageLabel: 'Next page', 14 | previousPageLabel: 'Previous page', 15 | pageLabel: (pageNumber: any) => `Page ${pageNumber} of all pages`, 16 | }; 17 | const PageBooks: React.FC = () => { 18 | 19 | const navigate = useNavigate(); 20 | const { setAppLayoutProps } = useContext(AppLayoutContext); 21 | const [books, setBooks] = useState(); 22 | const [selectedBook, setSelectedBook] = useState(); 23 | const [isLoading, setIsLoading] = useState(true); 24 | 25 | const { 26 | items, 27 | collectionProps, 28 | paginationProps, 29 | } = useCollection(books || [], { 30 | pagination: { pageSize: 20 }, 31 | selection: {}, 32 | }); 33 | 34 | useEffect(() => { 35 | setAppLayoutProps({ 36 | contentType: 'table', 37 | contentHeader:
, 38 | }); 39 | }, [setAppLayoutProps]); 40 | 41 | async function loadBooks() { 42 | try { 43 | const response = await fetch( 44 | '/getBooks', 45 | ); 46 | const body = await response.json(); 47 | console.log(JSON.stringify(body)); 48 | setBooks(body); 49 | } finally { 50 | setIsLoading(false); 51 | } 52 | } 53 | 54 | useEffect(() => { 55 | void (async () => { 56 | await loadBooks(); 57 | })(); 58 | }, []); 59 | 60 | useEffect(() => { 61 | void (async () => { 62 | if (collectionProps.selectedItems && collectionProps.selectedItems.length > 0) { 63 | setSelectedBook(collectionProps.selectedItems[0]); 64 | } else { 65 | setSelectedBook(undefined); 66 | } 67 | })(); 68 | }, [collectionProps.selectedItems]); 69 | 70 | async function deleteBook() { 71 | try { 72 | await fetch(`/deleteBook/${selectedBook?.id}`, { 73 | method: 'DELETE', 74 | }); 75 | await loadBooks(); 76 | } catch (e) { 77 | console.log(e); 78 | } 79 | } 80 | 81 | return ( 82 | 87 | } 88 | columnDefinitions={[ 89 | { 90 | id: 'name', 91 | header: 'Name', 92 | cell: (item) => item.name, 93 | }, 94 | { 95 | id: 'author', 96 | header: 'Author', 97 | cell: (item) => item.author, 98 | }, 99 | { 100 | id: 'date', 101 | header: 'Release Date', 102 | cell: (item) => item.releaseDate ? new Date(item.releaseDate).toLocaleDateString() : '', 103 | }, 104 | ]} 105 | selectionType="single" 106 | loading={isLoading} 107 | header={
112 |
} 127 | empty={ 94 | 95 | 96 | } 97 | > 98 | 99 | 100 | 101 | setBook({ ...book, name: e.detail.value })}/> 103 | 104 | 105 | setBook({ ...book, author: e.detail.value })}/> 107 | 108 | 109 | setBook({ ...book, releaseDate: e.detail.value })}/> 113 | 114 | 115 | 116 | 117 | 118 | ); 119 | }; 120 | 121 | export default PageEditBook; -------------------------------------------------------------------------------- /src/front/src/index.css: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | body { 6 | margin: 0; 7 | font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen', 8 | 'Ubuntu', 'Cantarell', 'Fira Sans', 'Droid Sans', 'Helvetica Neue', 9 | sans-serif; 10 | -webkit-font-smoothing: antialiased; 11 | -moz-osx-font-smoothing: grayscale; 12 | } 13 | 14 | code { 15 | font-family: source-code-pro, Menlo, Monaco, Consolas, 'Courier New', 16 | monospace; 17 | } 18 | -------------------------------------------------------------------------------- /src/front/src/index.tsx: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import './index.css'; 6 | import { createRoot } from 'react-dom/client'; 7 | import { IntlProvider } from 'react-intl'; 8 | import { BrowserRouter } from 'react-router-dom'; 9 | import App from './App'; 10 | import reportWebVitals from './reportWebVitals'; 11 | 12 | const container = document.getElementById('root'); 13 | const root = createRoot(container!); 14 | root.render( 15 | 16 | 17 | 18 | 19 | , 20 | ); 21 | 22 | // If you want to start measuring performance in your app, pass a function 23 | // to log results (for example: reportWebVitals(console.log)) 24 | // or send to an analytics endpoint. Learn more: https://bit.ly/CRA-vitals 25 | reportWebVitals(); 26 | -------------------------------------------------------------------------------- /src/front/src/reportWebVitals.ts: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import { ReportHandler } from 'web-vitals'; 6 | 7 | const reportWebVitals = (onPerfEntry?: ReportHandler) => { 8 | if (onPerfEntry && onPerfEntry instanceof Function) { 9 | import('web-vitals').then( 10 | ({ getCLS, getFID, getFCP, getLCP, getTTFB }) => { 11 | getCLS(onPerfEntry); 12 | getFID(onPerfEntry); 13 | getFCP(onPerfEntry); 14 | getLCP(onPerfEntry); 15 | getTTFB(onPerfEntry); 16 | }, 17 | () => { 18 | }, 19 | ); 20 | } 21 | }; 22 | 23 | export default reportWebVitals; -------------------------------------------------------------------------------- /src/front/src/test/PageBooks.test.js: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | it('test', () => { 6 | 7 | }); -------------------------------------------------------------------------------- /src/front/tsconfig.dev.json: -------------------------------------------------------------------------------- 1 | // ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | { 3 | "compilerOptions": { 4 | "alwaysStrict": true, 5 | "declaration": true, 6 | "esModuleInterop": true, 7 | "experimentalDecorators": true, 8 | "inlineSourceMap": true, 9 | "inlineSources": true, 10 | "lib": [ 11 | "dom", 12 | "dom.iterable", 13 | "esnext" 14 | ], 15 | "module": "commonjs", 16 | "noEmitOnError": false, 17 | "noFallthroughCasesInSwitch": true, 18 | "noImplicitAny": true, 19 | "noImplicitReturns": true, 20 | "noImplicitThis": true, 21 | "noUnusedLocals": true, 22 | "noUnusedParameters": true, 23 | "resolveJsonModule": true, 24 | "strict": true, 25 | "strictNullChecks": true, 26 | "strictPropertyInitialization": true, 27 | "stripInternal": true, 28 | "target": "es5", 29 | "allowJs": true, 30 | "skipLibCheck": true, 31 | "allowSyntheticDefaultImports": true, 32 | "forceConsistentCasingInFileNames": true, 33 | "moduleResolution": "node", 34 | "isolatedModules": true, 35 | "noEmit": true, 36 | "jsx": "react-jsx" 37 | }, 38 | "include": [ 39 | ".projenrc.js", 40 | "src/**/*.ts", 41 | "test/**/*.ts", 42 | "src" 43 | ], 44 | "exclude": [ 45 | "node_modules" 46 | ] 47 | } 48 | -------------------------------------------------------------------------------- /src/front/tsconfig.json: -------------------------------------------------------------------------------- 1 | // ~~ Generated by projen. To modify, edit .projenrc.js and run "npx projen". 2 | { 3 | "compilerOptions": { 4 | "rootDir": "src", 5 | "outDir": "lib", 6 | "alwaysStrict": true, 7 | "declaration": true, 8 | "esModuleInterop": true, 9 | "experimentalDecorators": true, 10 | "inlineSourceMap": true, 11 | "inlineSources": true, 12 | "lib": [ 13 | "dom", 14 | "dom.iterable", 15 | "esnext" 16 | ], 17 | "module": "commonjs", 18 | "noEmitOnError": false, 19 | "noFallthroughCasesInSwitch": true, 20 | "noImplicitAny": true, 21 | "noImplicitReturns": true, 22 | "noImplicitThis": true, 23 | "noUnusedLocals": true, 24 | "noUnusedParameters": true, 25 | "resolveJsonModule": true, 26 | "strict": true, 27 | "strictNullChecks": true, 28 | "strictPropertyInitialization": true, 29 | "stripInternal": true, 30 | "target": "es5", 31 | "allowJs": true, 32 | "skipLibCheck": true, 33 | "allowSyntheticDefaultImports": true, 34 | "forceConsistentCasingInFileNames": true, 35 | "moduleResolution": "node", 36 | "isolatedModules": true, 37 | "noEmit": true, 38 | "jsx": "react-jsx" 39 | }, 40 | "include": [ 41 | "src/**/*.ts", 42 | "src" 43 | ], 44 | "exclude": [] 45 | } 46 | -------------------------------------------------------------------------------- /src/functions/auth/auth.mjs: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import { SignatureV4 } from '@aws-sdk/signature-v4'; 6 | import { fromNodeProviderChain } from '@aws-sdk/credential-providers'; 7 | import { HttpRequest } from "@aws-sdk/protocol-http"; 8 | const { createHash, createHmac } = await import('node:crypto'); 9 | 10 | function Sha256(secret) { 11 | return secret ? createHmac('sha256', secret) : createHash('sha256'); 12 | } 13 | 14 | const credentialProvider = fromNodeProviderChain(); 15 | const credentials = await credentialProvider(); 16 | 17 | export const handler = async(event) => { 18 | 19 | const request = event.Records[0].cf.request; 20 | console.info("request=" + JSON.stringify(request)); 21 | 22 | let headers = request.headers; 23 | 24 | // remove the x-forwarded-for from the signature 25 | delete headers['x-forwarded-for']; 26 | 27 | if (!request.origin.hasOwnProperty('custom')) 28 | throw("Unexpected origin type. Expected 'custom'. Got: " + JSON.stringify(request.origin)); 29 | 30 | // remove the "behaviour" path from the uri to send to Lambda 31 | // ex: /updateBook/1234 => /1234 32 | let uri = request.uri.substring(1); 33 | let urisplit = uri.split('/'); 34 | urisplit.shift(); // remove the first part (getBooks, createBook, ...) 35 | uri = '/' + urisplit.join('/'); 36 | request.uri = uri; 37 | 38 | const hostname = request.headers['host'][0].value; 39 | const region = hostname.split(".")[2]; 40 | const path = uri + (request.querystring ? '?'+ request.querystring : ''); 41 | 42 | // build the request to sign 43 | const req = new HttpRequest({ 44 | hostname, 45 | path, 46 | body: (request.body && request.body.data) ? Buffer.from(request.body.data, request.body.encoding) : undefined, 47 | method: request.method, 48 | }); 49 | for (const header of Object.values(headers)) { 50 | req.headers[header[0].key] = header[0].value; 51 | } 52 | console.debug(JSON.stringify(req)); 53 | 54 | // sign the request with Signature V4 and the credentials of the edge function itself 55 | // the edge function must have lambda:InvokeFunctionUrl permission for the target URL 56 | const signer = new SignatureV4({ 57 | credentials, 58 | region, 59 | service: 'lambda', 60 | sha256: Sha256, 61 | }); 62 | 63 | const signedRequest = await signer.sign(req); 64 | console.debug(JSON.stringify(signedRequest)); 65 | 66 | // reformat the headers for CloudFront 67 | for (const header in signedRequest.headers){ 68 | request.headers[header.toLowerCase()] = [{ 69 | key: header, 70 | value: signedRequest.headers[header].toString(), 71 | }]; 72 | } 73 | console.info("signed request=" + JSON.stringify(request)); 74 | return request; 75 | } 76 | -------------------------------------------------------------------------------- /src/functions/books/books.ts: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import {APIGatewayProxyEventV2, APIGatewayProxyHandlerV2} from "aws-lambda"; 6 | import { 7 | DeleteItemCommand, 8 | DynamoDBClient, 9 | GetItemCommand, 10 | PutItemCommand, 11 | QueryCommand, 12 | QueryInput, 13 | ScanCommand, 14 | ScanInput, 15 | UpdateItemCommand, 16 | } from '@aws-sdk/client-dynamodb'; 17 | import {randomUUID} from "crypto"; 18 | 19 | const {marshall, unmarshall} = require("@aws-sdk/util-dynamodb"); 20 | 21 | export interface Book { 22 | id?: string; 23 | author: string; 24 | name: string; 25 | releaseDate: Date; 26 | } 27 | 28 | const tableName = process.env.TABLE_NAME!; 29 | const ddbClient = new DynamoDBClient({ 30 | region: process.env.AWS_REGION 31 | }) 32 | 33 | // Return a successful JSON response 34 | function success(body: any) { 35 | return { 36 | statusCode: 200, 37 | body: JSON.stringify(body), 38 | } 39 | } 40 | 41 | // Returns a failed response 42 | function error(statusCode: number, message: string) { 43 | return { 44 | statusCode: statusCode, 45 | body: JSON.stringify({message: message}), 46 | } 47 | } 48 | 49 | /** 50 | * Get one book by id 51 | */ 52 | const getBook = async function (bookId: string): Promise { 53 | const bookResult = await ddbClient.send(new GetItemCommand({ 54 | TableName: tableName, 55 | Key: { 56 | "id": marshall(bookId) 57 | } 58 | })); 59 | if (bookResult.Item) { 60 | return unmarshall(bookResult.Item); 61 | } 62 | return undefined; 63 | } 64 | 65 | /** 66 | * Fetches all books for the given author 67 | * @param author 68 | */ 69 | const getBooksFromAuthor = async function (author: string): Promise { 70 | const query: QueryInput = { 71 | TableName: tableName, 72 | IndexName: 'author', 73 | KeyConditionExpression: "author = :author", 74 | ExpressionAttributeValues: { 75 | ":author": {S: author}, 76 | }, 77 | } 78 | 79 | const booksResult = await ddbClient.send(new QueryCommand(query)); 80 | 81 | const books: Book[] = []; 82 | if (booksResult.Items) { 83 | booksResult.Items.forEach((book) => books.push(unmarshall(book))); 84 | } 85 | 86 | return books; 87 | } 88 | 89 | const getAllBooks = async function (): Promise { 90 | const query: ScanInput = { 91 | TableName: tableName, 92 | // TODO: add limit 93 | } 94 | 95 | const booksResult = await ddbClient.send(new ScanCommand(query)); 96 | 97 | const books: Book[] = []; 98 | if (booksResult.Items) { 99 | booksResult.Items.forEach((book) => books.push(unmarshall(book))); 100 | } 101 | 102 | return books; 103 | } 104 | 105 | /** 106 | * Creates a new book. 107 | * @param book the book to insert 108 | * @return the book with the generated id 109 | */ 110 | const createBook = async function (book: Book): Promise { 111 | const newBook = { 112 | ...book, 113 | id: randomUUID(), 114 | } 115 | 116 | await ddbClient.send(new PutItemCommand({ 117 | TableName: tableName, 118 | Item: marshall(newBook) 119 | })); 120 | 121 | return newBook; 122 | } 123 | 124 | /** 125 | * Deletes a book 126 | * @param bookId 127 | */ 128 | const deleteBook = async function (bookId: string): Promise { 129 | try { 130 | await ddbClient.send(new DeleteItemCommand({ 131 | TableName: tableName, 132 | Key: { 133 | "id": marshall(bookId) 134 | } 135 | })); 136 | } catch (e) { 137 | console.error(e); 138 | return false; 139 | } 140 | 141 | return true; 142 | } 143 | 144 | /** 145 | * Update the book information 146 | * @param book 147 | */ 148 | const updateBook = async function (book: Book): Promise { 149 | await ddbClient.send(new UpdateItemCommand({ 150 | TableName: tableName, 151 | Key: { 152 | "id": marshall(book.id) 153 | }, 154 | UpdateExpression: "set #name=:name, #author=:author, #releaseDate=:releaseDate", 155 | ExpressionAttributeNames: { 156 | "#name": "name", 157 | "#author": "author", 158 | "#releaseDate": "releaseDate" 159 | }, 160 | ExpressionAttributeValues: { 161 | ":name": marshall(book.name), 162 | ":author": marshall(book.author), 163 | ":releaseDate": marshall(book.releaseDate) 164 | } 165 | })); 166 | 167 | return book; 168 | } 169 | 170 | export const getBookHandler: APIGatewayProxyHandlerV2 = async (event: APIGatewayProxyEventV2) => { 171 | console.log(JSON.stringify(event)); 172 | const bookId = event.rawPath.substring(1); 173 | let book = await getBook(bookId); 174 | if (book) 175 | return success(book); 176 | else 177 | return error(404, `Book ${bookId} not found`); 178 | } 179 | 180 | export const getBooksHandler: APIGatewayProxyHandlerV2 = async (event: APIGatewayProxyEventV2) => { 181 | console.log(JSON.stringify(event)); 182 | const author = event.queryStringParameters ? event.queryStringParameters.author : undefined; 183 | let books: Book[]; 184 | if (author) { 185 | books = await getBooksFromAuthor(author); 186 | } else { 187 | books = await getAllBooks(); 188 | } 189 | return success(books); 190 | } 191 | 192 | export const createBookHandler: APIGatewayProxyHandlerV2 = async (event: APIGatewayProxyEventV2) => { 193 | console.log(JSON.stringify(event)); 194 | let book: Book = JSON.parse(event.body!); 195 | book = await createBook(book); 196 | return success(book) 197 | } 198 | 199 | export const deleteBookHandler: APIGatewayProxyHandlerV2 = async (event: APIGatewayProxyEventV2) => { 200 | console.log(JSON.stringify(event)); 201 | // CORS preflight (only for PUT and DELETE that are not "simple" methods) 202 | if (event.requestContext.http.method == 'OPTIONS') { 203 | return { 204 | statusCode: 204, 205 | headers: { 206 | "Access-Control-Allow-Methods": "DELETE" 207 | } 208 | } 209 | } 210 | const bookId = event.rawPath.substring(1); 211 | if (await deleteBook(bookId)) { 212 | return success({}) 213 | } else { 214 | return error(400, "Couldn't delete") 215 | } 216 | } 217 | 218 | export const updateBookHandler: APIGatewayProxyHandlerV2 = async (event: APIGatewayProxyEventV2) => { 219 | console.log(JSON.stringify(event)); 220 | // CORS preflight (only for PUT and DELETE that are not "simple" methods) 221 | if (event.requestContext.http.method == 'OPTIONS') { 222 | return { 223 | statusCode: 204, 224 | headers: { 225 | "Access-Control-Allow-Methods": "PUT" 226 | } 227 | } 228 | } 229 | const bookId = event.rawPath.substring(1); 230 | const book: Book = JSON.parse(event.body!); 231 | 232 | // Sanity check 233 | if (bookId !== book.id) { 234 | return error(400, "Two different book IDs given!") 235 | } 236 | 237 | const updatedBook = await updateBook(book); 238 | 239 | return success(updatedBook); 240 | } 241 | -------------------------------------------------------------------------------- /src/infra/BackendStack.ts: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import { CfnOutput, Duration, Names, NestedStack, NestedStackProps, RemovalPolicy } from "aws-cdk-lib"; 6 | import {Construct} from "constructs"; 7 | import {NodejsFunction, NodejsFunctionProps} from "aws-cdk-lib/aws-lambda-nodejs"; 8 | import {FunctionUrl, FunctionUrlAuthType, HttpMethod, Runtime, Tracing} from "aws-cdk-lib/aws-lambda"; 9 | import * as path from "path"; 10 | import {AttributeType, BillingMode, Table} from "aws-cdk-lib/aws-dynamodb"; 11 | import {AwsCustomResource, AwsCustomResourcePolicy, PhysicalResourceId} from "aws-cdk-lib/custom-resources"; 12 | 13 | export class BackendStack extends NestedStack { 14 | 15 | public readonly getBooksUrl: FunctionUrl; 16 | public readonly createBookUrl: FunctionUrl; 17 | public readonly updateBookUrl: FunctionUrl; 18 | public readonly deleteBookUrl: FunctionUrl; 19 | public readonly getBookUrl: FunctionUrl; 20 | 21 | constructor(scope: Construct, id: string, props?: NestedStackProps) { 22 | super(scope, id, props); 23 | 24 | const bookTable = this.initializeBookTable(); 25 | 26 | const functionConfiguration: NodejsFunctionProps = { 27 | runtime: Runtime.NODEJS_18_X, 28 | memorySize: 512, 29 | timeout: Duration.seconds(30), 30 | entry: path.join(__dirname, '../functions/books/books.ts'), 31 | tracing: Tracing.ACTIVE, 32 | environment: { 33 | TABLE_NAME: bookTable.tableName 34 | }, 35 | bundling: { 36 | // minify: true, 37 | target: 'es2020', 38 | }, 39 | } 40 | this.getBookUrl = this.initializeGetBookFunction(functionConfiguration, bookTable); 41 | this.getBooksUrl = this.initializeGetBooksFunction(functionConfiguration, bookTable); 42 | this.createBookUrl = this.initializeCreateBookFunction(functionConfiguration, bookTable); 43 | this.updateBookUrl = this.initializeUpdateBookFunction(functionConfiguration, bookTable); 44 | this.deleteBookUrl = this.initializeDeleteBookFunction(functionConfiguration, bookTable); 45 | } 46 | 47 | private initializeBookTable(): Table { 48 | const bookTable = new Table(this, 'BooksTable', { 49 | billingMode: BillingMode.PAY_PER_REQUEST, 50 | partitionKey: { 51 | type: AttributeType.STRING, 52 | name: 'id' 53 | }, 54 | removalPolicy: RemovalPolicy.DESTROY, 55 | pointInTimeRecovery: true 56 | }); 57 | bookTable.addGlobalSecondaryIndex({ 58 | indexName: 'author', 59 | partitionKey: { 60 | type: AttributeType.STRING, 61 | name: 'author' 62 | }, 63 | sortKey: { 64 | type: AttributeType.STRING, 65 | name: 'id' 66 | } 67 | }); 68 | return bookTable; 69 | } 70 | 71 | /** 72 | * 73 | * @param functionConfiguration 74 | * @param bookTable 75 | * @private 76 | */ 77 | private initializeGetBookFunction(functionConfiguration: NodejsFunctionProps, bookTable: Table): FunctionUrl { 78 | const getBookFunction = new NodejsFunction(this, 'GetBookFunction', { 79 | ...functionConfiguration, 80 | handler: 'getBookHandler', 81 | description: 'Retrieve a book with its id', 82 | }); 83 | 84 | bookTable.grantReadData(getBookFunction); 85 | 86 | const getBookUrl = getBookFunction.addFunctionUrl({ 87 | authType: FunctionUrlAuthType.AWS_IAM, 88 | cors: { 89 | allowedOrigins: ['*'], 90 | allowedMethods: [HttpMethod.GET], 91 | allowedHeaders: ['*'], 92 | allowCredentials: true, 93 | } 94 | }); 95 | this.outputUrl(getBookUrl, 'GetBook'); 96 | 97 | return getBookUrl; 98 | } 99 | 100 | /** 101 | * 102 | * @param functionConfiguration 103 | * @param bookTable 104 | * @private 105 | */ 106 | private initializeGetBooksFunction(functionConfiguration: NodejsFunctionProps, bookTable: Table): FunctionUrl { 107 | const getBooksFunction = new NodejsFunction(this, 'GetBooksFunction', { 108 | ...functionConfiguration, 109 | handler: 'getBooksHandler', 110 | description: 'Retrieve all books from an author', 111 | }); 112 | 113 | bookTable.grantReadData(getBooksFunction); 114 | 115 | const getBooksUrl = getBooksFunction.addFunctionUrl({ 116 | authType: FunctionUrlAuthType.AWS_IAM, 117 | cors: { 118 | allowedOrigins: ['*'], 119 | allowedMethods: [HttpMethod.GET], 120 | allowedHeaders: ['*'], 121 | allowCredentials: true, 122 | } 123 | }); 124 | 125 | this.outputUrl(getBooksUrl, 'GetBooks'); 126 | 127 | return getBooksUrl; 128 | } 129 | 130 | /** 131 | * 132 | * @param functionConfiguration 133 | * @param bookTable 134 | * @private 135 | */ 136 | private initializeCreateBookFunction(functionConfiguration: NodejsFunctionProps, bookTable: Table): FunctionUrl { 137 | const createBookFunction = new NodejsFunction(this, 'CreateBookFunction', { 138 | ...functionConfiguration, 139 | handler: 'createBookHandler', 140 | description: 'Create a new book', 141 | }); 142 | 143 | bookTable.grantWriteData(createBookFunction); 144 | 145 | const createBookUrl = createBookFunction.addFunctionUrl({ 146 | authType: FunctionUrlAuthType.AWS_IAM, 147 | cors: { 148 | allowedOrigins: ['*'], 149 | allowedMethods: [HttpMethod.POST], 150 | allowedHeaders: ['*'], 151 | maxAge: Duration.seconds(0), 152 | allowCredentials: true, 153 | } 154 | }); 155 | 156 | this.outputUrl(createBookUrl, 'CreateBook'); 157 | 158 | return createBookUrl; 159 | } 160 | 161 | /** 162 | * 163 | * @param functionConfiguration 164 | * @param bookTable 165 | * @private 166 | */ 167 | private initializeUpdateBookFunction(functionConfiguration: NodejsFunctionProps, bookTable: Table): FunctionUrl { 168 | const updateBookFunction = new NodejsFunction(this, 'UpdateBookFunction', { 169 | ...functionConfiguration, 170 | handler: 'updateBookHandler', 171 | description: 'Update an existing book', 172 | }); 173 | 174 | bookTable.grantWriteData(updateBookFunction); 175 | 176 | const updateBookUrl = updateBookFunction.addFunctionUrl({ 177 | authType: FunctionUrlAuthType.AWS_IAM, 178 | cors: { 179 | allowedOrigins: ['*'], 180 | allowedMethods: [HttpMethod.PUT], 181 | allowedHeaders: ['*'], 182 | maxAge: Duration.seconds(0), 183 | allowCredentials: true, 184 | } 185 | }); 186 | 187 | this.outputUrl(updateBookUrl, 'UpdateBook'); 188 | 189 | return updateBookUrl; 190 | } 191 | 192 | /** 193 | * 194 | * @param functionConfiguration 195 | * @param bookTable 196 | * @private 197 | */ 198 | private initializeDeleteBookFunction(functionConfiguration: NodejsFunctionProps, bookTable: Table): FunctionUrl { 199 | const deleteBookFunction = new NodejsFunction(this, 'DeleteBookFunction', { 200 | ...functionConfiguration, 201 | handler: 'deleteBookHandler', 202 | description: 'Delete a book', 203 | }); 204 | 205 | bookTable.grantWriteData(deleteBookFunction); 206 | 207 | const deleteBookUrl = deleteBookFunction.addFunctionUrl({ 208 | authType: FunctionUrlAuthType.AWS_IAM, 209 | cors: { 210 | allowedOrigins: ['*'], 211 | allowedMethods: [HttpMethod.DELETE], 212 | allowedHeaders: ['*'], 213 | maxAge: Duration.seconds(0), 214 | allowCredentials: true, 215 | } 216 | }); 217 | 218 | this.outputUrl(deleteBookUrl, 'DeleteBook'); 219 | 220 | return deleteBookUrl; 221 | } 222 | 223 | private outputUrl(functionUrl: FunctionUrl, name: string) { 224 | new CfnOutput(this, name, { 225 | value: functionUrl.url, 226 | description: name 227 | }); 228 | 229 | this.writeParameter(`/books/${name}Url`, functionUrl.url, `URL for ${name} function`); 230 | this.writeParameter(`/books/${name}Arn`, functionUrl.functionArn, `ARN for ${name} function`); 231 | } 232 | 233 | /** 234 | * Using custom resource to be able to write to us-east-1 235 | * @param parameter 236 | * @param value 237 | * @param description 238 | * @private 239 | */ 240 | private writeParameter(parameter: string, value: string, description: string) { 241 | new AwsCustomResource(this, parameter.replace('/', ''), { 242 | onUpdate: { 243 | service: "SSM", 244 | action: "putParameter", 245 | parameters: { 246 | Name: parameter, 247 | Value: value, 248 | Type: 'String', 249 | Description: description, 250 | Overwrite: true 251 | }, 252 | region: 'us-east-1', // will be needed by frontend (deployed in us-east-1) 253 | physicalResourceId: PhysicalResourceId.of(`parameter-${Date.now().toString()}`) 254 | }, 255 | policy: AwsCustomResourcePolicy.fromSdkCalls({ 256 | resources: [`arn:aws:ssm:us-east-1:${this.account}:parameter${parameter}`] 257 | }), 258 | functionName: 'WriteParameter-' + Names.uniqueResourceName(this, {}), 259 | installLatestAwsSdk: false 260 | }); 261 | } 262 | } -------------------------------------------------------------------------------- /src/infra/BookApp.ts: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env node 2 | /** 3 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 | * SPDX-License-Identifier: MIT-0 5 | */ 6 | import 'source-map-support/register'; 7 | import {App, Aspects} from 'aws-cdk-lib'; 8 | import {BookStack} from './BookStack'; 9 | import {AwsSolutionsChecks, NagSuppressions} from 'cdk-nag'; 10 | 11 | const app = new App(); 12 | 13 | const bookStack = new BookStack(app, 'BookStack'); 14 | 15 | Aspects.of(app).add(new AwsSolutionsChecks()); 16 | 17 | NagSuppressions.addStackSuppressions(bookStack, [ 18 | {id: 'AwsSolutions-IAM4', appliesTo:['Policy::arn::iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'], reason: 'default AWSLambdaBasicExecutionRole'} 19 | ], true); 20 | 21 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/frontend/AuthFunctionAtEdge/Fn/Resource', 22 | [{ id: 'AwsSolutions-L1', reason: 'Lambda function is using javascript sdk v2, and nodejs 16 is faster than 18, which is important for edge function' }] 23 | ); 24 | 25 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/frontend/FrontendDistribution/Resource', 26 | [{ id: 'AwsSolutions-CFR4', reason: 'The sample does not come with a certificate, documented that the user should use a custom certificate' }] 27 | ); 28 | 29 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/frontend/Custom::CDKBucketDeployment8693BB64968944B69AAFB0CC9EB8756C1024MiB', 30 | [ 31 | { id: 'AwsSolutions-IAM5', reason: 'L3 construct with policies limited to the bucket only'}, 32 | { id: 'AwsSolutions-L1', reason: 'No control on the runtime of the function created in this L3 construct'} 33 | ], true 34 | ); 35 | 36 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/backend/GetBookFunction/ServiceRole/DefaultPolicy/Resource', 37 | [ 38 | { id: 'AwsSolutions-IAM5', reason: 'Resource:* is for X-Ray, otherwise the function has readonly on a specific bucket ddb table: bookTable.grantReadData(getBookFunction)'} 39 | ] 40 | ); 41 | 42 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/backend/GetBooksFunction/ServiceRole/DefaultPolicy/Resource', 43 | [ 44 | { id: 'AwsSolutions-IAM5', reason: 'Resource:* is for X-Ray, otherwise the function has readonly on a specific bucket ddb table: bookTable.grantReadData(getBooksFunction)'} 45 | ] 46 | ); 47 | 48 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/backend/CreateBookFunction/ServiceRole/DefaultPolicy/Resource', 49 | [ 50 | { id: 'AwsSolutions-IAM5', reason: 'Resource:* is for X-Ray, otherwise the function has write access on a specific bucket ddb table: bookTable.grantWriteData(createBookFunction)'} 51 | ] 52 | ); 53 | 54 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/backend/UpdateBookFunction/ServiceRole/DefaultPolicy/Resource', 55 | [ 56 | { id: 'AwsSolutions-IAM5', reason: 'Resource:* is for X-Ray, otherwise the function has write on a specific bucket ddb table: bookTable.grantWriteData(updateBookFunction)'} 57 | ] 58 | ); 59 | 60 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/backend/DeleteBookFunction/ServiceRole/DefaultPolicy/Resource', 61 | [ 62 | { id: 'AwsSolutions-IAM5', reason: 'Resource:* is for X-Ray, otherwise the function has readonly on a specific bucket ddb table: bookTable.grantWriteData(deleteBookFunction)'} 63 | ] 64 | ); 65 | 66 | NagSuppressions.addResourceSuppressionsByPath(bookStack, '/BookStack/backend/AWS679f53fac002430cb0da5b7982bd2287/Resource', 67 | [ 68 | { id: 'AwsSolutions-L1', reason: 'AwsCustomResource, cannot change runtime version'} 69 | ] 70 | ); -------------------------------------------------------------------------------- /src/infra/BookStack.ts: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import {Stack, StackProps} from 'aws-cdk-lib'; 6 | import {Construct} from 'constructs'; 7 | import {BackendStack} from "./BackendStack"; 8 | import {FrontendStack} from "./FrontendStack"; 9 | 10 | export class BookStack extends Stack { 11 | constructor(scope: Construct, id: string, props?: StackProps) { 12 | super(scope, id, props); 13 | 14 | const backend = new BackendStack(this, 'backend'); 15 | 16 | const frontend = new FrontendStack(this, 'frontend', { 17 | env: { 18 | account: Stack.of(this).account, 19 | region: 'us-east-1' // deploy to us-east-1 for Lambda@Edge 20 | }, 21 | }); 22 | frontend.addDependency(backend); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/infra/FrontendStack.ts: -------------------------------------------------------------------------------- 1 | /** 2 | * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 | * SPDX-License-Identifier: MIT-0 4 | */ 5 | import {CfnOutput, DockerImage, Fn, RemovalPolicy, Stack, StackProps} from "aws-cdk-lib"; 6 | import {Construct} from "constructs"; 7 | import * as childProcess from "child_process"; 8 | import {BucketDeployment, Source} from "aws-cdk-lib/aws-s3-deployment"; 9 | import * as fsExtra from "fs-extra"; 10 | import * as cloudfront from "aws-cdk-lib/aws-cloudfront"; 11 | import { 12 | AddBehaviorOptions, 13 | AllowedMethods, 14 | CachePolicy, 15 | Distribution, 16 | LambdaEdgeEventType, 17 | OriginAccessIdentity, 18 | OriginRequestPolicy, 19 | ResponseHeadersPolicy, 20 | ViewerProtocolPolicy 21 | } from "aws-cdk-lib/aws-cloudfront"; 22 | import {BlockPublicAccess, Bucket, BucketAccessControl, ObjectOwnership} from "aws-cdk-lib/aws-s3"; 23 | import {HttpOrigin, S3Origin} from "aws-cdk-lib/aws-cloudfront-origins"; 24 | import * as path from "path"; 25 | import {Code, Runtime} from "aws-cdk-lib/aws-lambda"; 26 | import {Effect, PolicyStatement} from "aws-cdk-lib/aws-iam"; 27 | import {StringParameter} from "aws-cdk-lib/aws-ssm"; 28 | 29 | export class FrontendStack extends Stack { 30 | public readonly distribution: Distribution; 31 | 32 | constructor(scope: Construct, id: string, props: StackProps) { 33 | super(scope, id, props); 34 | 35 | const getBookUrl = this.getParameter('/books/GetBookUrl'); 36 | const getBooksUrl = this.getParameter('/books/GetBooksUrl'); 37 | const createBookUrl = this.getParameter('/books/CreateBookUrl'); 38 | const updateBookUrl = this.getParameter('/books/UpdateBookUrl'); 39 | const deleteBookUrl = this.getParameter('/books/DeleteBookUrl'); 40 | const getBookArn = this.getParameter('/books/GetBookArn'); 41 | const getBooksArn = this.getParameter('/books/GetBooksArn'); 42 | const createBookArn = this.getParameter('/books/CreateBookArn'); 43 | const updateBookArn = this.getParameter('/books/UpdateBookArn'); 44 | const deleteBookArn = this.getParameter('/books/DeleteBookArn'); 45 | 46 | const authFunction = new cloudfront.experimental.EdgeFunction(this, 'AuthFunctionAtEdge', { 47 | handler: 'auth.handler', 48 | runtime: Runtime.NODEJS_18_X, 49 | code: Code.fromAsset(path.join(__dirname, '../functions/auth')), 50 | }); 51 | authFunction.addToRolePolicy(new PolicyStatement({ 52 | sid: 'AllowInvokeFunctionUrl', 53 | effect: Effect.ALLOW, 54 | actions: ['lambda:InvokeFunctionUrl'], 55 | resources: [getBookArn, getBooksArn, createBookArn, updateBookArn, deleteBookArn], 56 | conditions: { 57 | "StringEquals": {"lambda:FunctionUrlAuthType": "AWS_IAM"} 58 | } 59 | })); 60 | 61 | const accessLogsBucket = new Bucket(this, 'AccessLogsBucket', { 62 | removalPolicy: RemovalPolicy.DESTROY, 63 | autoDeleteObjects: true, 64 | blockPublicAccess: BlockPublicAccess.BLOCK_ALL, 65 | accessControl: BucketAccessControl.PRIVATE, 66 | objectOwnership: ObjectOwnership.BUCKET_OWNER_PREFERRED, 67 | enforceSSL: true 68 | }) 69 | const frontendS3Bucket = new Bucket(this, 'FrontendBucket', { 70 | removalPolicy: RemovalPolicy.DESTROY, 71 | autoDeleteObjects: true, 72 | blockPublicAccess: BlockPublicAccess.BLOCK_ALL, 73 | enforceSSL: true, 74 | serverAccessLogsBucket: accessLogsBucket, 75 | serverAccessLogsPrefix: 'FrontS3AccessLogs', 76 | }) 77 | 78 | const oai = new OriginAccessIdentity(this, 'OAI'); 79 | frontendS3Bucket.grantRead(oai); 80 | 81 | this.distribution = new Distribution(this, 'FrontendDistribution', { 82 | comment: 'Books Distribution', 83 | defaultBehavior: { 84 | origin: new S3Origin(frontendS3Bucket, { 85 | originAccessIdentity: oai, 86 | }), 87 | viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS 88 | }, 89 | errorResponses: [ 90 | {httpStatus: 404, responsePagePath: '/', responseHttpStatus: 200}, 91 | ], 92 | defaultRootObject: 'index.html', 93 | enableLogging: true, 94 | logBucket: accessLogsBucket, 95 | // certificate: specify a custom certificate (from ACM) 96 | }); 97 | 98 | const commonBehaviorOptions: AddBehaviorOptions = { 99 | viewerProtocolPolicy: ViewerProtocolPolicy.HTTPS_ONLY, 100 | cachePolicy: CachePolicy.CACHING_DISABLED, 101 | originRequestPolicy: OriginRequestPolicy.CORS_CUSTOM_ORIGIN, 102 | responseHeadersPolicy: ResponseHeadersPolicy.CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS, 103 | }; 104 | const getBehaviorOptions: AddBehaviorOptions = { 105 | ...commonBehaviorOptions, 106 | edgeLambdas: [{ 107 | functionVersion: authFunction.currentVersion, 108 | eventType: LambdaEdgeEventType.ORIGIN_REQUEST, 109 | includeBody: false, // GET, no body 110 | }], 111 | allowedMethods: AllowedMethods.ALLOW_GET_HEAD_OPTIONS, 112 | } 113 | this.distribution.addBehavior('/getBook/*', new HttpOrigin(Fn.select(2, Fn.split('/', getBookUrl)),), getBehaviorOptions); 114 | this.distribution.addBehavior('/getBooks', new HttpOrigin(Fn.select(2, Fn.split('/', getBooksUrl)),), getBehaviorOptions); 115 | 116 | const notGetBehaviorOptions: AddBehaviorOptions = { 117 | ...commonBehaviorOptions, 118 | edgeLambdas: [{ 119 | functionVersion: authFunction.currentVersion, 120 | eventType: LambdaEdgeEventType.ORIGIN_REQUEST, 121 | includeBody: true 122 | }], 123 | allowedMethods: AllowedMethods.ALLOW_ALL, 124 | }; 125 | this.distribution.addBehavior('/createBook', new HttpOrigin(Fn.select(2, Fn.split('/', createBookUrl)),), notGetBehaviorOptions); 126 | this.distribution.addBehavior('/updateBook/*', new HttpOrigin(Fn.select(2, Fn.split('/', updateBookUrl)),), notGetBehaviorOptions); 127 | this.distribution.addBehavior('/deleteBook/*', new HttpOrigin(Fn.select(2, Fn.split('/', deleteBookUrl)),), notGetBehaviorOptions); 128 | 129 | const execOptions: childProcess.ExecSyncOptions = {stdio: 'inherit'}; 130 | new BucketDeployment(this, 'FrontendAppDeploy', { 131 | retainOnDelete: true, 132 | sources: [ 133 | Source.asset('src/front', { 134 | bundling: { 135 | image: DockerImage.fromRegistry('alpine'), 136 | command: ['sh', '-c', 'echo "Docker build not supported. Please install esbuild."'], 137 | local: { 138 | tryBundle(outputDir: string) { 139 | try { 140 | childProcess.execSync('esbuild --version', execOptions); 141 | childProcess.execSync('cd src/front/node_modules || (cd src/front && npm ci)', execOptions); 142 | childProcess.execSync('cd src/front && npm run build --passWithNoTests', execOptions); 143 | fsExtra.copySync('src/front/build', outputDir); 144 | return true; 145 | } catch { 146 | return false; 147 | } 148 | }, 149 | }, 150 | }, 151 | }), 152 | ], 153 | destinationBucket: frontendS3Bucket, 154 | distribution: this.distribution, 155 | distributionPaths: ['/*'], 156 | memoryLimit: 1024, 157 | }); 158 | 159 | new CfnOutput(this, 'FrontendURL', {value: `https://${this.distribution.distributionDomainName}/`}); 160 | new CfnOutput(this, 'CreateBookFunctionURL', {value: createBookUrl}); 161 | new CfnOutput(this, 'GetBooksFunctionURL', {value: getBooksUrl}); 162 | new CfnOutput(this, 'GetBookFunctionURL', {value: getBookUrl}); 163 | new CfnOutput(this, 'UpdateBookFunctionURL', {value: updateBookUrl}); 164 | new CfnOutput(this, 'DeleteBookFunctionURL', {value: deleteBookUrl}); 165 | new CfnOutput(this, 'CreateBookURL', {value: `https://${this.distribution.distributionDomainName}/createBook`}); 166 | new CfnOutput(this, 'GetBooksURL', {value: `https://${this.distribution.distributionDomainName}/getBooks`}); 167 | new CfnOutput(this, 'GetBookURL', {value: `https://${this.distribution.distributionDomainName}/getBook/id`}); 168 | new CfnOutput(this, 'UpdateBookURL', {value: `https://${this.distribution.distributionDomainName}/updateBook/id`}); 169 | new CfnOutput(this, 'DeleteBookURL', {value: `https://${this.distribution.distributionDomainName}/deleteBook/id`}); 170 | } 171 | 172 | private getParameter(parameter: string): string { 173 | return StringParameter.fromStringParameterName(this, parameter.toLowerCase().replace('/', '') + 'Parameter', parameter).stringValue 174 | } 175 | } -------------------------------------------------------------------------------- /tsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "target": "ES2020", 4 | "module": "commonjs", 5 | "lib": [ 6 | "es2020" 7 | ], 8 | "declaration": true, 9 | "strict": true, 10 | "noImplicitAny": true, 11 | "strictNullChecks": true, 12 | "noImplicitThis": true, 13 | "alwaysStrict": true, 14 | "noUnusedLocals": false, 15 | "noUnusedParameters": false, 16 | "noImplicitReturns": true, 17 | "noFallthroughCasesInSwitch": false, 18 | "inlineSourceMap": true, 19 | "inlineSources": true, 20 | "experimentalDecorators": true, 21 | "strictPropertyInitialization": false, 22 | "typeRoots": [ 23 | "./node_modules/@types" 24 | ] 25 | }, 26 | "exclude": [ 27 | "node_modules", 28 | "cdk.out" 29 | ] 30 | } 31 | --------------------------------------------------------------------------------