Skip to content

Commit

Permalink
feat(cloudfront): support Behavior-specific viewer protocol policy fo…
Browse files Browse the repository at this point in the history 
…r CloudFrontWebDistribution (#16389)


This pr fixes issue #7086 by allowing user to set viewer protocol policy in Behavior.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@jiegec
jiegec authored Sep 30, 2021
1 parent 7fbf092 commit 5c028c5
Show file tree
Hide file tree
Showing 2 changed files with 110 additions and 1 deletion.
8 changes: 7 additions & 1 deletion packages/@aws-cdk/aws-cloudfront/lib/web-distribution.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -454,6 +454,12 @@ export interface Behavior {
*/
readonly functionAssociations?: FunctionAssociation[];

/**
* The viewer policy for this behavior.
*
* @default - the distribution wide viewer protocol policy will be used
*/
readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
}

export interface LambdaFunctionAssociation {
Expand Down Expand Up @@ -992,7 +998,7 @@ export class CloudFrontWebDistribution extends cdk.Resource implements IDistribu
trustedKeyGroups: input.trustedKeyGroups?.map(key => key.keyGroupId),
trustedSigners: input.trustedSigners,
targetOriginId: input.targetOriginId,
viewerProtocolPolicy: protoPolicy || ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
viewerProtocolPolicy: input.viewerProtocolPolicy || protoPolicy || ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
};
if (!input.isDefaultBehavior) {
toReturn = Object.assign(toReturn, { pathPattern: input.pathPattern });
Expand Down
103 changes: 103 additions & 0 deletions packages/@aws-cdk/aws-cloudfront/test/web-distribution.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -605,6 +605,109 @@ added the ellipsis so a user would know there was more to ...`,

});

test('distribution with ViewerProtocolPolicy overridden in Behavior', () => {
const stack = new cdk.Stack();
const sourceBucket = new s3.Bucket(stack, 'Bucket');

new CloudFrontWebDistribution(stack, 'AnAmazingWebsiteProbably', {
viewerProtocolPolicy: ViewerProtocolPolicy.ALLOW_ALL,
originConfigs: [
{
s3OriginSource: {
s3BucketSource: sourceBucket,
},
behaviors: [
{
isDefaultBehavior: true,
},
{
pathPattern: '/test/*',
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
},
],
},
],
});

expect(stack).toMatchTemplate({
'Resources': {
'Bucket83908E77': {
'Type': 'AWS::S3::Bucket',
'DeletionPolicy': 'Retain',
'UpdateReplacePolicy': 'Retain',
},
'AnAmazingWebsiteProbablyCFDistribution47E3983B': {
'Type': 'AWS::CloudFront::Distribution',
'Properties': {
'DistributionConfig': {
'CacheBehaviors': [
{
'AllowedMethods': [
'GET',
'HEAD',
],
'CachedMethods': [
'GET',
'HEAD',
],
'Compress': true,
'ForwardedValues': {
'Cookies': {
'Forward': 'none',
},
'QueryString': false,
},
'PathPattern': '/test/*',
'TargetOriginId': 'origin1',
'ViewerProtocolPolicy': 'redirect-to-https',
},
],
'DefaultRootObject': 'index.html',
'Origins': [
{
'ConnectionAttempts': 3,
'ConnectionTimeout': 10,
'DomainName': {
'Fn::GetAtt': [
'Bucket83908E77',
'RegionalDomainName',
],
},
'Id': 'origin1',
'S3OriginConfig': {},
},
],
'ViewerCertificate': {
'CloudFrontDefaultCertificate': true,
},
'PriceClass': 'PriceClass_100',
'DefaultCacheBehavior': {
'AllowedMethods': [
'GET',
'HEAD',
],
'CachedMethods': [
'GET',
'HEAD',
],
'TargetOriginId': 'origin1',
'ViewerProtocolPolicy': 'allow-all',
'ForwardedValues': {
'QueryString': false,
'Cookies': { 'Forward': 'none' },
},
'Compress': true,
},
'Enabled': true,
'IPV6Enabled': true,
'HttpVersion': 'http2',
},
},
},
},
});
});

test('distribution with disabled compression', () => {
const stack = new cdk.Stack();
const sourceBucket = new s3.Bucket(stack, 'Bucket');
Expand Down

0 comments on commit 5c028c5

Please sign in to comment.