-
Notifications
You must be signed in to change notification settings - Fork 4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(aws-s3objectlambda): add L2 construct for S3 Object Lambda
- Loading branch information
Showing
6 changed files
with
440 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,4 @@ | ||
export * from './object-lambda'; | ||
|
||
// AWS::S3ObjectLambda CloudFormation Resources: | ||
export * from './s3objectlambda.generated'; |
107 changes: 107 additions & 0 deletions
107
packages/@aws-cdk/aws-s3objectlambda/lib/object-lambda.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,107 @@ | ||
import * as iam from '@aws-cdk/aws-iam'; | ||
import * as lambda from '@aws-cdk/aws-lambda'; | ||
import * as s3 from '@aws-cdk/aws-s3'; | ||
import { Construct } from 'constructs'; | ||
import { CfnAccessPoint } from './s3objectlambda.generated'; | ||
|
||
// keep this import separate from other imports to reduce chance for merge conflicts with v2-main | ||
// eslint-disable-next-line no-duplicate-imports, import/order | ||
import { Construct as CoreConstruct } from '@aws-cdk/core'; | ||
|
||
/** | ||
* Creates an S3 Object Lambda, which can intercept and transform | ||
* `GetObject` requests. | ||
* | ||
* @param fn The Lambda function | ||
* @param props Configuration for this Object Lambda | ||
*/ | ||
export interface ObjectLambdaProps { | ||
/** | ||
* The bucket to which this Object Lambda belongs | ||
*/ | ||
readonly bucket: s3.IBucket | ||
|
||
/** | ||
* The Lambda function used to transform objects. | ||
*/ | ||
readonly fn: lambda.IFunction | ||
|
||
/** | ||
* Whether CloudWatch metrics are enabled for the Object Lambda. | ||
* | ||
* @default false | ||
*/ | ||
readonly cloudWatchMetricsEnabled?: boolean | ||
|
||
/** | ||
* Whether the Lambda function can process `GetObject-Range` requests. | ||
* | ||
* @default false | ||
*/ | ||
readonly supportsGetObjectRange?: boolean | ||
|
||
/** | ||
* Whether the Lambda function can process `GetObject-PartNumber` requests. | ||
* | ||
* @default false | ||
*/ | ||
readonly supportsGetObjectPartNumber?: boolean | ||
|
||
/** | ||
* Additional JSON that provides supplemental data passed to the | ||
* Lambda function on every request. | ||
* | ||
* @default - No data. | ||
*/ | ||
readonly payload?: string | ||
} | ||
|
||
/** | ||
* An S3 Object Lambda for intercepting and transforming `GetObject` requests. | ||
*/ | ||
export class ObjectLambda extends CoreConstruct { | ||
constructor(scope: Construct, id: string, props: ObjectLambdaProps) { | ||
super(scope, id); | ||
|
||
const supporting = new s3.CfnAccessPoint(this, 'access-point', { | ||
bucket: props.bucket.bucketName, | ||
// TODO: configure publicAccessBlockConfiguration? | ||
}); | ||
|
||
const allowedFeatures = []; | ||
if (props.supportsGetObjectPartNumber) { | ||
allowedFeatures.push('GetObject-PartNumber'); | ||
} | ||
if (props.supportsGetObjectRange) { | ||
allowedFeatures.push('GetObject-Range'); | ||
} | ||
|
||
const objectLambda = new CfnAccessPoint(this, 'lambda-access-point', { | ||
name: `${props.fn.functionName}-access-point`, | ||
objectLambdaConfiguration: { | ||
allowedFeatures, | ||
cloudWatchMetricsEnabled: props.cloudWatchMetricsEnabled, | ||
supportingAccessPoint: supporting.getAtt('Arn').toString(), | ||
transformationConfigurations: [ | ||
{ | ||
actions: ['GetObject'], | ||
contentTransformation: { | ||
AwsLambda: { | ||
FunctionArn: props.fn.functionArn, | ||
FunctionPayload: props.payload ?? '', | ||
}, | ||
}, | ||
}, | ||
], | ||
}, | ||
}); | ||
objectLambda.addDependsOn(supporting); | ||
|
||
props.fn.addToRolePolicy( | ||
new iam.PolicyStatement({ | ||
actions: ['s3-object-lambda:WriteGetObjectResponse'], | ||
resources: ['*'], | ||
}), | ||
); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.