DomainName: Add documentation for SecurityPolicy TSL versions, add te…

…st for absent securityPolicy
aws · Feb 29, 2020 · d6245b6 · d6245b6
1 parent e432e4d
commit d6245b6
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 4 deletions.
diff --git a/packages/@aws-cdk/aws-apigateway/lib/domain-name.ts b/packages/@aws-cdk/aws-apigateway/lib/domain-name.ts
@@ -5,10 +5,12 @@ import { BasePathMapping, BasePathMappingOptions } from './base-path-mapping';
 import { EndpointType, IRestApi } from './restapi';
 
 /**
- * The minimum version of the SSL protocol that you want Api Gateway to use for HTTPS connections.
+ * The minimum version of the SSL protocol that you want API Gateway to use for HTTPS connections.
  */
 export enum SecurityPolicy {
+  /** Cipher suite TLS 1.0 */
   TLS_1_0 = 'TLS_1_0',
+  /** Cipher suite TLS 1.2 */
   TLS_1_2 = 'TLS_1_2'
 }
 

diff --git a/packages/@aws-cdk/aws-apigateway/package.json b/packages/@aws-cdk/aws-apigateway/package.json
@@ -174,8 +174,6 @@
       "docs-public-apis:@aws-cdk/aws-apigateway.Stage",
       "docs-public-apis:@aws-cdk/aws-apigateway.Stage.restApi",
       "docs-public-apis:@aws-cdk/aws-apigateway.Stage.stageName",
-      "docs-public-apis:@aws-cdk/aws-apigateway.SecurityPolicy.TLS_1_0",
-      "docs-public-apis:@aws-cdk/aws-apigateway.SecurityPolicy.TLS_1_2",
       "docs-public-apis:@aws-cdk/aws-apigateway.UsagePlan",
       "docs-public-apis:@aws-cdk/aws-apigateway.UsagePlan.usagePlanId",
       "docs-public-apis:@aws-cdk/aws-apigateway.VpcLink.addTargets",

diff --git a/packages/@aws-cdk/aws-apigateway/test/test.domains.ts b/packages/@aws-cdk/aws-apigateway/test/test.domains.ts
@@ -1,5 +1,5 @@
 // tslint:disable:object-literal-key-quotes
-import { expect, haveResource } from '@aws-cdk/assert';
+import { ABSENT, expect, haveResource } from '@aws-cdk/assert';
 import * as acm from '@aws-cdk/aws-certificatemanager';
 import { Stack } from '@aws-cdk/core';
 import { Test } from 'nodeunit';
@@ -83,6 +83,11 @@ export = {
       securityPolicy: apigw.SecurityPolicy.TLS_1_2
     });
 
+    new apigw.DomainName(stack, 'default-domain', {
+      domainName: 'default.example.com',
+      certificate: cert
+    });
+
     // THEN
     expect(stack).to(haveResource('AWS::ApiGateway::DomainName', {
       "DomainName": "old.example.com",
@@ -97,6 +102,13 @@ export = {
       "RegionalCertificateArn": { "Ref": "Cert5C9FAEC1" },
       "SecurityPolicy": "TLS_1_2"
     }));
+
+    expect(stack).to(haveResource('AWS::ApiGateway::DomainName', {
+      "DomainName": "default.example.com",
+      "EndpointConfiguration": { "Types": [ "REGIONAL" ] },
+      "RegionalCertificateArn": { "Ref": "Cert5C9FAEC1" },
+      "SecurityPolicy": ABSENT
+    }));
     test.done();
   },