Skip to content

Commit e60780d

Browse files
mats16mats16
committed
refactorimg
1 parent e46c7dc commit e60780d

File tree

3 files changed

+63
-63
lines changed

3 files changed

+63
-63
lines changed

src/supabase-cdn/index.ts

Lines changed: 5 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ import { WebAcl } from '../aws-waf';
1616

1717
interface SupabaseCdnProps {
1818
origin: string|elb.ILoadBalancerV2;
19+
webAclArn: cdk.CfnParameter;
1920
}
2021

2122
interface BehaviorProps {
@@ -26,9 +27,6 @@ interface BehaviorProps {
2627
export class SupabaseCdn extends Construct {
2728
distribution: cf.Distribution;
2829
defaultBehaviorOptions: cf.AddBehaviorOptions;
29-
cfnParameters: {
30-
webAclArn: cdk.CfnParameter;
31-
};
3230

3331
/** Construct for CloudFront and WAF */
3432
constructor(scope: Construct, id: string, props: SupabaseCdnProps) {
@@ -39,23 +37,14 @@ export class SupabaseCdn extends Construct {
3937
? new HttpOrigin(props.origin, { protocolPolicy: cf.OriginProtocolPolicy.HTTPS_ONLY })
4038
: new LoadBalancerV2Origin(props.origin, { protocolPolicy: cf.OriginProtocolPolicy.HTTP_ONLY });
4139

42-
this.cfnParameters = {
43-
webAclArn: new cdk.CfnParameter(this, 'WebAclArn', {
44-
description: 'Web ACL for CloudFront.',
45-
type: 'String',
46-
default: '',
47-
allowedPattern: '^arn:aws:wafv2:us-east-1:[0-9]{12}:global/webacl/[\\w-]+/[\\w]{8}-[\\w]{4}-[\\w]{4}-[\\w]{4}-[\\w]{12}$|',
48-
}),
49-
};
50-
51-
const webAclUndefined = new cdk.CfnCondition(this, 'WebAclUndefined', { expression: cdk.Fn.conditionEquals(this.cfnParameters.webAclArn, '') });
40+
const defaultWebAclEnabled = new cdk.CfnCondition(this, 'DefaultWebAclEnabled', { expression: cdk.Fn.conditionEquals(props.webAclArn, '') });
5241

5342
/** Default Web ACL */
54-
const webAcl = new WebAcl(this, 'WebAcl', { description: 'Supabase Standard WebAcl' });
55-
(webAcl.node.defaultChild as cdk.CfnStack).cfnOptions.condition = webAclUndefined;
43+
const defaultWebAcl = new WebAcl(this, 'DefaultWebAcl', { description: 'Default Web ACL' });
44+
(defaultWebAcl.node.defaultChild as cdk.CfnStack).cfnOptions.condition = defaultWebAclEnabled;
5645

5746
/** Web ACL ID */
58-
const webAclId = cdk.Fn.conditionIf(webAclUndefined.logicalId, webAcl.webAclArn, this.cfnParameters.webAclArn.valueAsString);
47+
const webAclId = cdk.Fn.conditionIf(defaultWebAclEnabled.logicalId, defaultWebAcl.webAclArn, props.webAclArn.valueAsString);
5948

6049
const cachePolicy = new cf.CachePolicy(this, 'CachePolicy', {
6150
cachePolicyName: `${cdk.Aws.STACK_NAME}-CachePolicy-${cdk.Aws.REGION}`,

src/supabase-stack.ts

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -135,6 +135,14 @@ export class SupabaseStack extends FargateStack {
135135
/** CFn condition for High Availability */
136136
const highAvailability = new cdk.CfnCondition(this, 'HighAvailability', { expression: cdk.Fn.conditionEquals(enableHighAvailability, 'true') });
137137

138+
/** Web ACL for CloudFront */
139+
const webAclArn = new cdk.CfnParameter(this, 'WebAclArn', {
140+
description: 'Web ACL for CloudFront.',
141+
type: 'String',
142+
default: '',
143+
allowedPattern: '^arn:aws:wafv2:us-east-1:[0-9]{12}:global/webacl/[\\w-]+/[\\w]{8}-[\\w]{4}-[\\w]{4}-[\\w]{4}-[\\w]{12}$|',
144+
});
145+
138146
/** The minimum number of aurora capacity units */
139147
const minACU = new cdk.CfnParameter(this, 'MinACU', {
140148
description: 'The minimum number of Aurora capacity units (ACU) for a DB instance in an Aurora Serverless v2 cluster.',
@@ -258,7 +266,10 @@ export class SupabaseStack extends FargateStack {
258266
loadBalancer.connections.allowFrom(Peer.prefixList(cfPrefixList.prefixListId), Port.tcp(80), 'CloudFront');
259267

260268
/** CloudFront */
261-
const cdn = new SupabaseCdn(this, 'Cdn', { origin: loadBalancer });
269+
const cdn = new SupabaseCdn(this, 'Cdn', {
270+
origin: loadBalancer,
271+
webAclArn,
272+
});
262273

263274
/**
264275
* Supabase API URL
@@ -695,7 +706,7 @@ export class SupabaseStack extends FargateStack {
695706
Label: { default: 'Infrastructure Settings' },
696707
Parameters: [
697708
enableHighAvailability.logicalId,
698-
cdn.cfnParameters.webAclArn.logicalId,
709+
webAclArn.logicalId,
699710
],
700711
},
701712
{
@@ -738,7 +749,7 @@ export class SupabaseStack extends FargateStack {
738749
[postgresMetaImageUri.logicalId]: { default: 'Image URI - postgres-meta' },
739750

740751
[enableHighAvailability.logicalId]: { default: 'High Availability (HA)' },
741-
[cdn.cfnParameters.webAclArn.logicalId]: { default: 'Web ACL ARN (AWS WAF)' },
752+
[webAclArn.logicalId]: { default: 'Web ACL ARN (AWS WAF)' },
742753

743754
[minACU.logicalId]: { default: 'Minimum ACUs' },
744755
[maxACU.logicalId]: { default: 'Maximum ACUs' },

test/__snapshots__/main.test.ts.snap

Lines changed: 44 additions & 44 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)