forked from diegotorres03/serverless-e2e-main
-
Notifications
You must be signed in to change notification settings - Fork 0
/
infraestructure.ts
106 lines (86 loc) · 2.3 KB
/
infraestructure.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/usr/bin/env node
import 'source-map-support/register'
import * as cdk from 'aws-cdk-lib'
import { WebAppStack } from '../lib/webapp-stack'
import { RestApiStack } from '../lib/api-stack'
import { BackendStack } from '../lib/backend-stack'
import { IConstruct } from 'constructs'
const app = new cdk.App()
// creating WebAppStack
// const testWebapp = new WebAppStack(app, 'testWebapp', {
// env: { region: process.env.AWS_REGION },
// assetsPath: '../test-webapp'
// })
// creating WebAppStack
const certificate = new WebAppStack(app, 'certificate', {
env: { region: process.env.AWS_REGION },
assetsPath: '../certificate-of-completion',
// domainName: 'certificate.diegotrs.com'
})
// creating WebAppStack
const apidoc = new WebAppStack(app, 'apidoc', {
env: { region: process.env.AWS_REGION },
assetsPath: '../apidoc'
})
// creating WebAppStack
const webapp = new WebAppStack(app, 'webapp', {
env: { region: process.env.AWS_REGION },
assetsPath: '../webapp'
})
// creating RestApiStack
const api = new RestApiStack(app, 'api', {
env: {
region: process.env.AWS_REGION,
}
})
api.get('/users', function(event, context) {
//asdasdasda
// get fron dynamo
return {
users: []
}
})
api.post('/users', function() {
// create user on ddbb
})
// creating BackendStack
const backend = new BackendStack(app, 'backend', {
env: {
region: process.env.AWS_REGION,
}
})
// {
// "Version": "2012-10-17",
// "Statement": [
// {
// "Effect": "Allow",
// "Action": [
// "s3:*",
// "cloudwatch:*",
// "ec2:*"
// ],
// "Resource": "*"
// }
// ]
// }
// [ ] 5.4.1 define Policy Boundary
// const boundary = (stackParam: IConstruct) => new cdk.aws_iam.ManagedPolicy(stackParam, 'permissions-boundary', {
// statements: [
// new cdk.aws_iam.PolicyStatement({
// effect: cdk.aws_iam.Effect.DENY,
// actions: ['iam:GetUser'],
// resources: ['*'],
// }),
// ],
// })
// // [ ] 5.4.2 attach boundary to all constructs
// cdk.aws_iam.PermissionsBoundary
// .of(backend)
// .apply(boundary(backend))
// cdk.aws_iam.PermissionsBoundary
// .of(api)
// .apply(boundary(api))
// cdk.aws_iam.PermissionsBoundary
// .of(webapp)
// .apply(boundary(webapp))
// api depends on backend