awselasticloadbalancingv2actions

package

v2.19.0 Latest Latest Go to latest Published: Apr 1, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aws/aws-cdk-go

Links

Open Source Insights

Documentation ¶

Index ¶

func AuthenticateCognitoAction_AuthenticateOidc(options *awselasticloadbalancingv2.AuthenticateOidcOptions) awselasticloadbalancingv2.ListenerAction
func AuthenticateCognitoAction_FixedResponse(statusCode *float64, options *awselasticloadbalancingv2.FixedResponseOptions) awselasticloadbalancingv2.ListenerAction
func AuthenticateCognitoAction_Forward(targetGroups *[]awselasticloadbalancingv2.IApplicationTargetGroup, ...) awselasticloadbalancingv2.ListenerAction
func AuthenticateCognitoAction_Redirect(options *awselasticloadbalancingv2.RedirectOptions) awselasticloadbalancingv2.ListenerAction
func AuthenticateCognitoAction_WeightedForward(targetGroups *[]*awselasticloadbalancingv2.WeightedTargetGroup, ...) awselasticloadbalancingv2.ListenerAction
func NewAuthenticateCognitoAction_Override(a AuthenticateCognitoAction, options *AuthenticateCognitoActionProps)
type AuthenticateCognitoAction
- func NewAuthenticateCognitoAction(options *AuthenticateCognitoActionProps) AuthenticateCognitoAction
type AuthenticateCognitoActionProps

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AuthenticateCognitoAction_AuthenticateOidc ¶

func AuthenticateCognitoAction_AuthenticateOidc(options *awselasticloadbalancingv2.AuthenticateOidcOptions) awselasticloadbalancingv2.ListenerAction

Authenticate using an identity provider (IdP) that is compliant with OpenID Connect (OIDC). See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#oidc-requirements

func AuthenticateCognitoAction_FixedResponse ¶

func AuthenticateCognitoAction_FixedResponse(statusCode *float64, options *awselasticloadbalancingv2.FixedResponseOptions) awselasticloadbalancingv2.ListenerAction

Return a fixed response. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#fixed-response-actions

func AuthenticateCognitoAction_Forward ¶

func AuthenticateCognitoAction_Forward(targetGroups *[]awselasticloadbalancingv2.IApplicationTargetGroup, options *awselasticloadbalancingv2.ForwardOptions) awselasticloadbalancingv2.ListenerAction

Forward to one or more Target Groups. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#forward-actions

func AuthenticateCognitoAction_Redirect ¶

func AuthenticateCognitoAction_Redirect(options *awselasticloadbalancingv2.RedirectOptions) awselasticloadbalancingv2.ListenerAction

Redirect to a different URI.

A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values.

You can reuse URI components using the following reserved keywords:

- `#{protocol}` - `#{host}` - `#{port}` - `#{path}` (the leading "/" is removed) - `#{query}`

For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz". See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#redirect-actions

func AuthenticateCognitoAction_WeightedForward ¶

func AuthenticateCognitoAction_WeightedForward(targetGroups *[]*awselasticloadbalancingv2.WeightedTargetGroup, options *awselasticloadbalancingv2.ForwardOptions) awselasticloadbalancingv2.ListenerAction

Forward to one or more Target Groups which are weighted differently. See: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#forward-actions

func NewAuthenticateCognitoAction_Override ¶

func NewAuthenticateCognitoAction_Override(a AuthenticateCognitoAction, options *AuthenticateCognitoActionProps)

Authenticate using an identity provide (IdP) that is compliant with OpenID Connect (OIDC).

Types ¶

type AuthenticateCognitoAction ¶

type AuthenticateCognitoAction interface {
	awselasticloadbalancingv2.ListenerAction
	Next() awselasticloadbalancingv2.ListenerAction
	// Called when the action is being used in a listener.
	Bind(scope constructs.Construct, listener awselasticloadbalancingv2.IApplicationListener, associatingConstruct constructs.IConstruct)
	// Render the actions in this chain.
	RenderActions() *[]*awselasticloadbalancingv2.CfnListener_ActionProperty
	// Renumber the "order" fields in the actions array.
	//
	// We don't number for 0 or 1 elements, but otherwise number them 1...#actions
	// so ELB knows about the right order.
	//
	// Do this in `ListenerAction` instead of in `Listener` so that we give
	// users the opportunity to override by subclassing and overriding `renderActions`.
	Renumber(actions *[]*awselasticloadbalancingv2.CfnListener_ActionProperty) *[]*awselasticloadbalancingv2.CfnListener_ActionProperty
}

A Listener Action to authenticate with Cognito.

Example:

import cognito "github.com/aws/aws-cdk-go/awscdk"import ec2 "github.com/aws/aws-cdk-go/awscdk"import elbv2 "github.com/aws/aws-cdk-go/awscdk"import awscdk "github.com/aws/aws-cdk-go/awscdk"type App awscdk.App
type CfnOutput awscdk.CfnOutput
type Stack awscdk.Stackimport _ "github.com/aws-samples/dummy/constructs"import actions "github.com/aws/aws-cdk-go/awscdk"

cognitoStack struct {
stack
}

lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &applicationLoadBalancerProps{
	vpc: vpc,
	internetFacing: jsii.Boolean(true),
})

userPool := cognito.NewUserPool(this, jsii.String("UserPool"))
userPoolClient := cognito.NewUserPoolClient(this, jsii.String("Client"), &userPoolClientProps{
	userPool: userPool,

	// Required minimal configuration for use with an ELB
	generateSecret: jsii.Boolean(true),
	authFlows: &authFlow{
		userPassword: jsii.Boolean(true),
	},
	oAuth: &oAuthSettings{
		flows: &oAuthFlows{
			authorizationCodeGrant: jsii.Boolean(true),
		},
		scopes: []oAuthScope{
			cognito.*oAuthScope_EMAIL(),
		},
		callbackUrls: []*string{
			fmt.Sprintf("https://%v/oauth2/idpresponse", lb.loadBalancerDnsName),
		},
	},
})
cfnClient := userPoolClient.node.defaultChild.(cfnUserPoolClient)
cfnClient.addPropertyOverride(jsii.String("RefreshTokenValidity"), jsii.Number(1))
cfnClient.addPropertyOverride(jsii.String("SupportedIdentityProviders"), []interface{}{
	jsii.String("COGNITO"),
})

userPoolDomain := cognito.NewUserPoolDomain(this, jsii.String("Domain"), &userPoolDomainProps{
	userPool: userPool,
	cognitoDomain: &cognitoDomainOptions{
		domainPrefix: jsii.String("test-cdk-prefix"),
	},
})

lb.addListener(jsii.String("Listener"), &baseApplicationListenerProps{
	port: jsii.Number(443),
	certificates: []iListenerCertificate{
		certificate,
	},
	defaultAction: actions.NewAuthenticateCognitoAction(&authenticateCognitoActionProps{
		userPool: userPool,
		userPoolClient: userPoolClient,
		userPoolDomain: userPoolDomain,
		next: elbv2.listenerAction.fixedResponse(jsii.Number(200), &fixedResponseOptions{
			contentType: jsii.String("text/plain"),
			messageBody: jsii.String("Authenticated"),
		}),
	}),
})

NewCfnOutput(this, jsii.String("DNS"), &cfnOutputProps{
	value: lb.loadBalancerDnsName,
})

app := NewApp()
NewCognitoStack(app, jsii.String("integ-cognito"))
app.synth()

func NewAuthenticateCognitoAction ¶

func NewAuthenticateCognitoAction(options *AuthenticateCognitoActionProps) AuthenticateCognitoAction

Authenticate using an identity provide (IdP) that is compliant with OpenID Connect (OIDC).

type AuthenticateCognitoActionProps ¶

type AuthenticateCognitoActionProps struct {
	// What action to execute next.
	//
	// Multiple actions form a linked chain; the chain must always terminate in a
	// (weighted)forward, fixedResponse or redirect action.
	Next awselasticloadbalancingv2.ListenerAction `json:"next" yaml:"next"`
	// The Amazon Cognito user pool.
	UserPool awscognito.IUserPool `json:"userPool" yaml:"userPool"`
	// The Amazon Cognito user pool client.
	UserPoolClient awscognito.IUserPoolClient `json:"userPoolClient" yaml:"userPoolClient"`
	// The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.
	UserPoolDomain awscognito.IUserPoolDomain `json:"userPoolDomain" yaml:"userPoolDomain"`
	// The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
	AuthenticationRequestExtraParams *map[string]*string `json:"authenticationRequestExtraParams" yaml:"authenticationRequestExtraParams"`
	// The behavior if the user is not authenticated.
	OnUnauthenticatedRequest awselasticloadbalancingv2.UnauthenticatedAction `json:"onUnauthenticatedRequest" yaml:"onUnauthenticatedRequest"`
	// The set of user claims to be requested from the IdP.
	//
	// To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
	Scope *string `json:"scope" yaml:"scope"`
	// The name of the cookie used to maintain session information.
	SessionCookieName *string `json:"sessionCookieName" yaml:"sessionCookieName"`
	// The maximum duration of the authentication session.
	SessionTimeout awscdk.Duration `json:"sessionTimeout" yaml:"sessionTimeout"`
}

Properties for AuthenticateCognitoAction.

Example:

import cognito "github.com/aws/aws-cdk-go/awscdk"import ec2 "github.com/aws/aws-cdk-go/awscdk"import elbv2 "github.com/aws/aws-cdk-go/awscdk"import awscdk "github.com/aws/aws-cdk-go/awscdk"type App awscdk.App
type CfnOutput awscdk.CfnOutput
type Stack awscdk.Stackimport _ "github.com/aws-samples/dummy/constructs"import actions "github.com/aws/aws-cdk-go/awscdk"

cognitoStack struct {
stack
}

lb := elbv2.NewApplicationLoadBalancer(this, jsii.String("LB"), &applicationLoadBalancerProps{
	vpc: vpc,
	internetFacing: jsii.Boolean(true),
})

userPool := cognito.NewUserPool(this, jsii.String("UserPool"))
userPoolClient := cognito.NewUserPoolClient(this, jsii.String("Client"), &userPoolClientProps{
	userPool: userPool,

	// Required minimal configuration for use with an ELB
	generateSecret: jsii.Boolean(true),
	authFlows: &authFlow{
		userPassword: jsii.Boolean(true),
	},
	oAuth: &oAuthSettings{
		flows: &oAuthFlows{
			authorizationCodeGrant: jsii.Boolean(true),
		},
		scopes: []oAuthScope{
			cognito.*oAuthScope_EMAIL(),
		},
		callbackUrls: []*string{
			fmt.Sprintf("https://%v/oauth2/idpresponse", lb.loadBalancerDnsName),
		},
	},
})
cfnClient := userPoolClient.node.defaultChild.(cfnUserPoolClient)
cfnClient.addPropertyOverride(jsii.String("RefreshTokenValidity"), jsii.Number(1))
cfnClient.addPropertyOverride(jsii.String("SupportedIdentityProviders"), []interface{}{
	jsii.String("COGNITO"),
})

userPoolDomain := cognito.NewUserPoolDomain(this, jsii.String("Domain"), &userPoolDomainProps{
	userPool: userPool,
	cognitoDomain: &cognitoDomainOptions{
		domainPrefix: jsii.String("test-cdk-prefix"),
	},
})

lb.addListener(jsii.String("Listener"), &baseApplicationListenerProps{
	port: jsii.Number(443),
	certificates: []iListenerCertificate{
		certificate,
	},
	defaultAction: actions.NewAuthenticateCognitoAction(&authenticateCognitoActionProps{
		userPool: userPool,
		userPoolClient: userPoolClient,
		userPoolDomain: userPoolDomain,
		next: elbv2.listenerAction.fixedResponse(jsii.Number(200), &fixedResponseOptions{
			contentType: jsii.String("text/plain"),
			messageBody: jsii.String("Authenticated"),
		}),
	}),
})

NewCfnOutput(this, jsii.String("DNS"), &cfnOutputProps{
	value: lb.loadBalancerDnsName,
})

app := NewApp()
NewCognitoStack(app, jsii.String("integ-cognito"))
app.synth()

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
internal

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL