Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/tneely/jelly
A Jamstack in CDK
https://github.com/tneely/jelly
aws-cdk cdk cdk-constructs jamstack jelly
Last synced: 19 days ago
JSON representation
A Jamstack in CDK
- Host: GitHub
- URL: https://github.com/tneely/jelly
- Owner: tneely
- License: apache-2.0
- Created: 2020-05-15T20:26:06.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-01-08T02:00:07.000Z (almost 2 years ago)
- Last Synced: 2024-04-29T20:48:09.985Z (8 months ago)
- Topics: aws-cdk, cdk, cdk-constructs, jamstack, jelly
- Language: TypeScript
- Homepage: https://cdk-jelly.com/
- Size: 2.74 MB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
```
_ _ _
| | | | |
| | ___| | |_ _
_ | |/ _ \ | | | | |
| |__| | __/ | | |_| |
\____/ \___|_|_|\__, |
__/ |
|___/
```Jelly is a high level CDK construct that defines everything you'll need to deploy a JAMstack application.
## Usage
### Install
```
npm install cdk-jelly
```### Declaration
```typescript
new Jelly(this, {
api: {
code: lambda.Code.fromAsset(dirname(require.resolve("example-api"))),
},
client: {
source: s3deploy.Source.asset(dirname(require.resolve("example-app"))),
},
});
```### Client
```typescript
new Jelly(this, {
client: {
source: s3deploy.Source.asset(dirname(require.resolve("example-app"))),
},
httpHeaders: {
// optional, these are default
contentSecurityPolicy: "default-src 'self'", // highly recommend changing this default
strictTransportSecurity: "max-age=63072000; includeSubDomains; preload",
xContentTypeOptions: "nosniff",
xXssProtection: "1; mode=block",
xFrameOptions: "DENY",
referrerPolicy: "strict-origin-when-cross-origin",
featurePolicy: "microphone 'self'; geolocation 'self'; camera 'self'",
accessControlAllowOrigin: "*",
},
isSPA: true, // optional, this is default
// ...
});
```Jelly hosts your client in S3 and distributes it globally using CloudFront. It uses secure HTTP headers by default via Lambda@Edge. Though you need want to relax some of them - especially the CSP.
If you are not creating a single page app, set `isSPA` to `false` in order to not reroute 404s back to your index.html page.
### API
```typescript
const jelly = new Jelly(this, {...});
const apiTable = jelly.api.newTable("MyApiTable", {...});
const apiDataSource = api.addDynamoDbDataSource("apiDataSource", apiTable);
```Jelly uses AppSync for its GraphQL API. Use the `Api` construct exposed by Jelly to build out your AppSync schema and resolvers.
### Authentication
```typescript
new Jelly(this, {
// ...
withUserAuthentication: true, // optional, this is default
});
```Jelly uses Cognito for user authentication, creating both a user pool and user pool client. You will need to make use of both of these resource IDs in order to authenticate users using tools like Amplify.
We provide an authentication handler that is available to your API through the `AUTH_LAMBDA_ARN` environment variable. You can pass this lambda the Cognito authentication token to verify whether it is valid.
```typescript
const verifyCognitoJwt = async (token: string) => {
const response = await lambdaClient
.invoke({
FunctionName: process.env.AUTH_LAMBDA_ARN!,
Qualifier: "Prod",
Payload: JSON.stringify({ token }),
})
.promise();const payload: VerificationResponse = JSON.parse(response.Payload as string);
if (!payload.authenticated) {
throw new Error(`Could not authenticate user: ${payload.errorMessage}`);
}
};
```### Database
```typescript
new Jelly(this, {
// ...
database: {
tables: {
DATABASE_NAME: {
partitionKey: {
name: "id",
type: AttributeType.STRING,
},
sortKey: {
name: "created",
type: AttributeType.NUMBER,
},
timeToLiveAttribute: "ttl",
},
},
},
});
```Jelly will spin up and make available to your API any number of DynamoDB tables. We directly make use of CDK's `dynamodb.TableProps` interface to define the tables. The keys set in `tables` above are used as environment variables in your API lambda in order to expose the table names.
### Routing
```typescript
new Jelly(this, {
// ...
routing: {
baseDomainName: "cdk-jelly.com",
apiSubdomain: "api", // optional, this is default
authSubdomain: "auth", // optional, this is default
},
});
```If using a custom domain name, Jelly uses Route 53 to act as a DNS for your application.
Jelly also leverages AWS Certificate Manager and CloudFormation's DNS validation to provide HTTPS across your domain and subdomains.When deploying a Jelly application for the first time, you will need to register the name servers in your root domain's hosted zone with your domain provider. The stack deployment will hang until the certificates can be verified through DNS.
The base domain name (e.g. cdk-jelly.com) will be set up to redirect to the www subdomain, which serves your app through CloudFront. Jelly will create also subdomains for your API (e.g. api.cdk-jelly.com) and authentication (e.g. auth.cdk-jelly.com) endpoints.