@condensetech/cdk-constructs
Advanced tools
Condense's opinionated constructs and stacks for AWS CDK
This library contains constructs and stacks we use across our projects.
npm install @condensetech/cdk-constructs # or
yarn add @condensetech/cdk-constructs # or
pnpm add @condensetech/cdk-constructs
Import it:
import * as condense from '@condensetech/cdk-constructs';
pip install condensetech.cdk-constructs
Import it:
from condensetech import cdk_constructs
dotnet add package CondenseTech.CdkConstructs
Import it:
using CondenseTech.CdkConstructs;
go get github.com/condensetech/cdk-constructs
Import it:
import "github.com/condensetech/cdk-constructs"
All API docs can be found in the API.md.
Readability and maintainability are key factors when writing IaC. By defining some high level interfaces, we can easily write constructs which don't need to be tied to the specific implementation of a resource.
For example, the INetworking, defines some high level methods to interact with a VPC. Often a VPC contains a bastion host, which should be whitelisted to databases, so the interface has a bastionHost property which can return the bastion host. This allows to write code like the following:
interface MyDatabaseStackProps extends cdk.StackProps {
networking: INetworking;
}
class MyDatabaseStack extends cdk.Stack {
constructor(scope: Construct, id: string, props: MyDatabaseStackProps) {
super(scope, id, props);
const db = new rds.DatabaseInstance(this, 'Database', {
vpc: props.networking.vpc,
...
});
if (props.networking.bastionHost) {
db.connections.allowDefaultPortFrom(props.networking.bastionHost);
}
}
}
If a certain point we want to add a bastion host, we just need to flip one single switch in the networking props, to have the bastion host able to connect to all the resources in the VPC.
Constructs and Stacks in this area:
A typical scenario is to have one single Application Load Balancer in a VPC, which routes traffic to different services. The Entrypoint Construct and the Entrypoint Stack allow to easily define this entrypoint load balancer.
The Entrypoint#allocateListenerRule method tracks in a DynamoDB table the priority of the listener rules that are being created and generates a unique priority if one is not provided. This allows to operate in scenarios where different stacks are creating listener rules for the same load balancer.
The CloudwatchAlarmsTopicStack creates an SNS Topic which can be used as a target for Cloudwatch Alarms. In addition to link the topic to HTTPS endpoints, it can also create a Lambda function which can be used to send messages to Discord or Slack.
NaiveBasicAuthCloudfrontFunction is useful when a basic protection layer must be added to Cloudfront (for SPAs or static sites) and you just need to avoid crawlers and unwanted visitors.
By instantiating a MonitoringFacade in your stack, you can easily add monitoring to your resources. The facade will create a Cloudwatch Dashboard, and will add alarms to the resources you want to monitor.
FAQs
Condense's opinionated constructs and stacks for AWS CDK
We found that @condensetech/cdk-constructs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.