@kaweah.tech/cdk-constructs

@kaweah.tech/cdk-constructs

A collection of AWS CDK Constructs and utilities used across Kaweah Tech projects for deploying web applications with proper SSL certificates, CloudFront distributions, and Route 53 DNS management.

Installation

npm install @kaweah.tech/cdk-constructs

Requirements

• AWS CDK v2.0.0+
• Node.js 18+
• TypeScript (recommended)

Available Constructs

StaticSite

Deploy static websites with S3, CloudFront CDN, and automatic SSL certificates.

import { StaticSite } from '@kaweah.tech/cdk-constructs'

new StaticSite(this, 'MyStaticSite', {
  siteDomain: 'example.com',
  sourcePath: './build',
  indexDocument: 'index.html',
  errorDocument: '404.html',
  assetCachingLevel: 'long', // 'none', 'short', or 'long'
})

Features:

• Automatic SSL certificate provisioning with DNS validation
• CloudFront CDN with optimal caching policies
• Route 53 DNS record creation
• S3 bucket deployment with proper security settings
• Configurable asset caching levels

NuxtSite

Deploy Nuxt.js applications with Lambda@Edge for server-side rendering.

import { NuxtSite } from '@kaweah.tech/cdk-constructs'

new NuxtSite(this, 'MyNuxtApp', {
  siteDomain: 'app.example.com',
  sourcePath: './nuxt-app',
  environment: {
    NODE_ENV: 'production',
    API_BASE_URL: 'https://api.example.com',
  },
  additionalApiPaths: ['/api/v2/*'],
})

Features:

• Lambda@Edge deployment for SSR
• Automatic build and deployment
• Environment variable support
• AWS Parameters and Secrets Layer integration
• Custom API path routing
• Production-ready caching strategies

RedirectSite

Create URL redirections using S3 and CloudFront.

import { RedirectSite } from '@kaweah.tech/cdk-constructs'

new RedirectSite(this, 'MyRedirect', {
  sourceRecords: ['old-domain.com', 'www.old-domain.com'],
  targetDomain: 'https://new-domain.com',
})

Features:

• HTTP to HTTPS redirects
• Multiple source domain support
• Proper SEO redirect headers
• Cost-effective redirection solution

Configuration Utilities

StackConfig

Standardized configuration and tagging utility for consistent resource management.

import { StackConfig, CostCenter, Environment } from '@kaweah.tech/cdk-constructs/lib'

const stackConfig = new StackConfig({
  costCenter: CostCenter.KaweahTech,
  environment: Environment.Production,
  stack: 'My Application',
})

// Use for consistent resource naming
const bucketName = stackConfig.getComponentName('Assets Bucket')

// Apply standardized tags to all resources
const bucket = new s3.Bucket(this, 'Bucket', {
  // ... bucket configuration
})
stackConfig.applyTags(bucket)

Available Cost Centers:

• CostCenter.KaweahTech
• CostCenter.ClientProjects
• CostCenter.Operations
• CostCenter.Nerdoza

Available Environments:

• Environment.Development
• Environment.Integration
• Environment.UAT
• Environment.Stage
• Environment.Production
• Environment.Operations

Usage Patterns

Multi-Region Deployment

These constructs handle cross-region references automatically, particularly for SSL certificates which must be deployed in us-east-1 for CloudFront compatibility.

// Certificate automatically created in us-east-1
// Stack can be deployed in any region
new StaticSite(this, 'GlobalSite', {
  siteDomain: 'global.example.com',
  sourcePath: './dist',
})

Environment-Specific Deployments

const stackConfig = new StackConfig({
  costCenter: CostCenter.KaweahTech,
  environment: Environment.Production,
  stack: 'Marketing Site',
})

new StaticSite(this, stackConfig.getComponentName('Site'), {
  siteDomain: `${stackConfig.environment === Environment.Production ? '' : 'staging.'}example.com`,
  sourcePath: './build',
  assetCachingLevel: stackConfig.environment === Environment.Production ? 'long' : 'short',
})

Resource Retention

For production deployments, consider applying retention policies:

import * as cdk from 'aws-cdk-lib'

const site = new StaticSite(this, 'ProductionSite', {
  siteDomain: 'example.com',
  sourcePath: './build',
  shouldRetainData: true, // Prevents accidental S3 bucket deletion
})

// Additional retention for Route 53 hosted zones
site.hostedZone.applyRemovalPolicy(cdk.RemovalPolicy.RETAIN)

Security Features

• HTTPS Only: All constructs enforce HTTPS with automatic redirects
• Security Headers: Production-ready security headers via CloudFront
• Access Control: S3 buckets configured with least-privilege access
• DNS Validation: SSL certificates use DNS validation for security
• Origin Access Control: CloudFront uses OAC for secure S3 access

Best Practices

• Tagging: Always use StackConfig for consistent resource tagging
• Environments: Use environment-specific configurations
• Caching: Choose appropriate assetCachingLevel for your use case
• Retention: Set shouldRetainData: true for production resources
• Monitoring: Enable CloudWatch logging and metrics

Support

For issues and feature requests, please contact hello@kaweah.tech.

License

MIT - See LICENSE file for details.