cdk-certbot-dns-route53
Version:
Create Cron Job Via Lambda, to update certificate and put it to S3 Bucket.
77 lines • 10.9 kB
JavaScript
;
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.CertbotDnsRoute53JobPython = void 0;
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
const cdk = require("aws-cdk-lib");
const events = require("aws-cdk-lib/aws-events");
const target = require("aws-cdk-lib/aws-events-targets");
const iam = require("aws-cdk-lib/aws-iam");
const lambda = require("aws-cdk-lib/aws-lambda");
const constructs_1 = require("constructs");
const lambda_python_1 = require("./lambda-python");
class CertbotDnsRoute53JobPython extends constructs_1.Construct {
constructor(scope, id, props) {
super(scope, id);
const certOptions = {
BUCKET_NAME: props.destinationBucket.bucketName,
EMAIL: props.certbotOptions.email,
DOMAIN_NAME: props.certbotOptions.domainName,
CUSTOM_PREFIX_DIRECTORY: props.certbotOptions.customPrefixDirectory,
};
const lambdaFun = new lambda_python_1.LambdaPythonFunction(this, 'certbotDnsRoute53JobPythonLambda', {
timeout: cdk.Duration.minutes(5),
architecture: props.architecture ?? lambda.Architecture.X86_64,
environment: {
...certOptions,
},
});
props.destinationBucket.grantReadWrite(lambdaFun.handler.role);
const route53PolicyJsonList = [{
Effect: 'Allow',
Action: [
'route53:ListHostedZones',
'route53:GetChange',
],
Resource: [
'*',
],
},
{
Effect: 'Allow',
Action: [
'route53:ChangeResourceRecordSets',
],
Resource: [
`arn:${new cdk.ScopedAws(this).partition}:route53:::hostedzone/${props.zone.hostedZoneId}`,
],
}];
route53PolicyJsonList.forEach(e => {
lambdaFun.handler.role.addToPrincipalPolicy(iam.PolicyStatement.fromJson(e));
});
if (props.schedule) {
new events.Rule(this, 'ScheduleRule', {
schedule: props.schedule,
targets: [
new target.LambdaFunction(lambdaFun.handler),
],
});
}
;
if (props.enabledLambdaFunctionUrl) {
const url = new lambda.FunctionUrl(this, 'LambdaFunctionUrl', {
function: lambdaFun.handler,
authType: lambda.FunctionUrlAuthType.NONE,
...props.functionUrlOptions,
});
new cdk.CfnOutput(this, 'lambdaFunctionUrl', {
value: url.url,
});
}
;
}
}
exports.CertbotDnsRoute53JobPython = CertbotDnsRoute53JobPython;
_a = JSII_RTTI_SYMBOL_1;
CertbotDnsRoute53JobPython[_a] = { fqn: "cdk-certbot-dns-route53.CertbotDnsRoute53JobPython", version: "2.5.61" };
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibWFpbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy9tYWluLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsbUNBQW1DO0FBQ25DLGlEQUFpRDtBQUNqRCx5REFBeUQ7QUFDekQsMkNBQTJDO0FBQzNDLGlEQUFpRDtBQUdqRCwyQ0FBdUM7QUFDdkMsbURBQXVEO0FBa0V2RCxNQUFhLDBCQUEyQixTQUFRLHNCQUFTO0lBQ3ZELFlBQVksS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBZ0M7UUFDeEUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUNqQixNQUFNLFdBQVcsR0FBRztZQUNsQixXQUFXLEVBQUUsS0FBSyxDQUFDLGlCQUFpQixDQUFDLFVBQVU7WUFDL0MsS0FBSyxFQUFFLEtBQUssQ0FBQyxjQUFjLENBQUMsS0FBSztZQUNqQyxXQUFXLEVBQUUsS0FBSyxDQUFDLGNBQWMsQ0FBQyxVQUFVO1lBQzVDLHVCQUF1QixFQUFFLEtBQUssQ0FBQyxjQUFjLENBQUMscUJBQXNCO1NBQ3JFLENBQUM7UUFFRixNQUFNLFNBQVMsR0FBRyxJQUFJLG9DQUFvQixDQUFDLElBQUksRUFBRSxrQ0FBa0MsRUFBRTtZQUNuRixPQUFPLEVBQUUsR0FBRyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDO1lBQ2hDLFlBQVksRUFBRSxLQUFLLENBQUMsWUFBWSxJQUFJLE1BQU0sQ0FBQyxZQUFZLENBQUMsTUFBTTtZQUM5RCxXQUFXLEVBQUU7Z0JBQ1gsR0FBRyxXQUFXO2FBQ2Y7U0FDRixDQUFDLENBQUM7UUFFSCxLQUFLLENBQUMsaUJBQWlCLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUMsSUFBSyxDQUFDLENBQUM7UUFDaEUsTUFBTSxxQkFBcUIsR0FBRyxDQUFDO2dCQUM3QixNQUFNLEVBQUUsT0FBTztnQkFDZixNQUFNLEVBQUU7b0JBQ04seUJBQXlCO29CQUN6QixtQkFBbUI7aUJBQ3BCO2dCQUNELFFBQVEsRUFBRTtvQkFDUixHQUFHO2lCQUNKO2FBQ0Y7WUFDRDtnQkFDRSxNQUFNLEVBQUUsT0FBTztnQkFDZixNQUFNLEVBQUU7b0JBQ04sa0NBQWtDO2lCQUNuQztnQkFDRCxRQUFRLEVBQUU7b0JBQ1IsT0FBTyxJQUFJLEdBQUcsQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUMsU0FBUyx5QkFBeUIsS0FBSyxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7aUJBQzNGO2FBQ0YsQ0FBQyxDQUFDO1FBQ0gscUJBQXFCLENBQUMsT0FBTyxDQUMzQixDQUFDLENBQUMsRUFBRTtZQUNGLFNBQVMsQ0FBQyxPQUFPLENBQUMsSUFBSyxDQUFDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxlQUFlLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDaEYsQ0FBQyxDQUNGLENBQUM7UUFHRixJQUFJLEtBQUssQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNuQixJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRTtnQkFDcEMsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO2dCQUN4QixPQUFPLEVBQUU7b0JBQ1AsSUFBSSxNQUFNLENBQUMsY0FBYyxDQUFDLFNBQVMsQ0FBQyxPQUFPLENBQUM7aUJBQzdDO2FBQ0YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUFBLENBQUM7UUFFRixJQUFJLEtBQUssQ0FBQyx3QkFBd0IsRUFBRSxDQUFDO1lBQ25DLE1BQU0sR0FBRyxHQUFHLElBQUksTUFBTSxDQUFDLFdBQVcsQ0FBQyxJQUFJLEVBQUUsbUJBQW1CLEVBQUU7Z0JBQzVELFFBQVEsRUFBRSxTQUFTLENBQUMsT0FBTztnQkFDM0IsUUFBUSxFQUFFLE1BQU0sQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJO2dCQUN6QyxHQUFHLEtBQUssQ0FBQyxrQkFBa0I7YUFDNUIsQ0FBQyxDQUFDO1lBRUgsSUFBSSxHQUFHLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRSxtQkFBbUIsRUFBRTtnQkFDM0MsS0FBSyxFQUFFLEdBQUcsQ0FBQyxHQUFHO2FBQ2YsQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUFBLENBQUM7SUFDSixDQUFDOztBQWpFSCxnRUFrRUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgKiBhcyBjZGsgZnJvbSAnYXdzLWNkay1saWInO1xuaW1wb3J0ICogYXMgZXZlbnRzIGZyb20gJ2F3cy1jZGstbGliL2F3cy1ldmVudHMnO1xuaW1wb3J0ICogYXMgdGFyZ2V0IGZyb20gJ2F3cy1jZGstbGliL2F3cy1ldmVudHMtdGFyZ2V0cyc7XG5pbXBvcnQgKiBhcyBpYW0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWlhbSc7XG5pbXBvcnQgKiBhcyBsYW1iZGEgZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQgKiBhcyByNTMgZnJvbSAnYXdzLWNkay1saWIvYXdzLXJvdXRlNTMnO1xuaW1wb3J0ICogYXMgczMgZnJvbSAnYXdzLWNkay1saWIvYXdzLXMzJztcbmltcG9ydCB7IENvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuaW1wb3J0IHsgTGFtYmRhUHl0aG9uRnVuY3Rpb24gfSBmcm9tICcuL2xhbWJkYS1weXRob24nO1xuXG5leHBvcnQgaW50ZXJmYWNlIENlcnRib3REbnNSb3V0ZTUzSm9iUHJvcHMge1xuICAvKipcbiAgICogcnVuIHRoZSBKb2Igd2l0aCBkZWZpbmVkIHNjaGVkdWxlXG4gICAqIEBkZWZhdWx0IC0gbm8gc2NoZWR1bGVcbiAgICovXG4gIHJlYWRvbmx5IHNjaGVkdWxlPzogZXZlbnRzLlNjaGVkdWxlO1xuXG4gIC8qKlxuICAgKiBUaGUgUzMgYnVja2V0IHRvIHN0b3JlIGNlcnRpZmljYXRlLlxuICAgKi9cbiAgcmVhZG9ubHkgZGVzdGluYXRpb25CdWNrZXQ6IHMzLklCdWNrZXQ7XG5cbiAgLyoqXG4gICAqIFRoZSBIb3N0Wm9uZSBvbiByb3V0ZTUzIHRvIGRucy0wMSBjaGFsbGVuZ2UuXG4gICAqL1xuICByZWFkb25seSB6b25lOiByNTMuSUhvc3RlZFpvbmU7XG5cbiAgLyoqXG4gICAqIGNlcnRib3QgY21kIG9wdGlvbnMuXG4gICAqL1xuICByZWFkb25seSBjZXJ0Ym90T3B0aW9uczogQ2VydGJvdE9wdGlvbnM7XG5cbiAgLyoqXG4gICAqIEN1c3RvbSBsYW1iZGEgSW1hZ2UgQXJjaGl0ZWN0dXJlLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIGxhbWJkYS5BcmNoaXRlY3R1cmUuWDg2XzY0XG4gICAqL1xuICByZWFkb25seSBhcmNoaXRlY3R1cmU/OiBsYW1iZGEuQXJjaGl0ZWN0dXJlO1xuXG4gIC8qKlxuICAgKiBFbmFibGVkIExhbWJkYSBGdW5jdGlvbiBVUkxcbiAgICogQGRlZmF1bHQgLSBmYWxzZVxuICAgKi9cbiAgcmVhZG9ubHkgZW5hYmxlZExhbWJkYUZ1bmN0aW9uVXJsPzogYm9vbGVhbjtcblxuICAvKipcbiAgICogT3B0aW9ucyB0byBhZGQgYSB1cmwgdG8gYSBMYW1iZGEgZnVuY3Rpb25cbiAgICogQGRlZmF1bHQgLSBhdXRoVHlwZTogbGFtYmRhLkZ1bmN0aW9uVXJsQXV0aFR5cGUuTk9ORVxuICAgKi9cbiAgcmVhZG9ubHkgZnVuY3Rpb25VcmxPcHRpb25zPzogbGFtYmRhLkZ1bmN0aW9uVXJsT3B0aW9ucztcbn1cbmV4cG9ydCBpbnRlcmZhY2UgQ2VydGJvdE9wdGlvbnMge1xuICAvKipcbiAgICogdGhlIGRvbWFpbiBtdXN0IGhvc3Qgb24gcm91dGU1MyBsaWtlIGV4YW1wbGUuY29tLlxuICAgKlxuICAgKiBAZXhhbXBsZSAtIGAqLmV4YW1wbGUuY29tYCBvciBgYS5leGFtcGxlLmNvbWAgLlxuICAgKi9cbiAgcmVhZG9ubHkgZG9tYWluTmFtZTogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBFbWFpbCBhZGRyZXNzIGZvciBpbXBvcnRhbnQgYWNjb3VudCBub3RpZmljYXRpb25zLlxuICAgKi9cbiAgcmVhZG9ubHkgZW1haWw6IHN0cmluZztcblxuICAvKipcbiAgICogQ3VzdG9tIHByZWZpeCBkaXJlY3Rvcnkgb24gczMgYnVja2V0IG9iamVjdCBwYXRoLlxuICAgKiBAZGVmYXVsdCAtIGBzMzovL1lPVVJfQlVDS0VUX05BTUUvMjAyMS0wMS0wMS95b3VyLmRvbWFpbi5uYW1lL2BcbiAgICpcbiAgICogQGV4YW1wbGUgLSBjdXN0b21QcmVmaXhEaXJlY3Rvcnk6ICcvJyAtPiBgczM6Ly9ZT1VSX0JVQ0tFVF9OQU1FL3lvdXIuZG9tYWluLm5hbWUvYFxuICAgKlxuICAgKiBAZXhhbXBsZSAtIGN1c3RvbVByZWZpeERpcmVjdG9yeTogJ2FiYycgLT4gYHMzOi8vWU9VUl9CVUNLRVRfTkFNRS9hYmMveW91ci5kb21haW4ubmFtZS9gXG4gICAqL1xuICByZWFkb25seSBjdXN0b21QcmVmaXhEaXJlY3Rvcnk/OiBzdHJpbmc7XG59XG5leHBvcnQgY2xhc3MgQ2VydGJvdERuc1JvdXRlNTNKb2JQeXRob24gZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBjb25zdHJ1Y3RvcihzY29wZTogQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogQ2VydGJvdERuc1JvdXRlNTNKb2JQcm9wcyApIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuICAgIGNvbnN0IGNlcnRPcHRpb25zID0ge1xuICAgICAgQlVDS0VUX05BTUU6IHByb3BzLmRlc3RpbmF0aW9uQnVja2V0LmJ1Y2tldE5hbWUsXG4gICAgICBFTUFJTDogcHJvcHMuY2VydGJvdE9wdGlvbnMuZW1haWwsXG4gICAgICBET01BSU5fTkFNRTogcHJvcHMuY2VydGJvdE9wdGlvbnMuZG9tYWluTmFtZSxcbiAgICAgIENVU1RPTV9QUkVGSVhfRElSRUNUT1JZOiBwcm9wcy5jZXJ0Ym90T3B0aW9ucy5jdXN0b21QcmVmaXhEaXJlY3RvcnkhLFxuICAgIH07XG5cbiAgICBjb25zdCBsYW1iZGFGdW4gPSBuZXcgTGFtYmRhUHl0aG9uRnVuY3Rpb24odGhpcywgJ2NlcnRib3REbnNSb3V0ZTUzSm9iUHl0aG9uTGFtYmRhJywge1xuICAgICAgdGltZW91dDogY2RrLkR1cmF0aW9uLm1pbnV0ZXMoNSksXG4gICAgICBhcmNoaXRlY3R1cmU6IHByb3BzLmFyY2hpdGVjdHVyZSA/PyBsYW1iZGEuQXJjaGl0ZWN0dXJlLlg4Nl82NCxcbiAgICAgIGVudmlyb25tZW50OiB7XG4gICAgICAgIC4uLmNlcnRPcHRpb25zLFxuICAgICAgfSxcbiAgICB9KTtcblxuICAgIHByb3BzLmRlc3RpbmF0aW9uQnVja2V0LmdyYW50UmVhZFdyaXRlKGxhbWJkYUZ1bi5oYW5kbGVyLnJvbGUhKTtcbiAgICBjb25zdCByb3V0ZTUzUG9saWN5SnNvbkxpc3QgPSBbe1xuICAgICAgRWZmZWN0OiAnQWxsb3cnLFxuICAgICAgQWN0aW9uOiBbXG4gICAgICAgICdyb3V0ZTUzOkxpc3RIb3N0ZWRab25lcycsXG4gICAgICAgICdyb3V0ZTUzOkdldENoYW5nZScsXG4gICAgICBdLFxuICAgICAgUmVzb3VyY2U6IFtcbiAgICAgICAgJyonLFxuICAgICAgXSxcbiAgICB9LFxuICAgIHtcbiAgICAgIEVmZmVjdDogJ0FsbG93JyxcbiAgICAgIEFjdGlvbjogW1xuICAgICAgICAncm91dGU1MzpDaGFuZ2VSZXNvdXJjZVJlY29yZFNldHMnLFxuICAgICAgXSxcbiAgICAgIFJlc291cmNlOiBbXG4gICAgICAgIGBhcm46JHtuZXcgY2RrLlNjb3BlZEF3cyh0aGlzKS5wYXJ0aXRpb259OnJvdXRlNTM6Ojpob3N0ZWR6b25lLyR7cHJvcHMuem9uZS5ob3N0ZWRab25lSWR9YCxcbiAgICAgIF0sXG4gICAgfV07XG4gICAgcm91dGU1M1BvbGljeUpzb25MaXN0LmZvckVhY2goXG4gICAgICBlID0+IHtcbiAgICAgICAgbGFtYmRhRnVuLmhhbmRsZXIucm9sZSEuYWRkVG9QcmluY2lwYWxQb2xpY3koaWFtLlBvbGljeVN0YXRlbWVudC5mcm9tSnNvbihlKSk7XG4gICAgICB9LFxuICAgICk7XG5cblxuICAgIGlmIChwcm9wcy5zY2hlZHVsZSkge1xuICAgICAgbmV3IGV2ZW50cy5SdWxlKHRoaXMsICdTY2hlZHVsZVJ1bGUnLCB7XG4gICAgICAgIHNjaGVkdWxlOiBwcm9wcy5zY2hlZHVsZSxcbiAgICAgICAgdGFyZ2V0czogW1xuICAgICAgICAgIG5ldyB0YXJnZXQuTGFtYmRhRnVuY3Rpb24obGFtYmRhRnVuLmhhbmRsZXIpLFxuICAgICAgICBdLFxuICAgICAgfSk7XG4gICAgfTtcblxuICAgIGlmIChwcm9wcy5lbmFibGVkTGFtYmRhRnVuY3Rpb25VcmwpIHtcbiAgICAgIGNvbnN0IHVybCA9IG5ldyBsYW1iZGEuRnVuY3Rpb25VcmwodGhpcywgJ0xhbWJkYUZ1bmN0aW9uVXJsJywge1xuICAgICAgICBmdW5jdGlvbjogbGFtYmRhRnVuLmhhbmRsZXIsXG4gICAgICAgIGF1dGhUeXBlOiBsYW1iZGEuRnVuY3Rpb25VcmxBdXRoVHlwZS5OT05FLFxuICAgICAgICAuLi5wcm9wcy5mdW5jdGlvblVybE9wdGlvbnMsXG4gICAgICB9KTtcblxuICAgICAgbmV3IGNkay5DZm5PdXRwdXQodGhpcywgJ2xhbWJkYUZ1bmN0aW9uVXJsJywge1xuICAgICAgICB2YWx1ZTogdXJsLnVybCxcbiAgICAgIH0pO1xuICAgIH07XG4gIH1cbn0iXX0=