-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(cloudfront): add attachWebAclId
method for Distribution
#30567
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request
. Additionally, if clarification is needed add Clarification Request
to a comment.
…ibution"" This reverts commit 19b246b.
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
style for README Revert "style for README" This reverts commit 7cb05fa.
a728be9
to
43b40a2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for your contribution. I can't wait to try out this feature myself!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for contributing!
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
@Mergifyio update |
✅ Branch has been successfully updated |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
@Mergifyio update |
✅ Branch has been successfully updated |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #30567 +/- ##
=======================================
Coverage 77.17% 77.17%
=======================================
Files 105 105
Lines 7169 7169
Branches 1315 1315
=======================================
Hits 5533 5533
Misses 1455 1455
Partials 181 181
Flags with carried forward coverage won't be shown. Click here to find out more.
|
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Comments on closed issues and PRs are hard for our team to see. |
Reason for this change
I often create a custom construct for a WAF only. I also create resources (such as API Gateway, ALB, etc...) that attach the WAF in separate constructs. Instead of attaching the WAF in the target resource's construct, I create a method for attaching it in the WAF's construct.
In this way, the constructs can be loosely coupled, and the target resource's constructs can be more simply. The WAF can also be attached to multiple resources at once later.
However, when attaching a WAF to a CloudFront, the WAF attaching configuration needs to be defined through CloudFront props, rather than using CfnWebACLAssociation.
To do this with the above WAF construct, a method is needed to pass a pre-defined CloudFront and override the properties of that definition with an escape hatch. This is a bit complicated.
In other words, it would be good if CloudFront also had a mechanism (like CfnWebACLAssociation) to attach WAF after defining resources.
This would allow WAF custom constructs to be more generic.
Description of changes
Add
attachWebAclId
method for Distribution.Description of how you validated changes
Both of unit and integ tests.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license