1 | import * as acm from '@aws-cdk/aws-certificatemanager';
|
2 | import { IBucket } from '@aws-cdk/aws-s3';
|
3 | import { IResource, Resource } from '@aws-cdk/core';
|
4 | import { Construct } from 'constructs';
|
5 | import { BasePathMapping, BasePathMappingOptions } from './base-path-mapping';
|
6 | import { EndpointType, IRestApi } from './restapi';
|
7 | /**
|
8 | * The minimum version of the SSL protocol that you want API Gateway to use for HTTPS connections.
|
9 | */
|
10 | export declare enum SecurityPolicy {
|
11 | /** Cipher suite TLS 1.0 */
|
12 | TLS_1_0 = "TLS_1_0",
|
13 | /** Cipher suite TLS 1.2 */
|
14 | TLS_1_2 = "TLS_1_2"
|
15 | }
|
16 | export interface DomainNameOptions {
|
17 | /**
|
18 | * The custom domain name for your API. Uppercase letters are not supported.
|
19 | */
|
20 | readonly domainName: string;
|
21 | /**
|
22 | * The reference to an AWS-managed certificate for use by the edge-optimized
|
23 | * endpoint for the domain name. For "EDGE" domain names, the certificate
|
24 | * needs to be in the US East (N. Virginia) region.
|
25 | */
|
26 | readonly certificate: acm.ICertificate;
|
27 | /**
|
28 | * The type of endpoint for this DomainName.
|
29 | * @default REGIONAL
|
30 | */
|
31 | readonly endpointType?: EndpointType;
|
32 | /**
|
33 | * The Transport Layer Security (TLS) version + cipher suite for this domain name.
|
34 | * @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html
|
35 | * @default SecurityPolicy.TLS_1_0
|
36 | */
|
37 | readonly securityPolicy?: SecurityPolicy;
|
38 | /**
|
39 | * The mutual TLS authentication configuration for a custom domain name.
|
40 | * @default - mTLS is not configured.
|
41 | */
|
42 | readonly mtls?: MTLSConfig;
|
43 | /**
|
44 | * The base path name that callers of the API must provide in the URL after
|
45 | * the domain name (e.g. `example.com/base-path`). If you specify this
|
46 | * property, it can't be an empty string.
|
47 | *
|
48 | * @default - map requests from the domain root (e.g. `example.com`). If this
|
49 | * is undefined, no additional mappings will be allowed on this domain name.
|
50 | */
|
51 | readonly basePath?: string;
|
52 | }
|
53 | export interface DomainNameProps extends DomainNameOptions {
|
54 | /**
|
55 | * If specified, all requests to this domain will be mapped to the production
|
56 | * deployment of this API. If you wish to map this domain to multiple APIs
|
57 | * with different base paths, don't specify this option and use
|
58 | * `addBasePathMapping`.
|
59 | *
|
60 | * @default - you will have to call `addBasePathMapping` to map this domain to
|
61 | * API endpoints.
|
62 | */
|
63 | readonly mapping?: IRestApi;
|
64 | }
|
65 | export interface IDomainName extends IResource {
|
66 | /**
|
67 | * The domain name (e.g. `example.com`)
|
68 | *
|
69 | * @attribute DomainName
|
70 | */
|
71 | readonly domainName: string;
|
72 | /**
|
73 | * The Route53 alias target to use in order to connect a record set to this domain through an alias.
|
74 | *
|
75 | * @attribute DistributionDomainName,RegionalDomainName
|
76 | */
|
77 | readonly domainNameAliasDomainName: string;
|
78 | /**
|
79 | * The Route53 hosted zone ID to use in order to connect a record set to this domain through an alias.
|
80 | *
|
81 | * @attribute DistributionHostedZoneId,RegionalHostedZoneId
|
82 | */
|
83 | readonly domainNameAliasHostedZoneId: string;
|
84 | }
|
85 | export declare class DomainName extends Resource implements IDomainName {
|
86 | /**
|
87 | * Imports an existing domain name.
|
88 | */
|
89 | static fromDomainNameAttributes(scope: Construct, id: string, attrs: DomainNameAttributes): IDomainName;
|
90 | readonly domainName: string;
|
91 | readonly domainNameAliasDomainName: string;
|
92 | readonly domainNameAliasHostedZoneId: string;
|
93 | private readonly basePaths;
|
94 | constructor(scope: Construct, id: string, props: DomainNameProps);
|
95 | /**
|
96 | * Maps this domain to an API endpoint.
|
97 | * @param targetApi That target API endpoint, requests will be mapped to the deployment stage.
|
98 | * @param options Options for mapping to base path with or without a stage
|
99 | */
|
100 | addBasePathMapping(targetApi: IRestApi, options?: BasePathMappingOptions): BasePathMapping;
|
101 | private configureMTLS;
|
102 | }
|
103 | export interface DomainNameAttributes {
|
104 | /**
|
105 | * The domain name (e.g. `example.com`)
|
106 | */
|
107 | readonly domainName: string;
|
108 | /**
|
109 | * The Route53 alias target to use in order to connect a record set to this domain through an alias.
|
110 | */
|
111 | readonly domainNameAliasTarget: string;
|
112 | /**
|
113 | * The Route53 hosted zone ID to use in order to connect a record set to this domain through an alias.
|
114 | */
|
115 | readonly domainNameAliasHostedZoneId: string;
|
116 | }
|
117 | /**
|
118 | * The mTLS authentication configuration for a custom domain name.
|
119 | */
|
120 | export interface MTLSConfig {
|
121 | /**
|
122 | * The bucket that the trust store is hosted in.
|
123 | */
|
124 | readonly bucket: IBucket;
|
125 | /**
|
126 | * The key in S3 to look at for the trust store.
|
127 | */
|
128 | readonly key: string;
|
129 | /**
|
130 | * The version of the S3 object that contains your truststore.
|
131 | * To specify a version, you must have versioning enabled for the S3 bucket.
|
132 | * @default - latest version
|
133 | */
|
134 | readonly version?: string;
|
135 | }
|