API.md

API Reference

Classes

Name	Description
ListenerRulePriorities	Listener rule priorities.
ListenerRulesBuilder	Creates listener rules.
NginxProxyContainerExtension	Extends a TaskDefinition by adding an nginx proxy before the workload container.
WebsiteService	Create a website from an http-serving container.
WebsiteServiceBase	Base class for the builder-style website service classes.
WordpressService	Create a wordpress website.

Structs

Name	Description
CognitoAuthenticationConfig	Configuration for authentication through a Cognito user pool.
EcsWorkloadServiceInfo	Provides information to IEcsWorkload.useService about the service.
EcsWorkloadTaskInfo	Provides information to IEcsWorkload.useTaskDefinition about the task definition.
HttpContainerWorkloadOptions	Props for HttpContainerWorkload.
ListenerRulesBuilderProps	Props for ListenerRulesBuilder.
NginxProxyContainerExtensionOptions	Options for NginxProxyContainerExtension.
WebsiteHostRedirect	A redirect.
WebsiteServiceBaseProps	Props for WebsiteServiceBase.
WebsiteServiceOptions	Non-workload options for WebsiteServiceBase.
WebsiteServiceProps	Props for WebsiteService.
WebsiteServicePropsAuthWithUserPoolProps	No description
WordpressImageOptions	Configuration options for building the WordPress container image.
WordpressServiceProps	Props for WordpressService.
WordpressWorkloadOptions	Props for WordpressWorkload.

Interfaces

Name	Description
IEcsWorkload	Rough compatibility interface.
IWebsiteService	A builder-pattern website service.

Enums

Name	Description
EcsWorkloadCapacityType	Type of capacity to use.

class ListenerRulePriorities

Listener rule priorities.

Initializer

new ListenerRulePriorities()

Methods

produce()

Produce a listener rule priority.

produce(): number

Returns:

• number

static incremental(start, step?)

Incremental listener rule priorities.

static incremental(start: number, step?: number): ListenerRulePriorities

• start (number) Priority to start at.
• step (number) Step size for every new priority.

Returns:

• ListenerRulePriorities

class ListenerRulesBuilder

Creates listener rules.

Implements: IConstruct, IConstruct, IConstruct, IDependable Extends: Construct

Initializer

new ListenerRulesBuilder(scope: Construct, id: string, props: ListenerRulesBuilderProps)

• scope (Construct) No description
• id (string) No description
• props (ListenerRulesBuilderProps) No description
  • albListener (IApplicationListener) The ALB listener to add listener rules to.
  • albPriority (ListenerRulePriorities) The strategy for allocating alb listener rule priorities.
  • primaryHostName (string) The primary host name to redirect to.
  • service (Ec2Service | FargateService) ECS service serving traffic.
  • trafficContainerName (string) Container to direct traffic to.
  • trafficPort (number) Port that the container listens on.

Methods

addAuthBypassServingHost(hostHeader, authBypassValue)

Add a host name on which the service should serve traffic when the AccessBypass header is provided in the requiest.

addAuthBypassServingHost(hostHeader: string, authBypassValue: string): void

• hostHeader (string) No description
• authBypassValue (string) No description

addAuthenticatedServingHost(hostHeader, authConfig)

Adds a host name on which the service should serve traffic after authenticating with AWS Cognito.

addAuthenticatedServingHost(hostHeader: string, authConfig: CognitoAuthenticationConfig): void

• hostHeader (string) No description
• authConfig (CognitoAuthenticationConfig) No description
  • domain (string) Domain name of the Cognito user pool IdP.
  • userPool (IUserPool) The Cognito user pool to identify against.

addRedirectResponse(hostHeader, redirectResponse)

Adds a redirect for a given host name to another location.

addRedirectResponse(hostHeader: string, redirectResponse: RedirectOptions): void

• hostHeader (string) No description
• redirectResponse (RedirectOptions) No description
  • host (string) The hostname. Default: No change
  • path (string) The absolute path, starting with the leading "/". Default: No change
  • permanent (boolean) The HTTP redirect code. Default: false
  • port (string) The port. Default: No change
  • protocol (string) The protocol. Default: No change
  • query (string) The query parameters, URL-encoded when necessary, but not percent-encoded. Default: No change

addRedirectToPrimaryHostName(hostHeader)

Adds a redirect for a given host name to the primary host name.

addRedirectToPrimaryHostName(hostHeader: string): void

• hostHeader (string) No description

addServingHost(hostHeader)

Adds a host name on which the service should serve traffic.

addServingHost(hostHeader: string): void

• hostHeader (string) No description

class NginxProxyContainerExtension

Extends a TaskDefinition by adding an nginx proxy before the workload container.

Implements: ITaskDefinitionExtension

Initializer

new NginxProxyContainerExtension(options: NginxProxyContainerExtensionOptions)

• options (NginxProxyContainerExtensionOptions) No description
  • defaultConf (string) Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload.
  • containerName (string) Name of the proxy container. Default: 'proxy'
  • imageFrom (string) Provides an image name to build the nginx container from. Default: 'nginx:1'
  • logging (LogDriver) Specifies the logging mechanism for the proxy container. Default: does not log
  • trafficPort (number) Traffic port for the proxy. Default: 80

Properties

Name	Type	Description
options	NginxProxyContainerExtensionOptions

Methods

extend(taskDefinition)

Apply the extension to the given TaskDefinition.

extend(taskDefinition: TaskDefinition): void

• taskDefinition (TaskDefinition) No description

class WebsiteService

Create a website from an http-serving container.

Implements: IConstruct, IConstruct, IConstruct, IDependable, IWebsiteService Extends: WebsiteServiceBase

Initializer

new WebsiteService(scope: Construct, id: string, props: WebsiteServiceProps)

• scope (Construct) No description
• id (string) No description
• props (WebsiteServiceProps) No description
  • albBasePriority (number) The base priority from which to increment rule priorities.
  • albListener (IApplicationListener) The load balancer listener to attach the service to.
  • cluster (ICluster) The ECS cluster to add the service to.
  • primaryHostName (string) The primary host name that this service will serve from and redirect to.
  • additionalServingHosts (Array) Additional host names to serve traffic on. Optional
  • allowedConnections (Array<IConnectable>) Allow others access to the traffic port. Optional
  • authBypassHeaderValue (string) Provide a value that can be used to bypass authentication with headers. Optional
  • authWithUserPool (CognitoAuthenticationConfig) Instruct the service to authenticate with the cognito user pool. Optional
  • capacityType (EcsWorkloadCapacityType) Type of compute capacity. Default: EcsExtensionCapacityType.EC2
  • connectToPeers (Array<IConnectable>) Register the service as allowed in others' ingresses. Optional
  • desiredCount (number) Desired task count. Default: 1
  • nginxContainerConfig (string) Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
  • nginxContainerImageFrom (string) Provides an image name to build the nginx container from. Default: 'nginx:1'
  • redirects (Array<WebsiteHostRedirect>) Redirect listener rules. Optional
  • containerImage (ContainerImage) The container image.
  • containerPort (number) The port that serves traffic. Default: 80
  • envSecrets (Map<string, Secret>) Specify environment variables from secrets for the main container. Optional
  • envVars (Map<string, string>) Specify environment variables for the main container. Optional

class WebsiteServiceBase

Base class for the builder-style website service classes.

Implements: IConstruct, IConstruct, IConstruct, IDependable, IWebsiteService Extends: Construct

Initializer

new WebsiteServiceBase(scope: Construct, id: string, props: WebsiteServiceBaseProps)

• scope (Construct) No description
• id (string) No description
• props (WebsiteServiceBaseProps) No description
  • albBasePriority (number) The base priority from which to increment rule priorities.
  • albListener (IApplicationListener) The load balancer listener to attach the service to.
  • cluster (ICluster) The ECS cluster to add the service to.
  • primaryHostName (string) The primary host name that this service will serve from and redirect to.
  • additionalServingHosts (Array) Additional host names to serve traffic on. Optional
  • allowedConnections (Array<IConnectable>) Allow others access to the traffic port. Optional
  • authBypassHeaderValue (string) Provide a value that can be used to bypass authentication with headers. Optional
  • authWithUserPool (CognitoAuthenticationConfig) Instruct the service to authenticate with the cognito user pool. Optional
  • capacityType (EcsWorkloadCapacityType) Type of compute capacity. Default: EcsExtensionCapacityType.EC2
  • connectToPeers (Array<IConnectable>) Register the service as allowed in others' ingresses. Optional
  • desiredCount (number) Desired task count. Default: 1
  • nginxContainerConfig (string) Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
  • nginxContainerImageFrom (string) Provides an image name to build the nginx container from. Default: 'nginx:1'
  • redirects (Array<WebsiteHostRedirect>) Redirect listener rules. Optional
  • ecsExtension (IEcsWorkload) Workload extension.

Properties

Name	Type	Description
service	Ec2Service | FargateService	The service instance.
taskDefinition	TaskDefinition	The task definition of the service.

Methods

addRedirectResponse(hostHeader, redirectResponse)

Add a host name from which traffic will be redirected to another URL.

addRedirectResponse(hostHeader: string, redirectResponse: RedirectOptions): void

• hostHeader (string) No description
• redirectResponse (RedirectOptions) No description
  • host (string) The hostname. Default: No change
  • path (string) The absolute path, starting with the leading "/". Default: No change
  • permanent (boolean) The HTTP redirect code. Default: false
  • port (string) The port. Default: No change
  • protocol (string) The protocol. Default: No change
  • query (string) The query parameters, URL-encoded when necessary, but not percent-encoded. Default: No change

addRedirectToPrimaryHostName(hostHeader)

Add a host name from which traffic will be directed to the primary host name of the IWebsiteService.

addRedirectToPrimaryHostName(hostHeader: string): void

• hostHeader (string) No description

addServingHost(hostHeader)

Add a host name on which traffic will be served.

addServingHost(hostHeader: string): void

• hostHeader (string) No description

class WordpressService

Create a wordpress website.

Implements: IConstruct, IConstruct, IConstruct, IDependable, IWebsiteService Extends: WebsiteServiceBase

Initializer

new WordpressService(scope: Construct, id: string, props: WordpressServiceProps)

• scope (Construct) No description
• id (string) No description
• props (WordpressServiceProps) No description
  • albBasePriority (number) The base priority from which to increment rule priorities.
  • albListener (IApplicationListener) The load balancer listener to attach the service to.
  • cluster (ICluster) The ECS cluster to add the service to.
  • primaryHostName (string) The primary host name that this service will serve from and redirect to.
  • additionalServingHosts (Array) Additional host names to serve traffic on. Optional
  • allowedConnections (Array<IConnectable>) Allow others access to the traffic port. Optional
  • authBypassHeaderValue (string) Provide a value that can be used to bypass authentication with headers. Optional
  • authWithUserPool (CognitoAuthenticationConfig) Instruct the service to authenticate with the cognito user pool. Optional
  • capacityType (EcsWorkloadCapacityType) Type of compute capacity. Default: EcsExtensionCapacityType.EC2
  • connectToPeers (Array<IConnectable>) Register the service as allowed in others' ingresses. Optional
  • desiredCount (number) Desired task count. Default: 1
  • nginxContainerConfig (string) Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
  • nginxContainerImageFrom (string) Provides an image name to build the nginx container from. Default: 'nginx:1'
  • redirects (Array<WebsiteHostRedirect>) Redirect listener rules. Optional
  • databaseSecret (ISecret) Credentials for accessing the database server.
  • fileSystem (IFileSystem) A filesystem in which to put the user uploads.
  • databaseConnection (IConnectable) When provided, an ingress rule will be added to the database's security group so that ECS can connect to the database. Optional
  • envSecrets (Map<string, Secret>) Specify environment variables from secrets for the main container. Optional
  • envVars (Map<string, string>) Specify environment variables for the main container. Optional
  • fileSystemConnection (IConnectable) When provided, an ingress rule will be added to the filesystem's security group so that ECS can mount the file system. Optional
  • fileSystemRootDirectory (string) A location on the filesystem to mount as the data volume root. Default: '/'
  • wordpressDatabaseName (string) Name of the database containing the Wordpress site. Optional
  • wordpressImageOptions (WordpressImageOptions) Options building the Wordpress container. Optional

struct CognitoAuthenticationConfig

Configuration for authentication through a Cognito user pool.

Name	Type	Description
domain	string	Domain name of the Cognito user pool IdP.
userPool	IUserPool	The Cognito user pool to identify against.

struct EcsWorkloadServiceInfo

Provides information to IEcsWorkload.useService about the service.

Name	Type	Description
service	Ec2Service | FargateService

struct EcsWorkloadTaskInfo

Provides information to IEcsWorkload.useTaskDefinition about the task definition.

Name	Type	Description
taskDefinition	TaskDefinition	The task definition.
taskMemoryLimit	number	The memory limit of the task definition.
taskMemoryReserved	number	The memory reservation of the task definition.

struct HttpContainerWorkloadOptions

Props for HttpContainerWorkload.

Name	Type	Description
containerImage	ContainerImage	The container image.
containerPort?	number	The port that serves traffic. Default: 80
envSecrets?	Map<string, Secret>	Specify environment variables from secrets for the main container. Optional
envVars?	Map<string, string>	Specify environment variables for the main container. Optional

interface IEcsWorkload

Rough compatibility interface.

Properties

Name	Type	Description
trafficContainer	string
trafficPort	number

Methods

useService(service)

useService(service: Ec2Service | FargateService): void

• service (Ec2Service | FargateService) No description

useTaskDefinition(taskDefinitionInfo)

useTaskDefinition(taskDefinitionInfo: EcsWorkloadTaskInfo): void

• taskDefinitionInfo (EcsWorkloadTaskInfo) No description
  • taskDefinition (TaskDefinition) The task definition.
  • taskMemoryLimit (number) The memory limit of the task definition.
  • taskMemoryReserved (number) The memory reservation of the task definition.

interface IWebsiteService

Implemented by: WebsiteService, WebsiteServiceBase, WordpressService

A builder-pattern website service.

Methods

addRedirectResponse(hostHeader, redirectResponse)

Add a host name from which traffic will be redirected to another URL.

addRedirectResponse(hostHeader: string, redirectResponse: RedirectOptions): void

• hostHeader (string) No description
• redirectResponse (RedirectOptions) No description
  • host (string) The hostname. Default: No change
  • path (string) The absolute path, starting with the leading "/". Default: No change
  • permanent (boolean) The HTTP redirect code. Default: false
  • port (string) The port. Default: No change
  • protocol (string) The protocol. Default: No change
  • query (string) The query parameters, URL-encoded when necessary, but not percent-encoded. Default: No change

addRedirectToPrimaryHostName(hostHeader)

Add a host name from which traffic will be directed to the primary host name of the IWebsiteService.

addRedirectToPrimaryHostName(hostHeader: string): void

• hostHeader (string) No description

addServingHost(hostHeader)

Add a host name on which traffic will be served.

addServingHost(hostHeader: string): void

• hostHeader (string) No description

struct ListenerRulesBuilderProps

Props for ListenerRulesBuilder.

Name	Type	Description
albListener	IApplicationListener	The ALB listener to add listener rules to.
albPriority	ListenerRulePriorities	The strategy for allocating alb listener rule priorities.
primaryHostName	string	The primary host name to redirect to.
service	Ec2Service | FargateService	ECS service serving traffic.
trafficContainerName	string	Container to direct traffic to.
trafficPort	number	Port that the container listens on.

struct NginxProxyContainerExtensionOptions 🔹

Options for NginxProxyContainerExtension.

Name	Type	Description
defaultConf🔹	string	Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload.
containerName?🔹	string	Name of the proxy container. Default: 'proxy'
imageFrom?🔹	string	Provides an image name to build the nginx container from. Default: 'nginx:1'
logging?🔹	LogDriver	Specifies the logging mechanism for the proxy container. Default: does not log
trafficPort?🔹	number	Traffic port for the proxy. Default: 80

struct WebsiteHostRedirect

A redirect.

Name	Type	Description
hostHeader	string	Host header to match on.
redirect?	RedirectOptions	Details of the redirection. Optional

struct WebsiteServiceBaseProps

Props for WebsiteServiceBase.

Name	Type	Description
albBasePriority	number	The base priority from which to increment rule priorities.
albListener	IApplicationListener	The load balancer listener to attach the service to.
cluster	ICluster	The ECS cluster to add the service to.
ecsExtension	IEcsWorkload	Workload extension.
primaryHostName	string	The primary host name that this service will serve from and redirect to.
additionalServingHosts?	Array	Additional host names to serve traffic on. Optional
allowedConnections?	Array<IConnectable>	Allow others access to the traffic port. Optional
authBypassHeaderValue?	string	Provide a value that can be used to bypass authentication with headers. Optional
authWithUserPool?	CognitoAuthenticationConfig	Instruct the service to authenticate with the cognito user pool. Optional
capacityType?	EcsWorkloadCapacityType	Type of compute capacity. Default: EcsExtensionCapacityType.EC2
connectToPeers?	Array<IConnectable>	Register the service as allowed in others' ingresses. Optional
desiredCount?	number	Desired task count. Default: 1
nginxContainerConfig?🔹	string	Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
nginxContainerImageFrom?🔹	string	Provides an image name to build the nginx container from. Default: 'nginx:1'
redirects?	Array<WebsiteHostRedirect>	Redirect listener rules. Optional

struct WebsiteServiceOptions

Non-workload options for WebsiteServiceBase.

Name	Type	Description
albBasePriority	number	The base priority from which to increment rule priorities.
albListener	IApplicationListener	The load balancer listener to attach the service to.
cluster	ICluster	The ECS cluster to add the service to.
primaryHostName	string	The primary host name that this service will serve from and redirect to.
additionalServingHosts?	Array	Additional host names to serve traffic on. Optional
allowedConnections?	Array<IConnectable>	Allow others access to the traffic port. Optional
authBypassHeaderValue?	string	Provide a value that can be used to bypass authentication with headers. Optional
authWithUserPool?	CognitoAuthenticationConfig	Instruct the service to authenticate with the cognito user pool. Optional
capacityType?	EcsWorkloadCapacityType	Type of compute capacity. Default: EcsExtensionCapacityType.EC2
connectToPeers?	Array<IConnectable>	Register the service as allowed in others' ingresses. Optional
desiredCount?	number	Desired task count. Default: 1
nginxContainerConfig?🔹	string	Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
nginxContainerImageFrom?🔹	string	Provides an image name to build the nginx container from. Default: 'nginx:1'
redirects?	Array<WebsiteHostRedirect>	Redirect listener rules. Optional

struct WebsiteServiceProps

Props for WebsiteService.

Name	Type	Description
albBasePriority	number	The base priority from which to increment rule priorities.
albListener	IApplicationListener	The load balancer listener to attach the service to.
cluster	ICluster	The ECS cluster to add the service to.
containerImage	ContainerImage	The container image.
primaryHostName	string	The primary host name that this service will serve from and redirect to.
additionalServingHosts?	Array	Additional host names to serve traffic on. Optional
allowedConnections?	Array<IConnectable>	Allow others access to the traffic port. Optional
authBypassHeaderValue?	string	Provide a value that can be used to bypass authentication with headers. Optional
authWithUserPool?	CognitoAuthenticationConfig	Instruct the service to authenticate with the cognito user pool. Optional
capacityType?	EcsWorkloadCapacityType	Type of compute capacity. Default: EcsExtensionCapacityType.EC2
connectToPeers?	Array<IConnectable>	Register the service as allowed in others' ingresses. Optional
containerPort?	number	The port that serves traffic. Default: 80
desiredCount?	number	Desired task count. Default: 1
envSecrets?	Map<string, Secret>	Specify environment variables from secrets for the main container. Optional
envVars?	Map<string, string>	Specify environment variables for the main container. Optional
nginxContainerConfig?🔹	string	Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
nginxContainerImageFrom?🔹	string	Provides an image name to build the nginx container from. Default: 'nginx:1'
redirects?	Array<WebsiteHostRedirect>	Redirect listener rules. Optional

struct WebsiteServicePropsAuthWithUserPoolProps ⚠️

Name	Type	Description
domain⚠️	string	Domain name of the Cognito user pool IdP.
userPool⚠️	IUserPool	The Cognito user pool to identify against.

struct WordpressImageOptions

Configuration options for building the WordPress container image.

Name	Type	Description
from?	string	PHP container to build the container from. Default: 'php:7-apache'
wordpressSourcePath?	string	Provide your own WordPress sources. Optional
wordpressVersion?	string	Provide a WordPress version to download. Default: 'latest'

struct WordpressServiceProps

Props for WordpressService.

Name	Type	Description
albBasePriority	number	The base priority from which to increment rule priorities.
albListener	IApplicationListener	The load balancer listener to attach the service to.
cluster	ICluster	The ECS cluster to add the service to.
databaseSecret	ISecret	Credentials for accessing the database server.
fileSystem	IFileSystem	A filesystem in which to put the user uploads.
primaryHostName	string	The primary host name that this service will serve from and redirect to.
additionalServingHosts?	Array	Additional host names to serve traffic on. Optional
allowedConnections?	Array<IConnectable>	Allow others access to the traffic port. Optional
authBypassHeaderValue?	string	Provide a value that can be used to bypass authentication with headers. Optional
authWithUserPool?	CognitoAuthenticationConfig	Instruct the service to authenticate with the cognito user pool. Optional
capacityType?	EcsWorkloadCapacityType	Type of compute capacity. Default: EcsExtensionCapacityType.EC2
connectToPeers?	Array<IConnectable>	Register the service as allowed in others' ingresses. Optional
databaseConnection?	IConnectable	When provided, an ingress rule will be added to the database's security group so that ECS can connect to the database. Optional
desiredCount?	number	Desired task count. Default: 1
envSecrets?	Map<string, Secret>	Specify environment variables from secrets for the main container. Optional
envVars?	Map<string, string>	Specify environment variables for the main container. Optional
fileSystemConnection?	IConnectable	When provided, an ingress rule will be added to the filesystem's security group so that ECS can mount the file system. Optional
fileSystemRootDirectory?	string	A location on the filesystem to mount as the data volume root. Default: '/'
nginxContainerConfig?🔹	string	Provides default.conf configuration for an nginx container that is added to the task as the default, traffic-serving container. You may use this feature to create a reverse proxy for your workload. Default: does not use a reverse proxy
nginxContainerImageFrom?🔹	string	Provides an image name to build the nginx container from. Default: 'nginx:1'
redirects?	Array<WebsiteHostRedirect>	Redirect listener rules. Optional
wordpressDatabaseName?	string	Name of the database containing the Wordpress site. Optional
wordpressImageOptions?	WordpressImageOptions	Options building the Wordpress container. Optional

struct WordpressWorkloadOptions

Props for WordpressWorkload.

Name	Type	Description
databaseSecret	ISecret	Credentials for accessing the database server.
fileSystem	IFileSystem	A filesystem in which to put the user uploads.
databaseConnection?	IConnectable	When provided, an ingress rule will be added to the database's security group so that ECS can connect to the database. Optional
envSecrets?	Map<string, Secret>	Specify environment variables from secrets for the main container. Optional
envVars?	Map<string, string>	Specify environment variables for the main container. Optional
fileSystemConnection?	IConnectable	When provided, an ingress rule will be added to the filesystem's security group so that ECS can mount the file system. Optional
fileSystemRootDirectory?	string	A location on the filesystem to mount as the data volume root. Default: '/'
wordpressDatabaseName?	string	Name of the database containing the Wordpress site. Optional
wordpressImageOptions?	WordpressImageOptions	Options building the Wordpress container. Optional

enum EcsWorkloadCapacityType

Type of capacity to use.

Name	Description
EC2
FARGATE