Skip to content

Commit

Permalink
DomainName: Add documentation for SecurityPolicy TSL versions, add te…
Browse files Browse the repository at this point in the history
…st for absent securityPolicy
  • Loading branch information
Hoberg, Kyle committed Feb 29, 2020
1 parent e432e4d commit d6245b6
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 4 deletions.
4 changes: 3 additions & 1 deletion packages/@aws-cdk/aws-apigateway/lib/domain-name.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,12 @@ import { BasePathMapping, BasePathMappingOptions } from './base-path-mapping';
import { EndpointType, IRestApi } from './restapi';

/**
* The minimum version of the SSL protocol that you want Api Gateway to use for HTTPS connections.
* The minimum version of the SSL protocol that you want API Gateway to use for HTTPS connections.
*/
export enum SecurityPolicy {
/** Cipher suite TLS 1.0 */
TLS_1_0 = 'TLS_1_0',
/** Cipher suite TLS 1.2 */
TLS_1_2 = 'TLS_1_2'
}

Expand Down
2 changes: 0 additions & 2 deletions packages/@aws-cdk/aws-apigateway/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -174,8 +174,6 @@
"docs-public-apis:@aws-cdk/aws-apigateway.Stage",
"docs-public-apis:@aws-cdk/aws-apigateway.Stage.restApi",
"docs-public-apis:@aws-cdk/aws-apigateway.Stage.stageName",
"docs-public-apis:@aws-cdk/aws-apigateway.SecurityPolicy.TLS_1_0",
"docs-public-apis:@aws-cdk/aws-apigateway.SecurityPolicy.TLS_1_2",
"docs-public-apis:@aws-cdk/aws-apigateway.UsagePlan",
"docs-public-apis:@aws-cdk/aws-apigateway.UsagePlan.usagePlanId",
"docs-public-apis:@aws-cdk/aws-apigateway.VpcLink.addTargets",
Expand Down
14 changes: 13 additions & 1 deletion packages/@aws-cdk/aws-apigateway/test/test.domains.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
// tslint:disable:object-literal-key-quotes
import { expect, haveResource } from '@aws-cdk/assert';
import { ABSENT, expect, haveResource } from '@aws-cdk/assert';
import * as acm from '@aws-cdk/aws-certificatemanager';
import { Stack } from '@aws-cdk/core';
import { Test } from 'nodeunit';
Expand Down Expand Up @@ -83,6 +83,11 @@ export = {
securityPolicy: apigw.SecurityPolicy.TLS_1_2
});

new apigw.DomainName(stack, 'default-domain', {
domainName: 'default.example.com',
certificate: cert
});

// THEN
expect(stack).to(haveResource('AWS::ApiGateway::DomainName', {
"DomainName": "old.example.com",
Expand All @@ -97,6 +102,13 @@ export = {
"RegionalCertificateArn": { "Ref": "Cert5C9FAEC1" },
"SecurityPolicy": "TLS_1_2"
}));

expect(stack).to(haveResource('AWS::ApiGateway::DomainName', {
"DomainName": "default.example.com",
"EndpointConfiguration": { "Types": [ "REGIONAL" ] },
"RegionalCertificateArn": { "Ref": "Cert5C9FAEC1" },
"SecurityPolicy": ABSENT
}));
test.done();
},

Expand Down

0 comments on commit d6245b6

Please sign in to comment.