Skip to content

Commit

Permalink
#167 - Add support for GovCloud (US) Regions
Browse files Browse the repository at this point in the history
  • Loading branch information
@mfriesen
mfriesen committed Sep 3, 2023
1 parent 3ee9edd commit 81449f1
Show file tree
Hide file tree
Showing 18 changed files with 380 additions and 150 deletions.
2 changes: 1 addition & 1 deletion build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ def getCmdParam() {
repositories { mavenCentral() }

allprojects {
version = '1.12.0'
version = '1.12.1'
ext.awsCognitoVersion = '1.5.1'
group = 'com.formkiq.stacks'

Expand Down
16 changes: 10 additions & 6 deletions console/src/main/resources/cloudformation/template-install.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,10 @@ Parameters:
Type: String
Default: ""

Partition:
Description: The partition in which the resource is located. A partition is a group of AWS Regions
Type: String

Conditions:

HasCertificateStackName:
Expand Down Expand Up @@ -224,7 +228,7 @@ Resources:
Action:
- ssm:GetParameter
Resource:
- Fn::Sub: "arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/formkiq/*"
- Fn::Sub: "arn:${Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/formkiq/*"
- Effect: Allow
Action:
- s3:GetObject
Expand All @@ -234,11 +238,11 @@ Resources:
Resource:
- Fn::Join:
- ''
- - 'arn:aws:s3:::'
- - Fn::Sub: "arn:${Partition}:s3:::"
- Ref: ConsoleBucket
- Fn::Join:
- ''
- - 'arn:aws:s3:::'
- - Fn::Sub: "arn:${Partition}:s3:::"
- Ref: ConsoleBucket
- '/*'
- Effect: Allow
Expand All @@ -249,11 +253,11 @@ Resources:
Resource:
- Fn::Join:
- ''
- - 'arn:aws:s3:::'
- - Fn::Sub: "arn:${Partition}:s3:::"
- Ref: CognitoConfigBucket
- Fn::Join:
- ''
- - 'arn:aws:s3:::'
- - Fn::Sub: "arn:${Partition}:s3:::"
- Ref: CognitoConfigBucket
- '/*'
- Effect: Allow
Expand All @@ -262,7 +266,7 @@ Resources:
Resource:
- Fn::Join:
- ''
- - 'arn:aws:s3:::'
- - Fn::Sub: "arn:${Partition}:s3:::"
- Ref: DistributionBucket
- '/*'
- Effect: Allow
Expand Down
6 changes: 5 additions & 1 deletion console/src/main/resources/cloudformation/template-users.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,10 @@ Parameters:
Description: Cognito User Pool Client
AllowedPattern: ".+"

Partition:
Description: The partition in which the resource is located. A partition is a group of AWS Regions
Type: String

Resources:

ConsoleAdminUser:
Expand Down Expand Up @@ -203,7 +207,7 @@ Resources:
- "sts:AssumeRole"
Path: "/"
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
- Fn::Sub: "arn:${Partition}:iam::${Partition}:policy/service-role/AWSLambdaVPCAccessExecutionRole"
Policies:
-
PolicyName:
Expand Down
47 changes: 36 additions & 11 deletions console/src/main/resources/cloudformation/template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,22 @@ Conditions:
- Fn::Equals:
- Ref: CertificateStackName
- ''


IsNotGovCloud:
Fn::And:
- Fn::Not:
- Fn::Equals:
- Ref: AWS::Region
- us-east-2
- Fn::Not:
- Fn::Equals:
- Ref: AWS::Region
- us-gov-west-1
- Fn::Not:
- Fn::Equals:
- Ref: AWS::Region
- us-gov-east-1

Resources:

Console:
Expand Down Expand Up @@ -158,6 +173,7 @@ Resources:

CloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Condition: IsNotGovCloud
Properties:
DistributionConfig:
Origins:
Expand Down Expand Up @@ -228,6 +244,7 @@ Resources:

ConsoleUrlParameter:
Type: AWS::SSM::Parameter
Condition: IsNotGovCloud
Properties:
Description: "The URL for the FormKiQ Console"
Name:
Expand Down Expand Up @@ -258,13 +275,15 @@ Resources:
Fn::Sub: "${AWS::StackName}"

CloudFrontOriginAccessIdentity:
Condition: IsNotGovCloud
Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment:
Fn::Sub: "FormKiQ Console CloudFront Identity"

ConsoleBucketPolicy:
Condition: IsNotGovCloud
Type: "AWS::S3::BucketPolicy"
Properties:
Bucket:
Expand Down Expand Up @@ -303,13 +322,16 @@ Outputs:
- 'https://'
- Fn::ImportValue:
Fn::Sub: '${CertificateStackName}-ConsoleDomain'
- Fn::Join:
- ""
-
- 'https://'
- Fn::GetAtt:
- CloudFrontDistribution
- DomainName
- Fn::If:
- IsNotGovCloud
- Fn::Join:
- ""
-
- 'https://'
- Fn::GetAtt:
- CloudFrontDistribution
- DomainName
- "none"

ConsoleBucket:
Value:
Expand All @@ -329,6 +351,9 @@ Outputs:

CloudFrontDistributionDomainName:
Value:
Fn::GetAtt:
- CloudFrontDistribution
- DomainName
Fn::If:
- IsNotGovCloud
- Fn::GetAtt:
- CloudFrontDistribution
- DomainName
- ""
18 changes: 9 additions & 9 deletions docs/openapi/openapi-iam.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
- OAuth(JWT)
- AWS IAM
- API Key
version: 1.12.0
version: 1.12.1
tags:
- name: documents
description: API for the add, updating and fetching of documents
Expand Down Expand Up @@ -4540,7 +4540,7 @@
x-amazon-apigateway-integrations:
lambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4554,7 +4554,7 @@
payloadFormatVersion: "1.0"
ocrLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4568,7 +4568,7 @@
payloadFormatVersion: "1.0"
antivirusLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4582,7 +4582,7 @@
payloadFormatVersion: "1.0"
searchLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4596,7 +4596,7 @@
payloadFormatVersion: "1.0"
fulltextLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4610,7 +4610,7 @@
payloadFormatVersion: "1.0"
onlyOfficeLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4624,7 +4624,7 @@
payloadFormatVersion: "1.0"
esignatureLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4638,7 +4638,7 @@
payloadFormatVersion: "1.0"
lambdaApi201:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "201"
Expand Down
18 changes: 9 additions & 9 deletions docs/openapi/openapi-jwt.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
- OAuth(JWT)
- AWS IAM
- API Key
version: 1.12.0
version: 1.12.1
tags:
- name: documents
description: API for the add, updating and fetching of documents
Expand Down Expand Up @@ -4546,7 +4546,7 @@
x-amazon-apigateway-integrations:
lambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4560,7 +4560,7 @@
payloadFormatVersion: "1.0"
ocrLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4574,7 +4574,7 @@
payloadFormatVersion: "1.0"
antivirusLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4588,7 +4588,7 @@
payloadFormatVersion: "1.0"
searchLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4602,7 +4602,7 @@
payloadFormatVersion: "1.0"
fulltextLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4616,7 +4616,7 @@
payloadFormatVersion: "1.0"
onlyOfficeLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4630,7 +4630,7 @@
payloadFormatVersion: "1.0"
esignatureLambdaApi200:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "200"
Expand All @@ -4644,7 +4644,7 @@
payloadFormatVersion: "1.0"
lambdaApi201:
uri:
Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
Fn::Sub: arn:${Partition}:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${DocumentsApiRequests.Arn}/invocations
responses:
default:
statusCode: "201"
Expand Down
Loading

0 comments on commit 81449f1

Please sign in to comment.