feat(Implement aws-route53-alb): Implement new construct

.viperlightignore

@@ -140,4 +140,8 @@ source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.depl
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.existingEventBus.expected.json:108
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/integ.existingFunction.expected.json:122
 source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:28
-source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:339
+source/patterns/@aws-solutions-constructs/aws-lambda-eventbridge/test/aws-lambda-eventbridge.test.ts:339
+# These are references to the us-east-1 ELBV2 account (publicly known)
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApi.expected.json:193
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPrivateApiExistingZone.expected.json:844
+source/patterns/@aws-solutions-constructs/aws-route53-alb/test/integ.deployPublicApiNewAlb.expected.json:188

source/patterns/@aws-solutions-constructs/aws-route53-alb/.eslintignore

@@ -0,0 +1,4 @@
+lib/*.js
+test/*.js
+*.d.ts
+coverage

source/patterns/@aws-solutions-constructs/aws-route53-alb/.gitignore

@@ -0,0 +1,15 @@
+lib/*.js
+test/*.js
+*.js.map
+*.d.ts
+node_modules
+*.generated.ts
+dist
+.jsii
+
+.LAST_BUILD
+.nyc_output
+coverage
+.nycrc
+.LAST_PACKAGE
+*.snk

source/patterns/@aws-solutions-constructs/aws-route53-alb/.npmignore

@@ -0,0 +1,21 @@
+# Exclude typescript source and config
+*.ts
+tsconfig.json
+coverage
+.nyc_output
+*.tgz
+*.snk
+*.tsbuildinfo
+
+# Include javascript files and typescript declarations
+!*.js
+!*.d.ts
+
+# Exclude jsii outdir
+dist
+
+# Include .jsii
+!.jsii
+
+# Include .jsii
+!.jsii

source/patterns/@aws-solutions-constructs/aws-route53-alb/README.md

@@ -0,0 +1,95 @@
+# aws-route53-alb module
+<!--BEGIN STABILITY BANNER-->
+
+---
+
+![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge)
+
+> All classes are under active development and subject to non-backward compatible changes or removal in any
+> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model.
+> This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.
+
+---
+<!--END STABILITY BANNER-->
+
+| **Reference Documentation**:| <span style="font-weight: normal">https://docs.aws.amazon.com/solutions/latest/constructs/</span>|
+|:-------------|:-------------|
+<div style="height:8px"></div>
+
+| **Language**     | **Package**        |
+|:-------------|-----------------|
+|![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python|`aws_solutions_constructs.aws_route53_alb`|
+|![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript|`@aws-solutions-constructs/aws-route53-alb`|
+|![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.route53alb`|
+
+This AWS Solutions Construct implements an Amazon Route53 Hosted Zone routing to an Application Load Balancer
+
+Here is a minimal deployable pattern definition in Typescript:
+
+``` typescript
+import { Route53ToAlb } from '@aws-solutions-constructs/aws-route53-alb';
+
+new Route53ToAlb(this, 'Route53ToAlbPattern', {
+  privateHostedZoneProps: {
+    zoneName: 'www.example.com',
+  }
+  publicApi: false,
+});
+
+```
+
+## Initializer
+
+``` text
+new Route53ToAlb(scope: Construct, id: string, props: Route53ToAlbProps);
+```
+
+_Parameters_
+
+* scope [`Construct`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_core.Construct.html)
+* id `string`
+* props [`Route53ToAlbProps`](#pattern-construct-props)
+
+## Pattern Construct Props
+
+This construct cannot create a new Public Hosted Zone, if you are creating a public API you must supply an existing Public Hosted Zone that will be reconfigured with a new Alias record. Public Hosted Zones are configured with public domain names and are not well suited to be launched and torn down dynamically, so this construct will only reconfigure existing Public Hosted Zones.
+
+This construct can create Private Hosted Zones. If you want a Private Hosted Zone, then you can either provide an existing Private Hosted Zone or a privateHostedZoneProps value with at least the Domain Name defined.
+
+| **Name**     | **Type**        | **Description** |
+|:-------------|:----------------|-----------------|
+| privateHostedZoneProps? | [route53.PrivateHostedZoneProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.PrivateHostedZoneProps.html) | Optional custom properties for a new Private Hosted Zone. Cannot be specified for a public API. Cannot specify a VPC, it will use the VPC in existingVpc or the VPC created by the construct. Providing both this and existingHostedZoneInterfaceis an error. |
+| existingHostedZoneInterface? | [route53.IHostedZone](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.IHostedZone.html) | Existing Public or Private Hosted Zone (type must match publicApi setting). Specifying both this and privateHostedZoneProps is an error. If this is a Private Hosted Zone, the associated VPC must be provided as the existingVpc property |
+| loadBalancerProps? | [elasticloadbalancingv2.ApplicationLoadBalancerProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancerProps.html) | Optional custom properties for a new loadBalancer. Providing both this and existingLoadBalancer is an error. This cannot specify a VPC, it will use the VPC in existingVpc or the VPC created by the construct. |
+| existingLoadBalancerObj? | [elasticloadbalancingv2.ApplicationLoadBalancer](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancer.html) | Existing Application Load Balancer to incorporate into the construct architecture. Providing both this and loadBalancerProps is an error. The VPC containing this loadBalancer must match the VPC provided in existingVpc. |
+| vpcProps? | [ec2.VpcProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.VpcProps.html) | Optional custom properties for a VPC the construct will create. This VPC will be used by the new ALB and any Private Hosted Zone the construct creates (that's why loadBalancerProps and privateHostedZoneProps can't include a VPC). Providing both this and existingVpc is an error. |
+| existingVpc? | [ec2.IVpc](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html) | An existing VPC in which to deploy the construct. Providing both this and vpcProps is an error. If the client provides an existing load balancer and/or existing Private Hosted Zone, those constructs must exist in this VPC. |
+| logAccessLogs? | boolean| Whether to turn on Access Logs for the Application Load Balancer. Uses an S3 bucket with associated storage costs.Enabling Access Logging is a best practice. default - true |
+| loggingBucketProps? | [s3.BucketProps](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.BucketProps.html) | Optional properties to customize the bucket used to store the ALB Access Logs. Supplying this and setting logAccessLogs to false is an error. @default - none |
+
+| publicApi | boolean | Whether the construct is deploying a private or public API. This has implications for the Hosted Zone, VPC and ALB. |
+
+
+## Pattern Properties
+
+| **Name**     | **Type**        | **Description** |
+|:-------------|:----------------|-----------------|
+| hostedZone | [route53.IHostedZone](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-route53.IHostedZone.html) | The hosted zone used by the construct (whether created by the construct or providedb by the client) |
+| vpc | [ec2.IVpc](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html) | The VPC used by the construct (whether created by the construct or providedb by the client) |
+| loadBalancer | [elasticloadbalancingv2.ApplicationLoadBalancer](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-elasticloadbalancingv2.ApplicationLoadBalancer.html) | The Load Balancer used by the construct (whether created by the construct or providedb by the client) |
+
+## Default settings
+
+Out of the box implementation of the Construct without any override will set the following defaults:
+
+### Amazon Route53
+* Adds an ALIAS record to the new or provided Hosted Zone that routes to the construct's ALB
+
+### Application Load Balancer
+* Creates an Application Load Balancer with no Listener or target. The consruct can incorporate an existing, fully configured ALB if provided.
+
+## Architecture
+![Architecture Diagram](architecture.png)
+
+***
+&copy; Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.

source/patterns/@aws-solutions-constructs/aws-route53-alb/lib/index.ts

@@ -0,0 +1,175 @@
+/**
+ *  Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import * as defaults from "@aws-solutions-constructs/core";
+import * as elb from "@aws-cdk/aws-elasticloadbalancingv2";
+import * as s3 from "@aws-cdk/aws-s3";
+import * as r53 from "@aws-cdk/aws-route53";
+import * as r53t from '@aws-cdk/aws-route53-targets';
+// Note: To ensure CDKv2 compatibility, keep the import statement for Construct separate
+import { Construct } from '@aws-cdk/core';
+import * as ec2 from '@aws-cdk/aws-ec2';
+
+export interface Route53ToAlbProps {
+  /**
+   * Custom properties for a new Private Hosted Zone. Cannot be specified for a
+   * public API. Cannot specify a VPC
+   *
+   * @default - None
+   */
+  readonly privateHostedZoneProps?: r53.PrivateHostedZoneProps | any,
+  /**
+   * Existing Public or Private Hosted Zone. If a Private Hosted Zone, must
+   * exist in the same VPC specified in existingVpc
+   *
+   * @default - None
+   */
+  readonly existingHostedZoneInterface?: r53.IHostedZone,
+  /**
+   * Custom properties for a new ALB. Providing both this and existingLoadBalancerObj
+   * is an error. These properties cannot include a VPC.
+   *
+   * @default - None
+   */
+  readonly loadBalancerProps?: elb.ApplicationLoadBalancerProps | any,
+  /**
+   * An existing Application Load Balancer. Providing both this and loadBalancerProps
+   * is an error. This ALB must exist in the same VPC specified in existingVPC
+   *
+   * @default - None
+   */
+  readonly existingLoadBalancerObj?: elb.ApplicationLoadBalancer,
+  /**
+   * Whether to turn on Access Logs for the Application Load Balancer. Uses an S3 bucket
+   * with associated storage costs. Enabling Access Logging is a best practice.
+   *
+   * @default - true
+   */
+  readonly logAccessLogs?: boolean,
+  /**
+   * Optional properties to customize the bucket used to store the ALB Access
+   * Logs. Supplying this and setting logAccessLogs to false is an error.
+   *
+   * @default - none
+   */
+  readonly loggingBucketProps?: s3.BucketProps,
+  /**
+   * Custom properties for a new VPC. Providing both this and existingVpc is
+   * an error. If an existingAlb or existing Private Hosted Zone is provided, those
+   * already exist in a VPC so this value cannot be provided.
+   *
+   * @default - None
+   */
+  readonly vpcProps?: ec2.VpcProps,
+  /**
+   * An existing VPC. Providing both this and vpcProps is an error. If an existingAlb or existing
+   * Private Hosted Zone is provided, this value must be the VPC associated with those resources.
+   *
+   * @default - None
+   */
+  readonly existingVpc?: ec2.IVpc,
+  /**
+   * Whether to create a public or private API. This value has implications
+   * for the VPC, the type of Hosted Zone and the Application Load Balancer
+   *
+   * @default - None
+   */
+  readonly publicApi: boolean
+}
+
+/**
+ * @summary Configures a Route53 Hosted Zone to route to an Application Load Balancer
+ */
+export class Route53ToAlb extends Construct {
+  public readonly hostedZone: r53.IHostedZone;
+  public readonly vpc: ec2.IVpc;
+  public readonly loadBalancer: elb.ApplicationLoadBalancer;
+
+  /**
+   * @summary Constructs a new instance of the Route53ToAlb class.
+   * @param {cdk.App} scope - represents the scope for all the resources.
+   * @param {string} id - this is a a scope-unique id.
+   * @param {Route53ToAlbProps} props - user provided props for the construct.
+   * @access public
+   */
+  constructor(scope: Construct, id: string, props: Route53ToAlbProps) {
+    super(scope, id);
+    defaults.CheckProps(props);
+
+    if ((props?.logAccessLogs === false) && (props.loggingBucketProps)) {
+      throw new Error('If logAccessLogs is false, supplying loggingBucketProps is invalid.');
+    }
+
+    if (props?.loadBalancerProps?.vpc) {
+      throw new Error('Specify any existing VPC at the construct level, not within loadBalancerProps.');
+    }
+
+    if (props.existingLoadBalancerObj && !props.existingVpc) {
+      throw new Error('An existing ALB already exists in a VPC, so that VPC must be passed to the construct in props.existingVpc');
+    }
+
+    if (props.existingHostedZoneInterface && !props.publicApi && !props.existingVpc) {
+      throw new Error('An existing Private Hosted Zone already exists in a VPC, so that VPC must be passed to the construct in props.existingVpc');
+    }
+
+    if (props.existingVpc) {
+      this.vpc = props.existingVpc;
+    } else {
+      this.vpc = defaults.buildVpc(scope, {
+        defaultVpcProps: props.publicApi ?
+          defaults.DefaultPublicPrivateVpcProps() :
+          // If this is an internal app, we're going to turn on DNS
+          // by default to allow gateway and interface service endpoints
+          defaults.overrideProps(defaults.DefaultIsolatedVpcProps(), { enableDnsHostnames: true, enableDnsSupport: true, }),
+        userVpcProps: props.vpcProps,
+      });
+    }
+
+    if (props.existingHostedZoneInterface) {
+      this.hostedZone = props.existingHostedZoneInterface;
+    } else {
+      if (props.publicApi) {
+        throw new Error('Public APIs require an existingHostedZone be passed in the Props object.');
+      } else {
+        if (!props.privateHostedZoneProps) {
+          throw new Error('Must supply privateHostedZoneProps to create a private API');
+        }
+        if (props.privateHostedZoneProps.vpc) {
+          throw new Error('All VPC specs must be provided at the Construct level in Route53ToAlbProps');
+        }
+        const manufacturedProps: r53.PrivateHostedZoneProps = defaults.overrideProps(props.privateHostedZoneProps, { vpc: this.vpc });
+        this.hostedZone = new r53.PrivateHostedZone(this, `${id}-zone`, manufacturedProps);
+      }
+    }
+
+    this.loadBalancer = defaults.ObtainAlb(
+      this,
+      id,
+      this.vpc,
+      props.publicApi,
+      props.existingLoadBalancerObj,
+      props.loadBalancerProps,
+      props.logAccessLogs,
+      props.loggingBucketProps
+    );
+
+    // Add the ALB to the HostedZone as a target
+    const hostedZoneTarget = new r53t.LoadBalancerTarget(this.loadBalancer);
+
+    new r53.ARecord(this, `${id}-alias`, {
+      target: { aliasTarget: hostedZoneTarget },
+      zone: this.hostedZone
+    });
+  }
+}