logemann · July 20, 2020 11:38 · Jul 20, 2020 · Jul 20, 2020 · Jul 20, 2020
diff --git a/recaptcha-stack.ts b/recaptcha-stack.ts
@@ -0,0 +1,83 @@
+import * as cdk from '@aws-cdk/core';
+import * as lambda from '@aws-cdk/aws-lambda';
+import * as lambdanode from '@aws-cdk/aws-lambda-nodejs';
+import * as logs from '@aws-cdk/aws-logs';
+import * as iam from '@aws-cdk/aws-iam';
+import {EndpointType, LambdaRestApi, DomainName, SecurityPolicy} from "@aws-cdk/aws-apigateway";
+import {Certificate} from "@aws-cdk/aws-certificatemanager";
+import * as route53 from '@aws-cdk/aws-route53';
+import * as sns from '@aws-cdk/aws-sns';
+import * as targets from '@aws-cdk/aws-route53-targets';
+import {EmailSubscription} from '@aws-cdk/aws-sns-subscriptions';
+
+export class OkaycloudCdkStack extends cdk.Stack {
+  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
+    super(scope, id, props);
+
+    let myDomain : string = "mydomain.de";
+    let myEmail : string = `me@${myDomain}`;
+    let certArn : string = "arn:aws:acm:us-east-1:XXXXXXXXX:certificate/YYYYYYYYY";
+    let route53ZoneId : string = "XXXXXXXXX";
+
+    const topic = new sns.Topic(this, 'CformTopic', {
+      displayName: 'web cform topic',
+      topicName: "CformTopic"
+    });
+    topic.addSubscription(new EmailSubscription(myEmail));
+
+    let contactFormFunction = this.createContactFormFunction(topic.topicArn);
+
+    let domainName = new DomainName(this, 'custom-domain', {
+      domainName: `api.${myDomain}`,
+      certificate: Certificate.fromCertificateArn(
+          this,
+          'apiGwCert',
+          certArn
+      ),
+      endpointType: EndpointType.EDGE, // default is REGIONAL
+      securityPolicy: SecurityPolicy.TLS_1_2
+    });
+
+    let api = new LambdaRestApi(this, 'contactFormGw', {
+      handler: contactFormFunction,
+    });
+
+    domainName?.addBasePathMapping(api, {basePath: "cform"});
+    this.createARecordForApiGw(myDomain, domainName, route53ZoneId);
+  }
+
+  private createARecordForApiGw(myDomain: string, domainName: DomainName, route53ZoneId : string) {
+    let hostedZone = route53.HostedZone.fromHostedZoneAttributes(this, 'okaycloudComZone', {
+      zoneName: myDomain,
+      hostedZoneId: route53ZoneId,
+    })
+    new route53.ARecord(this, 'CustomDomainAliasRecord', {
+      zone: hostedZone,
+      recordName: "api",
+      target: route53.RecordTarget.fromAlias(new targets.ApiGatewayDomain(domainName))
+    });
+  }
+
+  private createContactFormFunction(topicArn: string) : lambda.IFunction {
+    let func = new lambdanode.NodejsFunction(this, 'MyFunctionNew', {
+      entry: 'content/lambda/contactForm.ts', // accepts .js, .jsx, .ts and .tsx files
+      handler: 'handler',
+      environment: {TOPIC_ARN: topicArn},
+      runtime: lambda.Runtime.NODEJS_12_X,
+      logRetention: logs.RetentionDays.ONE_WEEK,
+      description: "Contact Form Handler",
+      functionName: "contactForm",
+    });
+
+    func.addToRolePolicy(new iam.PolicyStatement({
+      effect: iam.Effect.ALLOW,
+      resources: ["*"],
+      actions: ["cloudwatch:*",
+        "logs:*",
+        "lambda:*",
+        "sns:*"],
+    }));
+
+    return func;
+  }
+}