1.1.14 • Published 2 months ago

@servicevic-oss/cdk-cleanup-certificate-validation-records v1.1.14

Weekly downloads
-
License
MIT
Repository
github
Last release
2 months ago

cdk-cleanup-certificate-validation-records

This CDK construct takes care of cleaning up the orphaned Route53 CNAME validation records left behind when deleting a certificate that had DNS validation enabled.

The issue is better explained here: https://github.com/aws/aws-cdk/issues/11201

Usage

With wrapper class

The simplest usage is via the wrapper class CertificateWithCleanup.

The class extends the standard Certificate construct and adds the cleanup automatically

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CertificateWithCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

export class TestStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: TestStackProps) {
    super(scope, id, props);

    zone = new cdk.aws_route53.PublicHostedZone(this, 'Zone', {
      zoneName: 'my.zone.net',
    });

    const cert1 = new CertificateWithCleanup(this, 'Cert', {
      domainName: `mydomain.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
      subjectAlternativeNames: [
        `mydomain2.${zone.zoneName}`,
        `mydomain3.${zone.zoneName}`,
      ],
    });
  };
}

Explicit instantiation

The construct can be instantiated explicitely to cleanup after a specific certificate

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CertificateValidationRecordCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

export class TestStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: TestStackProps) {
    super(scope, id, props);

    zone = new cdk.aws_route53.PublicHostedZone(this, 'Zone', {
      zoneName: 'my.zone.net',
    });

    const cert1 = new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `mydomain.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
      subjectAlternativeNames: [
        `mydomain2.${zone.zoneName}`,
        `mydomain3.${zone.zoneName}`,
      ],
    });
    const cert2 = new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `another.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
    });

    new CertificateValidationRecordCleanup(this, `cleanup-${cert1.node.id}`, {
      certificate: cert1,
      hostedZone: zone,
    });

    new CertificateValidationRecordCleanup(this, `cleanup-${cert2.node.id}`, {
      certificate: cert2,
      hostedZone: zone,
    });
  };
}

Implicit instantiation using Aspects with knowledge of the hosted zone

The construct can be instantiated automatically against any Certificate resource created within a stack through the use of Aspects

In this example, we have knowledge of the hosted zone

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CertificateValidationRecordCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

export class TestStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: TestStackProps) {
    super(scope, id, props);

    zone = new cdk.aws_route53.PublicHostedZone(this, 'Zone', {
      zoneName: 'my.zone.net',
    });

    new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `mydomain.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
      subjectAlternativeNames: [
        `mydomain2.${zone.zoneName}`,
        `mydomain3.${zone.zoneName}`,
      ],
    });
    new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `another.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
    });

    cdk.Aspects.of(this).add({
      visit: (c) => {
        if (c instanceof cdk.aws_certificatemanager.Certificate) {
          new CertificateValidationRecordCleanup(this, `cleanup-${c.node.id}`, {
            certificate: c,
            hostedZone: zone,
          });
        }
      },
    });
  };
}

Implicit instantiation using Aspects without knowledge of the hosted zone

The construct can be instantiated automatically against any Certificate resource created within a stack through the use of Aspects

In this example, we have no knowledge of the hosted zone used to validate the certificate so we use a bit of brute force to derive it from the Certificate L1 resource

import * as cdk from 'aws-cdk-lib';
import { CertificateValidationRecordCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

const app = new cdk.App();

const blackBoxStack = new BlackBoxStack(app, 'my-blackbox-stack');
  
cdk.Aspects.of(blackBoxStack).add({
  visit: (c) => {
    if (c instanceof cdk.aws_certificatemanager.Certificate) {
      const cfnRes = c.node.defaultChild as cdk.aws_certificatemanager.CfnCertificate;
      const valOpts = (cfnRes.domainValidationOptions as cdk.aws_certificatemanager.CfnCertificate.DomainValidationOptionProperty[])[0];

      new CertificateValidationRecordCleanup(c, `cleanup-${c.node.id}`, {
        certificate: c,
        hostedZone: cdk.aws_route53.HostedZone.fromHostedZoneId(c, `lookup-${c.node.id}`, valOpts.hostedZoneId!),
      });
    }
  },
});
1.0.143

4 months ago

1.0.142

4 months ago

1.0.145

4 months ago

1.0.144

4 months ago

1.0.141

4 months ago

1.0.140

4 months ago

1.0.147

4 months ago

1.0.146

4 months ago

1.0.149

4 months ago

1.0.148

4 months ago

1.0.134

4 months ago

1.0.139

4 months ago

1.0.136

4 months ago

1.0.135

4 months ago

1.0.138

4 months ago

1.0.137

4 months ago

1.1.1

3 months ago

1.1.0

3 months ago

1.0.161

3 months ago

1.0.160

3 months ago

1.1.9

2 months ago

1.1.8

3 months ago

1.1.7

3 months ago

1.1.6

3 months ago

1.1.5

3 months ago

1.1.4

3 months ago

1.1.3

3 months ago

1.1.2

3 months ago

1.1.12

2 months ago

1.1.11

2 months ago

1.1.10

2 months ago

1.1.14

2 months ago

1.1.13

2 months ago

1.0.154

4 months ago

1.0.153

4 months ago

1.0.156

3 months ago

1.0.155

3 months ago

1.0.150

4 months ago

1.0.152

4 months ago

1.0.151

4 months ago

1.0.158

3 months ago

1.0.157

3 months ago

1.0.159

3 months ago

1.0.66

1 year ago

1.0.65

1 year ago

1.0.64

1 year ago

1.0.69

1 year ago

1.0.68

1 year ago

1.0.67

1 year ago

1.0.132

10 months ago

1.0.131

11 months ago

1.0.133

10 months ago

1.0.130

11 months ago

1.0.73

1 year ago

1.0.72

1 year ago

1.0.71

1 year ago

1.0.70

1 year ago

1.0.77

1 year ago

1.0.76

1 year ago

1.0.75

1 year ago

1.0.74

1 year ago

1.0.79

1 year ago

1.0.78

1 year ago

1.0.101

1 year ago

1.0.100

1 year ago

1.0.107

12 months ago

1.0.106

12 months ago

1.0.109

12 months ago

1.0.108

12 months ago

1.0.103

12 months ago

1.0.102

1 year ago

1.0.105

12 months ago

1.0.104

12 months ago

1.0.121

11 months ago

1.0.120

11 months ago

1.0.123

11 months ago

1.0.122

11 months ago

1.0.129

11 months ago

1.0.128

11 months ago

1.0.125

11 months ago

1.0.124

11 months ago

1.0.127

11 months ago

1.0.126

11 months ago

1.0.80

1 year ago

1.0.84

1 year ago

1.0.83

1 year ago

1.0.82

1 year ago

1.0.81

1 year ago

1.0.88

1 year ago

1.0.87

1 year ago

1.0.86

1 year ago

1.0.85

1 year ago

1.0.89

1 year ago

1.0.110

12 months ago

1.0.112

12 months ago

1.0.111

12 months ago

1.0.118

11 months ago

1.0.117

11 months ago

1.0.119

11 months ago

1.0.114

12 months ago

1.0.113

12 months ago

1.0.116

11 months ago

1.0.115

11 months ago

1.0.91

1 year ago

1.0.90

1 year ago

1.0.95

1 year ago

1.0.94

1 year ago

1.0.93

1 year ago

1.0.92

1 year ago

1.0.99

1 year ago

1.0.98

1 year ago

1.0.97

1 year ago

1.0.96

1 year ago

1.0.63

1 year ago

1.0.62

1 year ago

1.0.61

1 year ago

1.0.60

1 year ago

1.0.59

1 year ago

1.0.58

1 year ago

1.0.57

1 year ago

1.0.56

1 year ago

1.0.55

1 year ago

1.0.54

1 year ago

1.0.53

1 year ago

1.0.52

1 year ago

1.0.51

1 year ago

1.0.50

1 year ago

1.0.49

1 year ago

1.0.48

1 year ago

1.0.47

1 year ago

1.0.46

1 year ago

1.0.45

1 year ago

1.0.44

1 year ago

1.0.43

1 year ago

1.0.42

1 year ago

1.0.41

1 year ago

1.0.40

1 year ago

1.0.39

1 year ago

1.0.38

1 year ago

1.0.37

1 year ago

1.0.36

1 year ago

1.0.35

1 year ago

1.0.34

1 year ago

1.0.33

1 year ago

1.0.32

1 year ago

1.0.31

1 year ago

1.0.30

1 year ago

1.0.29

1 year ago

1.0.28

1 year ago

1.0.27

1 year ago

1.0.26

1 year ago

1.0.25

1 year ago

1.0.24

1 year ago

1.0.23

1 year ago

1.0.22

1 year ago

1.0.21

1 year ago

1.0.20

1 year ago

1.0.19

1 year ago

1.0.18

1 year ago

1.0.17

1 year ago

1.0.16

1 year ago

1.0.15

1 year ago

1.0.14

1 year ago

1.0.13

1 year ago

1.0.12

1 year ago

1.0.11

1 year ago

1.0.10

1 year ago

1.0.9

1 year ago

1.0.8

1 year ago

1.0.7

1 year ago

1.0.6

1 year ago

1.0.5

1 year ago

1.0.2

1 year ago

1.0.4

1 year ago

1.0.3

1 year ago

1.0.1

1 year ago

1.0.0

1 year ago

0.0.8

1 year ago

0.0.7

1 year ago

0.0.6

1 year ago

0.0.5

1 year ago

0.0.4

1 year ago

0.0.3

1 year ago

0.0.2

1 year ago