1.1.14 • Published 4 months ago

@servicevic-oss/cdk-cleanup-certificate-validation-records v1.1.14

Weekly downloads
-
License
MIT
Repository
github
Last release
4 months ago

cdk-cleanup-certificate-validation-records

This CDK construct takes care of cleaning up the orphaned Route53 CNAME validation records left behind when deleting a certificate that had DNS validation enabled.

The issue is better explained here: https://github.com/aws/aws-cdk/issues/11201

Usage

With wrapper class

The simplest usage is via the wrapper class CertificateWithCleanup.

The class extends the standard Certificate construct and adds the cleanup automatically

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CertificateWithCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

export class TestStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: TestStackProps) {
    super(scope, id, props);

    zone = new cdk.aws_route53.PublicHostedZone(this, 'Zone', {
      zoneName: 'my.zone.net',
    });

    const cert1 = new CertificateWithCleanup(this, 'Cert', {
      domainName: `mydomain.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
      subjectAlternativeNames: [
        `mydomain2.${zone.zoneName}`,
        `mydomain3.${zone.zoneName}`,
      ],
    });
  };
}

Explicit instantiation

The construct can be instantiated explicitely to cleanup after a specific certificate

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CertificateValidationRecordCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

export class TestStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: TestStackProps) {
    super(scope, id, props);

    zone = new cdk.aws_route53.PublicHostedZone(this, 'Zone', {
      zoneName: 'my.zone.net',
    });

    const cert1 = new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `mydomain.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
      subjectAlternativeNames: [
        `mydomain2.${zone.zoneName}`,
        `mydomain3.${zone.zoneName}`,
      ],
    });
    const cert2 = new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `another.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
    });

    new CertificateValidationRecordCleanup(this, `cleanup-${cert1.node.id}`, {
      certificate: cert1,
      hostedZone: zone,
    });

    new CertificateValidationRecordCleanup(this, `cleanup-${cert2.node.id}`, {
      certificate: cert2,
      hostedZone: zone,
    });
  };
}

Implicit instantiation using Aspects with knowledge of the hosted zone

The construct can be instantiated automatically against any Certificate resource created within a stack through the use of Aspects

In this example, we have knowledge of the hosted zone

import * as cdk from 'aws-cdk-lib';
import { Construct } from 'constructs';
import { CertificateValidationRecordCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

export class TestStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props: TestStackProps) {
    super(scope, id, props);

    zone = new cdk.aws_route53.PublicHostedZone(this, 'Zone', {
      zoneName: 'my.zone.net',
    });

    new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `mydomain.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
      subjectAlternativeNames: [
        `mydomain2.${zone.zoneName}`,
        `mydomain3.${zone.zoneName}`,
      ],
    });
    new cdk.aws_certificatemanager.Certificate(this, 'Cert', {
      domainName: `another.${zone.zoneName}`,
      validation: cdk.aws_certificatemanager.CertificateValidation.fromDns(zone),
    });

    cdk.Aspects.of(this).add({
      visit: (c) => {
        if (c instanceof cdk.aws_certificatemanager.Certificate) {
          new CertificateValidationRecordCleanup(this, `cleanup-${c.node.id}`, {
            certificate: c,
            hostedZone: zone,
          });
        }
      },
    });
  };
}

Implicit instantiation using Aspects without knowledge of the hosted zone

The construct can be instantiated automatically against any Certificate resource created within a stack through the use of Aspects

In this example, we have no knowledge of the hosted zone used to validate the certificate so we use a bit of brute force to derive it from the Certificate L1 resource

import * as cdk from 'aws-cdk-lib';
import { CertificateValidationRecordCleanup } from '@servicevic-oss/cdk-cleanup-certificate-validation-records'

const app = new cdk.App();

const blackBoxStack = new BlackBoxStack(app, 'my-blackbox-stack');
  
cdk.Aspects.of(blackBoxStack).add({
  visit: (c) => {
    if (c instanceof cdk.aws_certificatemanager.Certificate) {
      const cfnRes = c.node.defaultChild as cdk.aws_certificatemanager.CfnCertificate;
      const valOpts = (cfnRes.domainValidationOptions as cdk.aws_certificatemanager.CfnCertificate.DomainValidationOptionProperty[])[0];

      new CertificateValidationRecordCleanup(c, `cleanup-${c.node.id}`, {
        certificate: c,
        hostedZone: cdk.aws_route53.HostedZone.fromHostedZoneId(c, `lookup-${c.node.id}`, valOpts.hostedZoneId!),
      });
    }
  },
});
1.0.143

6 months ago

1.0.142

6 months ago

1.0.145

6 months ago

1.0.144

6 months ago

1.0.141

6 months ago

1.0.140

6 months ago

1.0.147

6 months ago

1.0.146

6 months ago

1.0.149

6 months ago

1.0.148

6 months ago

1.0.134

6 months ago

1.0.139

6 months ago

1.0.136

6 months ago

1.0.135

6 months ago

1.0.138

6 months ago

1.0.137

6 months ago

1.1.1

5 months ago

1.1.0

5 months ago

1.0.161

5 months ago

1.0.160

5 months ago

1.1.9

4 months ago

1.1.8

4 months ago

1.1.7

4 months ago

1.1.6

4 months ago

1.1.5

4 months ago

1.1.4

5 months ago

1.1.3

5 months ago

1.1.2

5 months ago

1.1.12

4 months ago

1.1.11

4 months ago

1.1.10

4 months ago

1.1.14

4 months ago

1.1.13

4 months ago

1.0.154

5 months ago

1.0.153

5 months ago

1.0.156

5 months ago

1.0.155

5 months ago

1.0.150

6 months ago

1.0.152

5 months ago

1.0.151

5 months ago

1.0.158

5 months ago

1.0.157

5 months ago

1.0.159

5 months ago

1.0.66

1 year ago

1.0.65

1 year ago

1.0.64

1 year ago

1.0.69

1 year ago

1.0.68

1 year ago

1.0.67

1 year ago

1.0.132

1 year ago

1.0.131

1 year ago

1.0.133

1 year ago

1.0.130

1 year ago

1.0.73

1 year ago

1.0.72

1 year ago

1.0.71

1 year ago

1.0.70

1 year ago

1.0.77

1 year ago

1.0.76

1 year ago

1.0.75

1 year ago

1.0.74

1 year ago

1.0.79

1 year ago

1.0.78

1 year ago

1.0.101

1 year ago

1.0.100

1 year ago

1.0.107

1 year ago

1.0.106

1 year ago

1.0.109

1 year ago

1.0.108

1 year ago

1.0.103

1 year ago

1.0.102

1 year ago

1.0.105

1 year ago

1.0.104

1 year ago

1.0.121

1 year ago

1.0.120

1 year ago

1.0.123

1 year ago

1.0.122

1 year ago

1.0.129

1 year ago

1.0.128

1 year ago

1.0.125

1 year ago

1.0.124

1 year ago

1.0.127

1 year ago

1.0.126

1 year ago

1.0.80

1 year ago

1.0.84

1 year ago

1.0.83

1 year ago

1.0.82

1 year ago

1.0.81

1 year ago

1.0.88

1 year ago

1.0.87

1 year ago

1.0.86

1 year ago

1.0.85

1 year ago

1.0.89

1 year ago

1.0.110

1 year ago

1.0.112

1 year ago

1.0.111

1 year ago

1.0.118

1 year ago

1.0.117

1 year ago

1.0.119

1 year ago

1.0.114

1 year ago

1.0.113

1 year ago

1.0.116

1 year ago

1.0.115

1 year ago

1.0.91

1 year ago

1.0.90

1 year ago

1.0.95

1 year ago

1.0.94

1 year ago

1.0.93

1 year ago

1.0.92

1 year ago

1.0.99

1 year ago

1.0.98

1 year ago

1.0.97

1 year ago

1.0.96

1 year ago

1.0.63

1 year ago

1.0.62

1 year ago

1.0.61

1 year ago

1.0.60

1 year ago

1.0.59

1 year ago

1.0.58

1 year ago

1.0.57

1 year ago

1.0.56

1 year ago

1.0.55

1 year ago

1.0.54

1 year ago

1.0.53

1 year ago

1.0.52

1 year ago

1.0.51

1 year ago

1.0.50

1 year ago

1.0.49

1 year ago

1.0.48

1 year ago

1.0.47

1 year ago

1.0.46

1 year ago

1.0.45

1 year ago

1.0.44

1 year ago

1.0.43

1 year ago

1.0.42

1 year ago

1.0.41

1 year ago

1.0.40

1 year ago

1.0.39

1 year ago

1.0.38

1 year ago

1.0.37

1 year ago

1.0.36

1 year ago

1.0.35

1 year ago

1.0.34

1 year ago

1.0.33

1 year ago

1.0.32

1 year ago

1.0.31

1 year ago

1.0.30

1 year ago

1.0.29

1 year ago

1.0.28

1 year ago

1.0.27

1 year ago

1.0.26

1 year ago

1.0.25

1 year ago

1.0.24

1 year ago

1.0.23

1 year ago

1.0.22

1 year ago

1.0.21

1 year ago

1.0.20

1 year ago

1.0.19

1 year ago

1.0.18

1 year ago

1.0.17

1 year ago

1.0.16

1 year ago

1.0.15

1 year ago

1.0.14

1 year ago

1.0.13

1 year ago

1.0.12

1 year ago

1.0.11

2 years ago

1.0.10

2 years ago

1.0.9

2 years ago

1.0.8

2 years ago

1.0.7

2 years ago

1.0.6

2 years ago

1.0.5

2 years ago

1.0.2

2 years ago

1.0.4

2 years ago

1.0.3

2 years ago

1.0.1

2 years ago

1.0.0

2 years ago

0.0.8

2 years ago

0.0.7

2 years ago

0.0.6

2 years ago

0.0.5

2 years ago

0.0.4

2 years ago

0.0.3

2 years ago

0.0.2

2 years ago