core - AWS Solutions Constructs

core

All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

The core library includes the basic building blocks of AWS Solutions Constructs. It defines the core classes that are used in the rest of AWS Solutions Constructs.

Default Properties for AWS CDK Constructs

Core library sets the default properties for the AWS CDK Constructs used by AWS Solutions Constructs constructs.

For example, the following is the snippet of default properties for S3 Bucket construct created by AWS Solutions Constructs construct. By default, it will turn on the server-side encryption, bucket versioning, block all public access and setup the S3 access logging.

{ encryption: s3.BucketEncryption.S3_MANAGED, versioned: true, blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL, removalPolicy: RemovalPolicy.RETAIN, serverAccessLogsBucket: loggingBucket }

Override the default properties

The default properties set by the Core library can be overridden by user provided properties. For example, the user can override the Amazon S3 Block Public Access property to meet specific requirements.

const stack = new cdk.Stack(); const props: CloudFrontToS3Props = { bucketProps: { blockPublicAccess: { blockPublicAcls: false, blockPublicPolicy: true, ignorePublicAcls: false, restrictPublicBuckets: true } } }; new CloudFrontToS3(stack, 'test-cloudfront-s3', props); expect(stack).toHaveResource("AWS::S3::Bucket", { PublicAccessBlockConfiguration: { BlockPublicAcls: false, BlockPublicPolicy: true, IgnorePublicAcls: false, RestrictPublicBuckets: true }, });

Property override warnings

When a default property from the Core library is overridden by a user-provided property, Constructs will emit one or more warning messages to the console highlighting the change(s). These messages are intended to provide situational awareness to the user and prevent unintentional overrides that could create security risks. These messages will appear whenever deployment/build-related commands are executed, including cdk deploy, cdk synth, npm test, etc.

Example message: AWS_CONSTRUCTS_WARNING: An override has been provided for the property: BillingMode. Default value: 'PAY_PER_REQUEST'. You provided: 'PROVISIONED'.

Toggling override warnings

Override warning messages are enabled by default, but can be explicitly turned on/off using the overrideWarningsEnabled shell variable.

  • To explicitly turn off override warnings, run export overrideWarningsEnabled=false.

  • To explicitly turn on override warnings, run export overrideWarningsEnabled=true.

  • To revert to the default, run unset overrideWarningsEnabled.