Merge pull request #2069 from vrk-kpa/AV-2058_add_subdomain_stack_for…

…_beta_environment AV-2058: Add subdomain stack for beta environment
vrk-kpa · Oct 5, 2023 · f0b5ca1 · f0b5ca1
2 parents 52f6660 + b3ff47d
commit f0b5ca1
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 0 deletions.
diff --git a/cdk/bin/opendata.ts b/cdk/bin/opendata.ts
@@ -18,6 +18,7 @@ import {MonitoringStack} from "../lib/monitoring-stack";
 import {LambdaStack} from "../lib/lambda-stack";
 import {DomainStack} from "../lib/domain-stack";
 import {CiTestStack} from "../lib/ci-test-stack";
+import {SubDomainStack} from "../lib/sub-domain-stack";
 
 // load .env file, shared with docker setup
 // mainly for ECR repo and image tag information
@@ -694,6 +695,11 @@ const domainStackProd = new DomainStack(app, 'DomainStack-prod', {
   crossAccountId: betaProps.account
 })
 
+const subDomainStackBeta = new SubDomainStack(app, 'SubDomainStack-beta', {
+  prodAccountId: prodProps.account,
+  subDomainName: betaProps.environment
+})
+
 const ciTestStackBeta = new CiTestStack(app, 'CiTestStack-beta', {
   env: {
     account: betaProps.account,

diff --git a/cdk/lib/sub-domain-stack-props.ts b/cdk/lib/sub-domain-stack-props.ts
@@ -0,0 +1,7 @@
+import {aws_route53, StackProps} from "aws-cdk-lib";
+import {ApplicationLoadBalancer} from "aws-cdk-lib/aws-elasticloadbalancingv2";
+
+export interface SubDomainStackProps extends StackProps {
+    prodAccountId: string;
+    subDomainName: string;
+}
diff --git a/cdk/lib/sub-domain-stack.ts b/cdk/lib/sub-domain-stack.ts
@@ -0,0 +1,33 @@
+import {aws_iam, aws_route53, aws_route53_targets, Stack} from "aws-cdk-lib";
+import {Construct} from "constructs";
+import {SubDomainStackProps} from "./sub-domain-stack-props";
+
+export class SubDomainStack extends Stack {
+    readonly subZone: aws_route53.PublicHostedZone;
+    readonly newSubZone: aws_route53.PublicHostedZone;
+    constructor(scope: Construct, id: string, props: SubDomainStackProps) {
+        super(scope, id, props);
+
+        this.subZone = new aws_route53.PublicHostedZone(this, 'SubZone', {
+            zoneName: props.subDomainName + ".avoindata.suomi.fi"
+        })
+
+        const delegationRoleArn = Stack.of(this).formatArn({
+            region: '',
+            service: 'iam',
+            account: props.prodAccountId,
+            resource: 'role',
+            resourceName: 'Route53CrossDelegateRole'
+        })
+
+        const delegationRole = aws_iam.Role.fromRoleArn(this, 'delegationRole', delegationRoleArn)
+
+        new aws_route53.CrossAccountZoneDelegationRecord(this, 'delegate', {
+            delegatedZone: this.subZone,
+            delegationRole: delegationRole,
+            parentHostedZoneName: "avoindata.suomi.fi"
+        })
+
+    }
+
+}