diff --git a/cdk/bin/opendata.ts b/cdk/bin/opendata.ts index 6f590c0723..7f196074ae 100644 --- a/cdk/bin/opendata.ts +++ b/cdk/bin/opendata.ts @@ -18,6 +18,7 @@ import {MonitoringStack} from "../lib/monitoring-stack"; import {LambdaStack} from "../lib/lambda-stack"; import {DomainStack} from "../lib/domain-stack"; import {CiTestStack} from "../lib/ci-test-stack"; +import {SubDomainStack} from "../lib/sub-domain-stack"; // load .env file, shared with docker setup // mainly for ECR repo and image tag information @@ -694,6 +695,11 @@ const domainStackProd = new DomainStack(app, 'DomainStack-prod', { crossAccountId: betaProps.account }) +const subDomainStackBeta = new SubDomainStack(app, 'SubDomainStack-beta', { + prodAccountId: prodProps.account, + subDomainName: betaProps.environment +}) + const ciTestStackBeta = new CiTestStack(app, 'CiTestStack-beta', { env: { account: betaProps.account, diff --git a/cdk/lib/sub-domain-stack-props.ts b/cdk/lib/sub-domain-stack-props.ts new file mode 100644 index 0000000000..9207508216 --- /dev/null +++ b/cdk/lib/sub-domain-stack-props.ts @@ -0,0 +1,7 @@ +import {aws_route53, StackProps} from "aws-cdk-lib"; +import {ApplicationLoadBalancer} from "aws-cdk-lib/aws-elasticloadbalancingv2"; + +export interface SubDomainStackProps extends StackProps { + prodAccountId: string; + subDomainName: string; +} diff --git a/cdk/lib/sub-domain-stack.ts b/cdk/lib/sub-domain-stack.ts new file mode 100644 index 0000000000..fd90223930 --- /dev/null +++ b/cdk/lib/sub-domain-stack.ts @@ -0,0 +1,33 @@ +import {aws_iam, aws_route53, aws_route53_targets, Stack} from "aws-cdk-lib"; +import {Construct} from "constructs"; +import {SubDomainStackProps} from "./sub-domain-stack-props"; + +export class SubDomainStack extends Stack { + readonly subZone: aws_route53.PublicHostedZone; + readonly newSubZone: aws_route53.PublicHostedZone; + constructor(scope: Construct, id: string, props: SubDomainStackProps) { + super(scope, id, props); + + this.subZone = new aws_route53.PublicHostedZone(this, 'SubZone', { + zoneName: props.subDomainName + ".avoindata.suomi.fi" + }) + + const delegationRoleArn = Stack.of(this).formatArn({ + region: '', + service: 'iam', + account: props.prodAccountId, + resource: 'role', + resourceName: 'Route53CrossDelegateRole' + }) + + const delegationRole = aws_iam.Role.fromRoleArn(this, 'delegationRole', delegationRoleArn) + + new aws_route53.CrossAccountZoneDelegationRecord(this, 'delegate', { + delegatedZone: this.subZone, + delegationRole: delegationRole, + parentHostedZoneName: "avoindata.suomi.fi" + }) + + } + +}