do not create cloudfront log bucket if disabled

also refactor cloudfront-distribution-defaults

Signed-off-by: Naseem <naseem@toric.com>

source/patterns/@aws-solutions-constructs/aws-cloudfront-apigateway/test/integ.no-arguments.expected.json

@@ -868,4 +868,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-mediastore/lib/index.ts

@@ -51,7 +51,7 @@ export interface CloudFrontToMediaStoreProps {
 export class CloudFrontToMediaStore extends Construct {
   public readonly cloudFrontWebDistribution: cloudfront.Distribution;
   public readonly mediaStoreContainer: mediastore.CfnContainer;
-  public readonly cloudFrontLoggingBucket: s3.Bucket;
+  public readonly cloudFrontLoggingBucket?: s3.Bucket;
   public readonly cloudFrontOriginRequestPolicy: cloudfront.OriginRequestPolicy;
   public readonly cloudFrontOriginAccessIdentity?: cloudfront.OriginAccessIdentity;
   public readonly cloudFrontFunction?: cloudfront.Function;

source/patterns/@aws-solutions-constructs/aws-cloudfront-mediastore/test/integ.default.expected.json

@@ -320,4 +320,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-mediastore/test/integ.existingContainer.expected.json

@@ -237,4 +237,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-mediastore/test/integ.overrideProperties.expected.json

@@ -279,4 +279,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-mediastore/test/integ.withoutHttpSecurityHeaders.expected.json

@@ -297,4 +297,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.custom-security-headers.expected.json

@@ -419,4 +419,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.existing-bucket.expected.json

@@ -352,4 +352,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/integ.no-arguments.expected.json

@@ -387,4 +387,4 @@
       }
     }
   }
-}
+}

source/patterns/@aws-solutions-constructs/aws-cloudfront-s3/test/test.cloudfront-s3.test.ts

@@ -12,18 +12,19 @@
  */
 
 import { ResourcePart, SynthUtils } from '@aws-cdk/assert';
-import { CloudFrontToS3, CloudFrontToS3Props } from "../lib";
-import * as cdk from "@aws-cdk/core";
-import * as s3 from '@aws-cdk/aws-s3';
 import '@aws-cdk/assert/jest';
 import * as acm from '@aws-cdk/aws-certificatemanager';
+import * as s3 from '@aws-cdk/aws-s3';
+import * as cdk from "@aws-cdk/core";
 import { RemovalPolicy } from '@aws-cdk/core';
+import { CloudFrontToS3, CloudFrontToS3Props } from "../lib";
 
-function deploy(stack: cdk.Stack) {
+function deploy(stack: cdk.Stack, props?: CloudFrontToS3Props) {
   return new CloudFrontToS3(stack, 'test-cloudfront-s3', {
     bucketProps: {
       removalPolicy: cdk.RemovalPolicy.DESTROY,
-    }
+    },
+    ...props
   });
 }
 
@@ -284,4 +285,13 @@ test("Test existingBucketInterface", () => {
       ]
     }
   });
-});
+});
+
+
+test('test cloudfront disable cloudfront logging', () => {
+  const stack = new cdk.Stack();
+
+  const construct = deploy(stack, {cloudFrontDistributionProps: {enableLogging: false}} );
+
+  expect(construct.cloudFrontLoggingBucket === undefined);
+});

source/patterns/@aws-solutions-constructs/core/lib/cloudfront-distribution-defaults.ts

@@ -11,88 +11,53 @@
  *  and limitations under the License.
  */
 
+import * as api from '@aws-cdk/aws-apigateway';
 import * as cloudfront from '@aws-cdk/aws-cloudfront';
+import { FunctionEventType } from '@aws-cdk/aws-cloudfront';
 import * as origins from '@aws-cdk/aws-cloudfront-origins';
-import * as s3 from '@aws-cdk/aws-s3';
-import * as api from '@aws-cdk/aws-apigateway';
 import * as mediastore from '@aws-cdk/aws-mediastore';
+import * as s3 from '@aws-cdk/aws-s3';
 import * as cdk from '@aws-cdk/core';
-import { FunctionEventType } from '@aws-cdk/aws-cloudfront';
 
 export function DefaultCloudFrontWebDistributionForApiGatewayProps(apiEndPoint: api.RestApi,
-  loggingBucket: s3.Bucket,
+  loggingBucket: s3.Bucket | undefined,
   setHttpSecurityHeaders: boolean,
   cfFunction?: cloudfront.IFunction): cloudfront.DistributionProps {
 
   const apiEndPointUrlWithoutProtocol = cdk.Fn.select(1, cdk.Fn.split("://", apiEndPoint.url));
   const apiEndPointDomainName = cdk.Fn.select(0, cdk.Fn.split("/", apiEndPointUrlWithoutProtocol));
 
-  if (setHttpSecurityHeaders) {
-    return {
-      defaultBehavior: {
-        origin: new origins.HttpOrigin(apiEndPointDomainName, {
-          originPath: `/${apiEndPoint.deploymentStage.stageName}`
-        }),
-        functionAssociations: [
-          {
-            eventType: FunctionEventType.VIEWER_RESPONSE,
-            function: cfFunction
-          }
-        ],
-        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS
-      },
-      enableLogging: true,
-      logBucket: loggingBucket,
-    } as cloudfront.DistributionProps;
-  } else {
-    return {
-      defaultBehavior: {
-        origin: new origins.HttpOrigin(apiEndPointDomainName, {
-          originPath: `/${apiEndPoint.deploymentStage.stageName}`
-        }),
-        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS
-      },
-      enableLogging: true,
-      logBucket: loggingBucket,
-    } as cloudfront.DistributionProps;
-  }
+  return {
+    defaultBehavior: {
+      origin: new origins.HttpOrigin(apiEndPointDomainName, {
+        originPath: `/${apiEndPoint.deploymentStage.stageName}`
+      }),
+      ...getFunctionAssociationsProp(setHttpSecurityHeaders, cfFunction),
+      viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS
+    },
+    enableLogging: true,
+    logBucket: loggingBucket,
+  };
 }
 
-export function DefaultCloudFrontWebDistributionForS3Props(sourceBucket: s3.IBucket, loggingBucket: s3.Bucket,
+export function DefaultCloudFrontWebDistributionForS3Props(sourceBucket: s3.IBucket, loggingBucket: s3.Bucket | undefined,
   setHttpSecurityHeaders: boolean,
   cfFunction?: cloudfront.IFunction): cloudfront.DistributionProps {
 
-  if (setHttpSecurityHeaders) {
-    return {
-      defaultBehavior: {
-        origin: new origins.S3Origin(sourceBucket),
-        functionAssociations: [
-          {
-            eventType: FunctionEventType.VIEWER_RESPONSE,
-            function: cfFunction
-          }
-        ],
-        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS
-      },
-      enableLogging: true,
-      logBucket: loggingBucket,
-      defaultRootObject: 'index.html'
-    } as cloudfront.DistributionProps;
-  } else {
-    return {
-      defaultBehavior: {
-        origin: new origins.S3Origin(sourceBucket),
-        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS
-      },
-      enableLogging: true,
-      logBucket: loggingBucket,
-      defaultRootObject: 'index.html'
-    } as cloudfront.DistributionProps;
-  }
+  return {
+    defaultBehavior: {
+      origin: new origins.S3Origin(sourceBucket),
+      viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
+      ...getFunctionAssociationsProp(setHttpSecurityHeaders, cfFunction)
+    },
+    enableLogging: true,
+    logBucket: loggingBucket,
+    defaultRootObject: 'index.html'
+  };
 }
 
 export function DefaultCloudFrontDisributionForMediaStoreProps(mediastoreContainer: mediastore.CfnContainer,
-  loggingBucket: s3.Bucket,
+  loggingBucket: s3.Bucket | undefined,
   originRequestPolicy: cloudfront.OriginRequestPolicy,
   setHttpSecurityHeaders: boolean,
   customHeaders?: Record<string, string>,
@@ -105,35 +70,27 @@ export function DefaultCloudFrontDisributionForMediaStoreProps(mediastoreContain
     new origins.HttpOrigin(mediaStoreContainerDomainName, { customHeaders }) :
     new origins.HttpOrigin(mediaStoreContainerDomainName);
 
-  if (setHttpSecurityHeaders) {
-    return {
-      defaultBehavior: {
-        origin: httpOrigin,
-        functionAssociations: [
-          {
-            eventType: FunctionEventType.VIEWER_RESPONSE,
-            function: cfFunction
-          }
-        ],
-        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
-        allowedMethods: cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
-        cachedMethods: cloudfront.CachedMethods.CACHE_GET_HEAD_OPTIONS,
-        originRequestPolicy
-      },
-      enableLogging: true,
-      logBucket: loggingBucket
-    } as cloudfront.DistributionProps;
-  } else {
-    return {
-      defaultBehavior: {
-        origin: httpOrigin,
-        viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
-        allowedMethods: cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
-        cachedMethods: cloudfront.CachedMethods.CACHE_GET_HEAD_OPTIONS,
-        originRequestPolicy
-      },
-      enableLogging: true,
-      logBucket: loggingBucket
-    } as cloudfront.DistributionProps;
-  }
-}
+  return {
+    defaultBehavior: {
+      origin: httpOrigin,
+      viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
+      allowedMethods: cloudfront.AllowedMethods.ALLOW_GET_HEAD_OPTIONS,
+      cachedMethods: cloudfront.CachedMethods.CACHE_GET_HEAD_OPTIONS,
+      originRequestPolicy,
+      ...getFunctionAssociationsProp(setHttpSecurityHeaders, cfFunction)
+    },
+    enableLogging: true,
+    logBucket: loggingBucket
+  };
+}
+
+function getFunctionAssociationsProp(setHttpSecurityHeaders: boolean, cfFunction: cloudfront.IFunction | undefined) {
+  return (setHttpSecurityHeaders && cfFunction) ? {
+    functionAssociations: [
+      {
+        eventType: FunctionEventType.VIEWER_RESPONSE,
+        function: cfFunction
+      }
+    ]
+  } : {};
+}