StaticgetReturn the LZ-managed CloudFront access logs bucket. CloudFront access logs are replicated to the centralized log archive account.
IBucket instance of the common CloudFront access logs bucket
StaticgetReturn the LZ-managed public ACM certificate that is used for the public hosted zone. The certificate covers the domain name of the public hosted zone and any direct subdomains.
ICertificate instance of the common public ACM certificate
StaticgetReturn the LZ-managed public hosted zone
IHostedZone instance of the common public hosted zone
StaticgetImport the EIC Endpoint SecurityGroup managed by LandingZone
EICE security group as immutable SG (not possible to modify in CDK)
StaticgetReturn the LZ-managed ELB access logs bucket. ELB access logs are replicated to the centralized log archive account.
IBucket instance of the common ELB access logs bucket
StaticgetGet an OpenIdConnectPrincipal that allows assuming an IAM role from GitHub Actions
that are run by the given repositories. Can be used as an input IAM Role assumedBy
parameter
Construct
List of GitHub repositories that are allowed to assume the role. Must include the organization name, for example: FinnairOyj/my-repo
OpenIdConnectPrincipal that can be assumed from GitHub Actions
StaticgetImport the GitHub Actions OIDC provider that is provisioned to all accounts and managed by LandingZone
IOidcProvider
StaticgetReturn a custom named public hosted zone managed by LZ
Domain name of the custom hosted zone
IHostedZone instance of the custom public hosted zone
StaticgetReturns all private subnets in the LZ VPC
Number of AvailabilityZones configured for the VPC. Default to two zones
SubnetSelection with all private subnets
StaticgetReturns all public subnets in the LZ VPC
Number of AvailabilityZones configured for the VPC. Default to two zones
SubnetSelection with all public subnets
StaticgetReturns all restricted subnets in the LZ VPC
Number of AvailabilityZones configured for the VPC. Default to two zones
SubnetSelection with all restricted subnets
StaticgetReturn the LZ-managed S3 access logs bucket. S3 access logs are replicated to the centralized log archive account.
IBucket instance of the common S3 access logs bucket
StaticgetReturn a specific LZ-managed subned with the resource logical name
ISubnet instance of the subnet
StaticgetReturn the LZ VPC instance
The LZ VPC instance
CDK interface class for common LZ resources. Provides static getter methods to the resources created by the LandingZone and exported via CloudFormation stack outputs. Can be used within any CDK construct.