Summary

Creates the ability to generate a private static site using Auth@Edge as described here: https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-how-to-use-lambdaedge-and-json-web-tokens-to-enhance-web-application-security/

Why This Is Needed

This has been a frequent request of our development teams to be able to create a single page application behind an authentication interface.

What Changed

Added

• Auth@Edge Blueprint which inherits from the standard StaticSite Blueprint
• Template files for the Lambda@Edge functions that will be generated by Runway
• Custom CFNgin prehook to update the domain name of the Cognito authentication interface
• Custom CFNgin prehook to generate a dynamic code package for each of the Lambda@Edge functions. This is necessary since Lambda@Edge does not allow environment variables at this time.
• Custom CFNGin posthook to update the callback urls for the Cognito User Pool Client.
• Documentation outlining the new features and their capabilities.

Changed

• Converted the StaticSite Blueprint from using CFN Conditional logic to using pure Python conditional logic. This gives us finer-grained control over how we create our CFN templates while losing the template output consistency. This isn't a problem in and of itself but does require dependency of Runway to generate the templates.

Screenshots