Esempi in Python per Peer.any_ipv6

Esempio n. 1

File: listener_https.py Progetto: frosch123/aws-infra

    def __init__(self, scope: Construct, id: str, *,
                 alb: IApplicationLoadBalancer, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        global g_listener_https

        Tags.of(self).add("Stack", "Common-Listener-Https")

        self._used_priorities = []
        self._subdomains_cert = {}

        self._alb = alb
        self._listener = ApplicationListener(
            self,
            "Listener-Https",
            load_balancer=alb,
            port=443,
            protocol=ApplicationProtocol.HTTPS,
        )
        # By default, only IPv4 is added to allowed connections
        self._listener.connections.allow_default_port_from(
            other=Peer.any_ipv6(),
            description="Allow from anyone on port 443",
        )
        # Make sure there is always a backend picking up, even if we don't know the host
        self._listener.add_fixed_response(
            "default",
            status_code="404",
            message_body="Page not found",
        )

        # Add a redirect; in case people go to HTTP, redirect them to HTTPS.
        self._http_listener = ApplicationListener(
            self,
            "Listener-Http",
            load_balancer=alb,
            port=80,
            protocol=ApplicationProtocol.HTTP,
        )
        self._http_listener.connections.allow_default_port_from(
            other=Peer.any_ipv6(),
            description="Allow from anyone on port 80",
        )
        self._http_listener.add_redirect_response(
            "Http-To-Https",
            status_code="HTTP_301",
            port="443",
            protocol="HTTPS",
        )

        if g_listener_https is not None:
            raise Exception(
                "Only a single ListenerHTTPSStack instance can exist")
        g_listener_https = self

Esempio n. 2

File: nlb_self.py Progetto: frosch123/aws-infra

    def add_nlb(self, scope: Construct, service: IEc2Service, port: Port,
                subdomain_name: str, description: str) -> None:
        port_dict = port.to_rule_json()
        Tags.of(service).add("NLB-protocol", port_dict["ipProtocol"])
        Tags.of(service).add("NLB-port", str(port_dict["fromPort"]))

        self.create_alias(scope, subdomain_name)

        self.security_group.add_ingress_rule(
            peer=Peer.any_ipv6(),
            connection=port,
            description=f"{description} (IPv6)")
        self.security_group.add_ingress_rule(
            peer=Peer.any_ipv4(),
            connection=port,
            description=f"{description} (IPv4)")

Esempio n. 3

 def get_web_security_group(self, vpc):
     security_group = SecurityGroup(
         self._stack,
         'obm_web',
         vpc=vpc,
         allow_all_outbound=True,
     )
     for port_number in [SSH_PORT, HTTP_PORT, HTTPS_PORT]:
         port = Port(from_port=port_number,
                     to_port=port_number,
                     protocol=Protocol.TCP,
                     string_representation=f"Port {port_number}")
         security_group.add_ingress_rule(peer=Peer.any_ipv4(),
                                         connection=port)
         security_group.add_ingress_rule(peer=Peer.any_ipv6(),
                                         connection=port)
     self._tag_it(security_group)
     return security_group