eoapi-cdk

API Reference

Constructs

BastionHost

The database is located in an isolated subnet, meaning that it is not accessible from the public internet.

As such, to interact with the database directly, a user must tunnel through a bastion host.

Configuring

This codebase controls who is allowed to connect to the bastion host. This requires two steps:

  1. Adding the IP address from which you are connecting to the ipv4Allowlist array
  2. Creating a bastion host system user by adding the user’s configuration inform to userdata.yaml

Adding an IP address to the ipv4Allowlist array

The BastionHost construct takes in an ipv4Allowlist array as an argument. Find your IP address (eg curl api.ipify.org) and add that to the array along with the trailing CIDR block (likely /32 to indicate that you are adding a single IP address).

Creating a user via userdata.yaml

Add an entry to the users array with a username (likely matching your local systems username, which you can get by running the whoami command in your terminal) and a public key (likely your default public key, which you can get by running cat ~/.ssh/id_*.pub in your terminal).

Tips & Tricks when using the Bastion Host

Connecting to RDS Instance via SSM

aws ssm start-session --target $INSTANCE_ID \
--document-name AWS-StartPortForwardingSessionToRemoteHost \
--parameters '{
"host": [
"example-db.c5abcdefghij.us-west-2.rds.amazonaws.com"
],
"portNumber": [
"5432"
],
"localPortNumber": [
"9999"
]
}' \
--profile $AWS_PROFILE

psql -h localhost -p 9999 # continue adding username (-U) and db (-d) here...

Connect directly to Bastion Host:

aws ssm start-session --target $INSTANCE_ID --profile $AWS_PROFILE

Setting up an SSH tunnel

In your ~/.ssh/config file, add an entry like:

Host db-tunnel
Hostname {the-bastion-host-address}
LocalForward 9999 {the-db-hostname}:5432

Then a tunnel can be opened via:

ssh -N db-tunnel

And a connection to the DB can be made via:

psql -h 127.0.0.1 -p 9999 -U {username} -d {database}

Handling REMOTE HOST IDENTIFICATION HAS CHANGED! error

If you’ve redeployed a bastion host that you’ve previously connected to, you may see an error like:


#### Initializers <a name="Initializers" id="eoapi-cdk.BastionHost.Initializer"></a>

```typescript
import { BastionHost } from 'eoapi-cdk'

new BastionHost(scope: Construct, id: string, props: BastionHostProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props BastionHostProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { BastionHost } from 'eoapi-cdk'

BastionHost.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
instance aws-cdk-lib.aws_ec2.Instance No description.
nodeRequired 
public readonly node: Node;

The tree node.

instanceRequired 
public readonly instance: Instance;

PgStacApiLambda

Initializers 

import { PgStacApiLambda } from 'eoapi-cdk'

new PgStacApiLambda(scope: Construct, id: string, props: PgStacApiLambdaProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props PgStacApiLambdaProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { PgStacApiLambda } from 'eoapi-cdk'

PgStacApiLambda.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
url string No description.
stacApiLambdaFunction aws-cdk-lib.aws_lambda.Function No description.
nodeRequired 
public readonly node: Node;

The tree node.

urlRequired 
public readonly url: string;
stacApiLambdaFunctionRequired 
public readonly stacApiLambdaFunction: Function;

PgStacDatabase

An RDS instance with pgSTAC installed.

This is a wrapper around the rds.DatabaseInstance higher-level construct making use of the BootstrapPgStac construct.

Initializers 

import { PgStacDatabase } from 'eoapi-cdk'

new PgStacDatabase(scope: Construct, id: string, props: PgStacDatabaseProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props PgStacDatabaseProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
getParameters No description.
toString 
public toString(): string

Returns a string representation of this construct.

getParameters 
public getParameters(instanceType: string, parameters?: {[ key: string ]: string}): DatabaseParameters
instanceTypeRequired
parametersOptional

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { PgStacDatabase } from 'eoapi-cdk'

PgStacDatabase.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
db aws-cdk-lib.aws_rds.DatabaseInstance No description.
pgstacSecret aws-cdk-lib.aws_secretsmanager.ISecret No description.
nodeRequired 
public readonly node: Node;

The tree node.

dbRequired 
public readonly db: DatabaseInstance;
pgstacSecretRequired 
public readonly pgstacSecret: ISecret;

StacBrowser

Initializers 

import { StacBrowser } from 'eoapi-cdk'

new StacBrowser(scope: Construct, id: string, props: StacBrowserProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props StacBrowserProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { StacBrowser } from 'eoapi-cdk'

StacBrowser.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
bucket aws-cdk-lib.aws_s3.IBucket No description.
bucketDeployment aws-cdk-lib.aws_s3_deployment.BucketDeployment No description.
nodeRequired 
public readonly node: Node;

The tree node.

bucketRequired 
public readonly bucket: IBucket;
bucketDeploymentRequired 
public readonly bucketDeployment: BucketDeployment;

StacIngestor

Initializers 

import { StacIngestor } from 'eoapi-cdk'

new StacIngestor(scope: Construct, id: string, props: StacIngestorProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props StacIngestorProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { StacIngestor } from 'eoapi-cdk'

StacIngestor.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
handlerRole aws-cdk-lib.aws_iam.Role No description.
table aws-cdk-lib.aws_dynamodb.Table No description.
nodeRequired 
public readonly node: Node;

The tree node.

handlerRoleRequired 
public readonly handlerRole: Role;
tableRequired 
public readonly table: Table;

TiPgApiLambda

Initializers 

import { TiPgApiLambda } from 'eoapi-cdk'

new TiPgApiLambda(scope: Construct, id: string, props: TiPgApiLambdaProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props TiPgApiLambdaProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { TiPgApiLambda } from 'eoapi-cdk'

TiPgApiLambda.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
url string No description.
tiPgLambdaFunction aws-cdk-lib.aws_lambda.Function No description.
nodeRequired 
public readonly node: Node;

The tree node.

urlRequired 
public readonly url: string;
tiPgLambdaFunctionRequired 
public readonly tiPgLambdaFunction: Function;

TitilerPgstacApiLambda

Initializers 

import { TitilerPgstacApiLambda } from 'eoapi-cdk'

new TitilerPgstacApiLambda(scope: Construct, id: string, props: TitilerPgStacApiLambdaProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props TitilerPgStacApiLambdaProps No description.
scopeRequired
idRequired
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { TitilerPgstacApiLambda } from 'eoapi-cdk'

TitilerPgstacApiLambda.isConstruct(x: any)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
url string No description.
titilerPgstacLambdaFunction aws-cdk-lib.aws_lambda.Function No description.
nodeRequired 
public readonly node: Node;

The tree node.

urlRequired 
public readonly url: string;
titilerPgstacLambdaFunctionRequired 
public readonly titilerPgstacLambdaFunction: Function;

Structs

BastionHostProps

Initializer 

import { BastionHostProps } from 'eoapi-cdk'

const bastionHostProps: BastionHostProps = { ... }

Properties

Name Type Description
db aws-cdk-lib.aws_rds.IDatabaseInstance No description.
ipv4Allowlist string[] No description.
userData aws-cdk-lib.aws_ec2.UserData No description.
vpc aws-cdk-lib.aws_ec2.IVpc No description.
createElasticIp boolean Whether or not an elastic IP should be created for the bastion host.
sshPort number No description.
dbRequired 
public readonly db: IDatabaseInstance;
ipv4AllowlistRequired 
public readonly ipv4Allowlist: string[];
userDataRequired 
public readonly userData: UserData;
vpcRequired 
public readonly vpc: IVpc;
createElasticIpOptional 
public readonly createElasticIp: boolean;

Whether or not an elastic IP should be created for the bastion host.

sshPortOptional 
public readonly sshPort: number;

DatabaseParameters

Initializer 

import { DatabaseParameters } from 'eoapi-cdk'

const databaseParameters: DatabaseParameters = { ... }

Properties

Name Type Description
effectiveCacheSize string No description.
maintenanceWorkMem string No description.
maxConnections string No description.
maxLocksPerTransaction string No description.
randomPageCost string No description.
seqPageCost string No description.
sharedBuffers string Note: This value is measured in 8KB blocks.
tempBuffers string No description.
workMem string No description.
effectiveCacheSizeRequired 
public readonly effectiveCacheSize: string;
maintenanceWorkMemRequired 
public readonly maintenanceWorkMem: string;
maxConnectionsRequired 
public readonly maxConnections: string;
maxLocksPerTransactionRequired 
public readonly maxLocksPerTransaction: string;
randomPageCostRequired 
public readonly randomPageCost: string;
seqPageCostRequired 
public readonly seqPageCost: string;
sharedBuffersRequired 
public readonly sharedBuffers: string;

Note: This value is measured in 8KB blocks.

tempBuffersRequired 
public readonly tempBuffers: string;
workMemRequired 
public readonly workMem: string;

PgStacApiLambdaProps

Initializer 

import { PgStacApiLambdaProps } from 'eoapi-cdk'

const pgStacApiLambdaProps: PgStacApiLambdaProps = { ... }

Properties

Name Type Description
db aws-cdk-lib.aws_rds.IDatabaseInstance RDS Instance with installed pgSTAC.
dbSecret aws-cdk-lib.aws_secretsmanager.ISecret Secret containing connection information for pgSTAC database.
apiEnv {[ key: string ]: string} Customized environment variables to send to fastapi-pgstac runtime.
lambdaFunctionOptions any Can be used to override the default lambda function properties.
stacApiDomainName @aws-cdk/aws-apigatewayv2-alpha.IDomainName Custom Domain Name Options for STAC API,.
subnetSelection aws-cdk-lib.aws_ec2.SubnetSelection Subnet into which the lambda should be deployed.
vpc aws-cdk-lib.aws_ec2.IVpc VPC into which the lambda should be deployed.
dbRequired 
public readonly db: IDatabaseInstance;

RDS Instance with installed pgSTAC.

dbSecretRequired 
public readonly dbSecret: ISecret;

Secret containing connection information for pgSTAC database.

apiEnvOptional 
public readonly apiEnv: {[ key: string ]: string};

Customized environment variables to send to fastapi-pgstac runtime.

lambdaFunctionOptionsOptional 
public readonly lambdaFunctionOptions: any;

Can be used to override the default lambda function properties.

stacApiDomainNameOptional 
public readonly stacApiDomainName: IDomainName;

Custom Domain Name Options for STAC API,.

subnetSelectionOptional 
public readonly subnetSelection: SubnetSelection;

Subnet into which the lambda should be deployed.

vpcOptional 
public readonly vpc: IVpc;

VPC into which the lambda should be deployed.

PgStacDatabaseProps

Initializer 

import { PgStacDatabaseProps } from 'eoapi-cdk'

const pgStacDatabaseProps: PgStacDatabaseProps = { ... }

Properties

Name Type Description
vpc aws-cdk-lib.aws_ec2.IVpc The VPC network where the DB subnet group should be created.
autoMinorVersionUpgrade boolean Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
availabilityZone string The name of the Availability Zone where the DB instance will be located.
backupRetention aws-cdk-lib.Duration The number of days during which automatic DB snapshots are retained.
caCertificate aws-cdk-lib.aws_rds.CaCertificate The identifier of the CA certificate for this DB instance.
cloudwatchLogsExports string[] The list of log types that need to be enabled for exporting to CloudWatch Logs.
cloudwatchLogsRetention aws-cdk-lib.aws_logs.RetentionDays The number of days log events are kept in CloudWatch Logs.
cloudwatchLogsRetentionRole aws-cdk-lib.aws_iam.IRole The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
copyTagsToSnapshot boolean Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
deleteAutomatedBackups boolean Indicates whether automated backups should be deleted or retained when you delete a DB instance.
deletionProtection boolean Indicates whether the DB instance should have deletion protection enabled.
domain string The Active Directory directory ID to create the DB instance in.
domainRole aws-cdk-lib.aws_iam.IRole The IAM role to be used when making API calls to the Directory Service.
enablePerformanceInsights boolean Whether to enable Performance Insights for the DB instance.
iamAuthentication boolean Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
instanceIdentifier string A name for the DB instance.
iops number The number of I/O operations per second (IOPS) that the database provisions.
maxAllocatedStorage number Upper limit to which RDS can scale the storage in GiB(Gibibyte).
monitoringInterval aws-cdk-lib.Duration The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
monitoringRole aws-cdk-lib.aws_iam.IRole Role that will be used to manage DB instance monitoring.
multiAz boolean Specifies if the database instance is a multiple Availability Zone deployment.
networkType aws-cdk-lib.aws_rds.NetworkType The network type of the DB instance.
optionGroup aws-cdk-lib.aws_rds.IOptionGroup The option group to associate with the instance.
parameterGroup aws-cdk-lib.aws_rds.IParameterGroup The DB parameter group to associate with the instance.
performanceInsightEncryptionKey aws-cdk-lib.aws_kms.IKey The AWS KMS key for encryption of Performance Insights data.
performanceInsightRetention aws-cdk-lib.aws_rds.PerformanceInsightRetention The amount of time, in days, to retain Performance Insights data.
port number The port for the instance.
preferredBackupWindow string The daily time range during which automated backups are performed.
preferredMaintenanceWindow string The weekly time range (in UTC) during which system maintenance can occur.
processorFeatures aws-cdk-lib.aws_rds.ProcessorFeatures The number of CPU cores and the number of threads per core.
publiclyAccessible boolean Indicates whether the DB instance is an internet-facing instance.
removalPolicy aws-cdk-lib.RemovalPolicy The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
s3ExportBuckets aws-cdk-lib.aws_s3.IBucket[] S3 buckets that you want to load data into.
s3ExportRole aws-cdk-lib.aws_iam.IRole Role that will be associated with this DB instance to enable S3 export.
s3ImportBuckets aws-cdk-lib.aws_s3.IBucket[] S3 buckets that you want to load data from.
s3ImportRole aws-cdk-lib.aws_iam.IRole Role that will be associated with this DB instance to enable S3 import.
securityGroups aws-cdk-lib.aws_ec2.ISecurityGroup[] The security groups to assign to the DB instance.
storageThroughput number The storage throughput, specified in mebibytes per second (MiBps).
storageType aws-cdk-lib.aws_rds.StorageType The storage type.
subnetGroup aws-cdk-lib.aws_rds.ISubnetGroup Existing subnet group for the instance.
vpcSubnets aws-cdk-lib.aws_ec2.SubnetSelection The type of subnets to add to the created DB subnet group.
engine aws-cdk-lib.aws_rds.IInstanceEngine The database engine.
allocatedStorage number The allocated storage size, specified in gibibytes (GiB).
allowMajorVersionUpgrade boolean Whether to allow major version upgrades.
databaseName string The name of the database.
instanceType aws-cdk-lib.aws_ec2.InstanceType The name of the compute and memory capacity for the instance.
licenseModel aws-cdk-lib.aws_rds.LicenseModel The license model.
parameters {[ key: string ]: string} The parameters in the DBParameterGroup to create automatically.
timezone string The time zone of the instance.
characterSetName string For supported engines, specifies the character set to associate with the DB instance.
credentials aws-cdk-lib.aws_rds.Credentials Credentials for the administrative user.
storageEncrypted boolean Indicates whether the DB instance is encrypted.
storageEncryptionKey aws-cdk-lib.aws_kms.IKey The KMS key that’s used to encrypt the DB instance.
bootstrapperLambdaFunctionOptions any Can be used to override the default lambda function properties.
customResourceProperties {[ key: string ]: any} Lambda function Custom Resource properties.
pgstacDbName string Name of database that is to be created and onto which pgSTAC will be installed.
pgstacUsername string Name of user that will be generated for connecting to the pgSTAC database.
secretsPrefix string Prefix to assign to the generated secrets_manager.Secret.
vpcRequired 
public readonly vpc: IVpc;

The VPC network where the DB subnet group should be created.

autoMinorVersionUpgradeOptional 
public readonly autoMinorVersionUpgrade: boolean;

Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.

availabilityZoneOptional 
public readonly availabilityZone: string;

The name of the Availability Zone where the DB instance will be located.

backupRetentionOptional 
public readonly backupRetention: Duration;

The number of days during which automatic DB snapshots are retained.

Set to zero to disable backups. When creating a read replica, you must enable automatic backups on the source database instance by setting the backup retention to a value other than zero.

caCertificateOptional 
public readonly caCertificate: CaCertificate;

The identifier of the CA certificate for this DB instance.

Specifying or updating this property triggers a reboot.

For RDS DB engines:

https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html

cloudwatchLogsExportsOptional 
public readonly cloudwatchLogsExports: string[];

The list of log types that need to be enabled for exporting to CloudWatch Logs.

cloudwatchLogsRetentionOptional 
public readonly cloudwatchLogsRetention: RetentionDays;

The number of days log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to Infinity.

cloudwatchLogsRetentionRoleOptional 
public readonly cloudwatchLogsRetentionRole: IRole;

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

copyTagsToSnapshotOptional 
public readonly copyTagsToSnapshot: boolean;

Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.

deleteAutomatedBackupsOptional 
public readonly deleteAutomatedBackups: boolean;

Indicates whether automated backups should be deleted or retained when you delete a DB instance.

deletionProtectionOptional 
public readonly deletionProtection: boolean;

Indicates whether the DB instance should have deletion protection enabled.

domainOptional 
public readonly domain: string;

The Active Directory directory ID to create the DB instance in.

domainRoleOptional 
public readonly domainRole: IRole;

The IAM role to be used when making API calls to the Directory Service.

The role needs the AWS-managed policy AmazonRDSDirectoryServiceAccess or equivalent.

enablePerformanceInsightsOptional 
public readonly enablePerformanceInsights: boolean;

Whether to enable Performance Insights for the DB instance.

iamAuthenticationOptional 
public readonly iamAuthentication: boolean;

Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.

instanceIdentifierOptional 
public readonly instanceIdentifier: string;

A name for the DB instance.

If you specify a name, AWS CloudFormation converts it to lowercase.

iopsOptional 
public readonly iops: number;

The number of I/O operations per second (IOPS) that the database provisions.

The value must be equal to or greater than 1000.

maxAllocatedStorageOptional 
public readonly maxAllocatedStorage: number;

Upper limit to which RDS can scale the storage in GiB(Gibibyte).

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling

monitoringIntervalOptional 
public readonly monitoringInterval: Duration;

The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.

monitoringRoleOptional 
public readonly monitoringRole: IRole;

Role that will be used to manage DB instance monitoring.

multiAzOptional 
public readonly multiAz: boolean;

Specifies if the database instance is a multiple Availability Zone deployment.

networkTypeOptional 
public readonly networkType: NetworkType;

The network type of the DB instance.

optionGroupOptional 
public readonly optionGroup: IOptionGroup;

The option group to associate with the instance.

parameterGroupOptional 
public readonly parameterGroup: IParameterGroup;

The DB parameter group to associate with the instance.

performanceInsightEncryptionKeyOptional 
public readonly performanceInsightEncryptionKey: IKey;

The AWS KMS key for encryption of Performance Insights data.

performanceInsightRetentionOptional 
public readonly performanceInsightRetention: PerformanceInsightRetention;

The amount of time, in days, to retain Performance Insights data.

portOptional 
public readonly port: number;

The port for the instance.

preferredBackupWindowOptional 
public readonly preferredBackupWindow: string;

The daily time range during which automated backups are performed.

Constraints:

preferredMaintenanceWindowOptional 
public readonly preferredMaintenanceWindow: string;

The weekly time range (in UTC) during which system maintenance can occur.

Format: ddd:hh24:mi-ddd:hh24:mi Constraint: Minimum 30-minute window

processorFeaturesOptional 
public readonly processorFeatures: ProcessorFeatures;

The number of CPU cores and the number of threads per core.

publiclyAccessibleOptional 
public readonly publiclyAccessible: boolean;

Indicates whether the DB instance is an internet-facing instance.

If not specified, the instance’s vpcSubnets will be used to determine if the instance is internet-facing or not.

removalPolicyOptional 
public readonly removalPolicy: RemovalPolicy;

The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.

s3ExportBucketsOptional 
public readonly s3ExportBuckets: IBucket[];

S3 buckets that you want to load data into.

This property must not be used if s3ExportRole is used.

For Microsoft SQL Server:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html

s3ExportRoleOptional 
public readonly s3ExportRole: IRole;

Role that will be associated with this DB instance to enable S3 export.

This property must not be used if s3ExportBuckets is used.

For Microsoft SQL Server:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html

s3ImportBucketsOptional 
public readonly s3ImportBuckets: IBucket[];

S3 buckets that you want to load data from.

This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.

This property must not be used if s3ImportRole is used.

For Microsoft SQL Server:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html

s3ImportRoleOptional 
public readonly s3ImportRole: IRole;

Role that will be associated with this DB instance to enable S3 import.

This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.

This property must not be used if s3ImportBuckets is used.

For Microsoft SQL Server:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html

securityGroupsOptional 
public readonly securityGroups: ISecurityGroup[];

The security groups to assign to the DB instance.

storageThroughputOptional 
public readonly storageThroughput: number;

The storage throughput, specified in mebibytes per second (MiBps).

Only applicable for GP3.

https://docs.aws.amazon.com//AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage

storageTypeOptional 
public readonly storageType: StorageType;

The storage type.

Storage types supported are gp2, io1, standard.

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD

subnetGroupOptional 
public readonly subnetGroup: ISubnetGroup;

Existing subnet group for the instance.

vpcSubnetsOptional 
public readonly vpcSubnets: SubnetSelection;

The type of subnets to add to the created DB subnet group.

engineRequired 
public readonly engine: IInstanceEngine;

The database engine.

allocatedStorageOptional 
public readonly allocatedStorage: number;

The allocated storage size, specified in gibibytes (GiB).

allowMajorVersionUpgradeOptional 
public readonly allowMajorVersionUpgrade: boolean;

Whether to allow major version upgrades.

databaseNameOptional 
public readonly databaseName: string;

The name of the database.

instanceTypeOptional 
public readonly instanceType: InstanceType;

The name of the compute and memory capacity for the instance.

licenseModelOptional 
public readonly licenseModel: LicenseModel;

The license model.

parametersOptional 
public readonly parameters: {[ key: string ]: string};

The parameters in the DBParameterGroup to create automatically.

You can only specify parameterGroup or parameters but not both. You need to use a versioned engine to auto-generate a DBParameterGroup.

timezoneOptional 
public readonly timezone: string;

The time zone of the instance.

This is currently supported only by Microsoft Sql Server.

characterSetNameOptional 
public readonly characterSetName: string;

For supported engines, specifies the character set to associate with the DB instance.

credentialsOptional 
public readonly credentials: Credentials;

Credentials for the administrative user.

storageEncryptedOptional 
public readonly storageEncrypted: boolean;

Indicates whether the DB instance is encrypted.

storageEncryptionKeyOptional 
public readonly storageEncryptionKey: IKey;

The KMS key that’s used to encrypt the DB instance.

bootstrapperLambdaFunctionOptionsOptional 
public readonly bootstrapperLambdaFunctionOptions: any;

Can be used to override the default lambda function properties.

customResourcePropertiesOptional 
public readonly customResourceProperties: {[ key: string ]: any};

Lambda function Custom Resource properties.

A custom resource property is going to be created to trigger the boostrapping lambda function. This parameter allows the user to specify additional properties on top of the defaults ones.

pgstacDbNameOptional 
public readonly pgstacDbName: string;

Name of database that is to be created and onto which pgSTAC will be installed.

pgstacUsernameOptional 
public readonly pgstacUsername: string;

Name of user that will be generated for connecting to the pgSTAC database.

secretsPrefixOptional 
public readonly secretsPrefix: string;

Prefix to assign to the generated secrets_manager.Secret.

StacBrowserProps

Initializer 

import { StacBrowserProps } from 'eoapi-cdk'

const stacBrowserProps: StacBrowserProps = { ... }

Properties

Name Type Description
githubRepoTag string Tag of the radiant earth stac-browser repo to use to build the app.
stacCatalogUrl string STAC catalog URL.
bucketArn string Bucket ARN.
cloneDirectory string Location in the filesystem where to compile the browser code.
cloudFrontDistributionArn string The ARN of the cloudfront distribution that will be added to the bucket policy with read access.
configFilePath string Path to config file for the STAC browser.
websiteIndexDocument string The name of the index document (e.g. “index.html”) for the website. Enables static website hosting for this bucket.
githubRepoTagRequired 
public readonly githubRepoTag: string;

Tag of the radiant earth stac-browser repo to use to build the app.

stacCatalogUrlRequired 
public readonly stacCatalogUrl: string;

STAC catalog URL.

Overrides the catalog URL in the stac-browser configuration.

bucketArnOptional 
public readonly bucketArn: string;

Bucket ARN.

If specified, the identity used to deploy the stack must have the appropriate permissions to create a deployment for this bucket. In addition, if specified, cloudFrontDistributionArn is ignored since the policy of an imported resource can’t be modified.

cloneDirectoryOptional 
public readonly cloneDirectory: string;

Location in the filesystem where to compile the browser code.

cloudFrontDistributionArnOptional 
public readonly cloudFrontDistributionArn: string;

The ARN of the cloudfront distribution that will be added to the bucket policy with read access.

If bucketArn is specified, this parameter is ignored since the policy of an imported bucket can’t be modified.

configFilePathOptional 
public readonly configFilePath: string;

Path to config file for the STAC browser.

If not provided, default configuration in the STAC browser repository is used.

websiteIndexDocumentOptional 
public readonly websiteIndexDocument: string;

The name of the index document (e.g. “index.html”) for the website. Enables static website hosting for this bucket.

StacIngestorProps

Initializer 

import { StacIngestorProps } from 'eoapi-cdk'

const stacIngestorProps: StacIngestorProps = { ... }

Properties

Name Type Description
dataAccessRole aws-cdk-lib.aws_iam.IRole ARN of AWS Role used to validate access to S3 data.
stacDbSecret aws-cdk-lib.aws_secretsmanager.ISecret Secret containing pgSTAC DB connection information.
stacDbSecurityGroup aws-cdk-lib.aws_ec2.ISecurityGroup Security Group used by pgSTAC DB.
stacUrl string URL of STAC API.
stage string Stage of deployment (e.g. dev, prod).
apiEndpointConfiguration aws-cdk-lib.aws_apigateway.EndpointConfiguration API Endpoint Configuration, useful for creating private APIs.
apiEnv {[ key: string ]: string} Environment variables to be sent to Lambda.
apiLambdaFunctionOptions any Can be used to override the default lambda function properties.
apiPolicy aws-cdk-lib.aws_iam.PolicyDocument API Policy Document, useful for creating private APIs.
ingestorDomainNameOptions aws-cdk-lib.aws_apigateway.DomainNameOptions Custom Domain Name Options for Ingestor API.
ingestorLambdaFunctionOptions any Can be used to override the default lambda function properties.
subnetSelection aws-cdk-lib.aws_ec2.SubnetSelection Subnet into which the lambda should be deployed if using a VPC.
vpc aws-cdk-lib.aws_ec2.IVpc VPC running pgSTAC DB.
dataAccessRoleRequired 
public readonly dataAccessRole: IRole;

ARN of AWS Role used to validate access to S3 data.

stacDbSecretRequired 
public readonly stacDbSecret: ISecret;

Secret containing pgSTAC DB connection information.

stacDbSecurityGroupRequired 
public readonly stacDbSecurityGroup: ISecurityGroup;

Security Group used by pgSTAC DB.

stacUrlRequired 
public readonly stacUrl: string;

URL of STAC API.

stageRequired 
public readonly stage: string;

Stage of deployment (e.g. dev, prod).

apiEndpointConfigurationOptional 
public readonly apiEndpointConfiguration: EndpointConfiguration;

API Endpoint Configuration, useful for creating private APIs.

apiEnvOptional 
public readonly apiEnv: {[ key: string ]: string};

Environment variables to be sent to Lambda.

apiLambdaFunctionOptionsOptional 
public readonly apiLambdaFunctionOptions: any;

Can be used to override the default lambda function properties.

apiPolicyOptional 
public readonly apiPolicy: PolicyDocument;

API Policy Document, useful for creating private APIs.

ingestorDomainNameOptionsOptional 
public readonly ingestorDomainNameOptions: DomainNameOptions;

Custom Domain Name Options for Ingestor API.

ingestorLambdaFunctionOptionsOptional 
public readonly ingestorLambdaFunctionOptions: any;

Can be used to override the default lambda function properties.

subnetSelectionOptional 
public readonly subnetSelection: SubnetSelection;

Subnet into which the lambda should be deployed if using a VPC.

vpcOptional 
public readonly vpc: IVpc;

VPC running pgSTAC DB.

TiPgApiLambdaProps

Initializer 

import { TiPgApiLambdaProps } from 'eoapi-cdk'

const tiPgApiLambdaProps: TiPgApiLambdaProps = { ... }

Properties

Name Type Description
db aws-cdk-lib.aws_rds.IDatabaseInstance RDS Instance with installed pgSTAC.
dbSecret aws-cdk-lib.aws_secretsmanager.ISecret Secret containing connection information for pgSTAC database.
apiEnv {[ key: string ]: string} Customized environment variables to send to titiler-pgstac runtime.
lambdaFunctionOptions any Can be used to override the default lambda function properties.
subnetSelection aws-cdk-lib.aws_ec2.SubnetSelection Subnet into which the lambda should be deployed.
tipgApiDomainName @aws-cdk/aws-apigatewayv2-alpha.IDomainName Custom Domain Name for tipg API.
vpc aws-cdk-lib.aws_ec2.IVpc VPC into which the lambda should be deployed.
dbRequired 
public readonly db: IDatabaseInstance;

RDS Instance with installed pgSTAC.

dbSecretRequired 
public readonly dbSecret: ISecret;

Secret containing connection information for pgSTAC database.

apiEnvOptional 
public readonly apiEnv: {[ key: string ]: string};

Customized environment variables to send to titiler-pgstac runtime.

lambdaFunctionOptionsOptional 
public readonly lambdaFunctionOptions: any;

Can be used to override the default lambda function properties.

subnetSelectionOptional 
public readonly subnetSelection: SubnetSelection;

Subnet into which the lambda should be deployed.

tipgApiDomainNameOptional 
public readonly tipgApiDomainName: IDomainName;

Custom Domain Name for tipg API.

If defined, will create the domain name and integrate it with the tipg API.

vpcOptional 
public readonly vpc: IVpc;

VPC into which the lambda should be deployed.

TitilerPgStacApiLambdaProps

Initializer 

import { TitilerPgStacApiLambdaProps } from 'eoapi-cdk'

const titilerPgStacApiLambdaProps: TitilerPgStacApiLambdaProps = { ... }

Properties

Name Type Description
db aws-cdk-lib.aws_rds.IDatabaseInstance RDS Instance with installed pgSTAC.
dbSecret aws-cdk-lib.aws_secretsmanager.ISecret Secret containing connection information for pgSTAC database.
apiEnv {[ key: string ]: string} Customized environment variables to send to titiler-pgstac runtime.
buckets string[] list of buckets the lambda will be granted access to.
lambdaFunctionOptions any Can be used to override the default lambda function properties.
subnetSelection aws-cdk-lib.aws_ec2.SubnetSelection Subnet into which the lambda should be deployed.
titilerPgstacApiDomainName @aws-cdk/aws-apigatewayv2-alpha.IDomainName Custom Domain Name Options for Titiler Pgstac API,.
vpc aws-cdk-lib.aws_ec2.IVpc VPC into which the lambda should be deployed.
dbRequired 
public readonly db: IDatabaseInstance;

RDS Instance with installed pgSTAC.

dbSecretRequired 
public readonly dbSecret: ISecret;

Secret containing connection information for pgSTAC database.

apiEnvOptional 
public readonly apiEnv: {[ key: string ]: string};

Customized environment variables to send to titiler-pgstac runtime.

These will be merged with defaultTitilerPgstacEnv. The database secret arn is automatically added to the environment variables at deployment. /

bucketsOptional 
public readonly buckets: string[];

list of buckets the lambda will be granted access to.

lambdaFunctionOptionsOptional 
public readonly lambdaFunctionOptions: any;

Can be used to override the default lambda function properties.

subnetSelectionOptional 
public readonly subnetSelection: SubnetSelection;

Subnet into which the lambda should be deployed.

titilerPgstacApiDomainNameOptional 
public readonly titilerPgstacApiDomainName: IDomainName;

Custom Domain Name Options for Titiler Pgstac API,.

vpcOptional 
public readonly vpc: IVpc;

VPC into which the lambda should be deployed.