The database is located in an isolated subnet, meaning that it is not accessible from the public internet.
As such, to interact with the database directly, a user must tunnel through a bastion host.
This codebase controls who is allowed to connect to the bastion host. This requires two steps:
ipv4Allowlist arrayuserdata.yamlipv4Allowlist arrayThe BastionHost construct takes in an ipv4Allowlist array as an argument. Find your IP address (eg curl api.ipify.org) and add that to the array along with the trailing CIDR block (likely /32 to indicate that you are adding a single IP address).
userdata.yamlAdd an entry to the users array with a username (likely matching your local systems username, which you can get by running the whoami command in your terminal) and a public key (likely your default public key, which you can get by running cat ~/.ssh/id_*.pub in your terminal).
Connecting to RDS Instance via SSM
aws ssm start-session --target $INSTANCE_ID \
--document-name AWS-StartPortForwardingSessionToRemoteHost \
--parameters '{
"host": [
"example-db.c5abcdefghij.us-west-2.rds.amazonaws.com"
],
"portNumber": [
"5432"
],
"localPortNumber": [
"9999"
]
}' \
--profile $AWS_PROFILE
psql -h localhost -p 9999 # continue adding username (-U) and db (-d) here...
Connect directly to Bastion Host:
aws ssm start-session --target $INSTANCE_ID --profile $AWS_PROFILE
Setting up an SSH tunnel
In your ~/.ssh/config file, add an entry like:
Host db-tunnel
Hostname {the-bastion-host-address}
LocalForward 9999 {the-db-hostname}:5432
Then a tunnel can be opened via:
ssh -N db-tunnel
And a connection to the DB can be made via:
psql -h 127.0.0.1 -p 9999 -U {username} -d {database}
Handling REMOTE HOST IDENTIFICATION HAS CHANGED! error
If you’ve redeployed a bastion host that you’ve previously connected to, you may see an error like:
#### Initializers <a name="Initializers" id="eoapi-cdk.BastionHost.Initializer"></a>
```typescript
import { BastionHost } from 'eoapi-cdk'
new BastionHost(scope: Construct, id: string, props: BastionHostProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
BastionHostProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { BastionHost } from 'eoapi-cdk'
BastionHost.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
instance |
aws-cdk-lib.aws_ec2.Instance |
No description. |
nodeRequired public readonly node: Node;
The tree node.
instanceRequired public readonly instance: Instance;
import { LambdaApiGateway } from 'eoapi-cdk'
new LambdaApiGateway(scope: Construct, id: string, props: LambdaApiGatewayProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
LambdaApiGatewayProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { LambdaApiGateway } from 'eoapi-cdk'
LambdaApiGateway.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
api |
aws-cdk-lib.aws_apigatewayv2.HttpApi |
No description. |
nodeRequired public readonly node: Node;
The tree node.
apiRequired public readonly api: HttpApi;
import { PgStacApiLambda } from 'eoapi-cdk'
new PgStacApiLambda(scope: Construct, id: string, props: PgStacApiLambdaProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
PgStacApiLambdaProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { PgStacApiLambda } from 'eoapi-cdk'
PgStacApiLambda.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
Lambda function for the STAC API. |
url |
string |
URL for the STAC API. |
stacApiLambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
Lambda function for the STAC API.
urlRequired public readonly url: string;
URL for the STAC API.
stacApiLambdaFunctionpublic readonly stacApiLambdaFunction: Function;
import { PgStacApiLambdaRuntime } from 'eoapi-cdk'
new PgStacApiLambdaRuntime(scope: Construct, id: string, props: PgStacApiLambdaRuntimeProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
PgStacApiLambdaRuntimeProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { PgStacApiLambdaRuntime } from 'eoapi-cdk'
PgStacApiLambdaRuntime.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
An RDS instance with pgSTAC installed and PgBouncer connection pooling.
This construct creates an optimized pgSTAC database setup that includes:
By default, this construct deploys PgBouncer as a connection pooler running on a dedicated EC2 instance. PgBouncer provides several benefits:
The construct includes an automated health check system that validates:
When PgBouncer is enabled, applications connect through the PgBouncer instance
rather than directly to RDS. The pgstacSecret contains connection information
pointing to PgBouncer, and the connectionTarget property refers to the
PgBouncer EC2 instance.
To disable PgBouncer and connect directly to RDS, set addPgbouncer: false.
This is a wrapper around the rds.DatabaseInstance higher-level construct
making use of the BootstrapPgStac construct.
import { PgStacDatabase } from 'eoapi-cdk'
new PgStacDatabase(scope: Construct, id: string, props: PgStacDatabaseProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
PgStacDatabaseProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
getParameters |
No description. |
toString public toString(): string
Returns a string representation of this construct.
getParameters public getParameters(instanceType: string, parameters?: {[ key: string ]: string}): DatabaseParameters
instanceTypeRequired parametersOptional | Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { PgStacDatabase } from 'eoapi-cdk'
PgStacDatabase.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
connectionTarget |
aws-cdk-lib.aws_ec2.Instance \| aws-cdk-lib.aws_rds.IDatabaseInstance |
No description. |
pgstacVersion |
string |
No description. |
pgbouncerHealthCheck |
aws-cdk-lib.CustomResource |
No description. |
secretBootstrapper |
aws-cdk-lib.CustomResource |
No description. |
securityGroup |
aws-cdk-lib.aws_ec2.SecurityGroup |
No description. |
db |
aws-cdk-lib.aws_rds.DatabaseInstance |
No description. |
pgstacSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
No description. |
nodeRequired public readonly node: Node;
The tree node.
connectionTargetRequired public readonly connectionTarget: Instance | IDatabaseInstance;
| Type: aws-cdk-lib.aws_ec2.Instance | aws-cdk-lib.aws_rds.IDatabaseInstance |
pgstacVersionRequired public readonly pgstacVersion: string;
pgbouncerHealthCheckOptional public readonly pgbouncerHealthCheck: CustomResource;
secretBootstrapperOptional public readonly secretBootstrapper: CustomResource;
securityGroupOptional public readonly securityGroup: SecurityGroup;
dbRequired public readonly db: DatabaseInstance;
pgstacSecretRequired public readonly pgstacSecret: ISecret;
import { PrivateLambdaApiGateway } from 'eoapi-cdk'
new PrivateLambdaApiGateway(scope: Construct, id: string, props: PrivateLambdaApiGatewayProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
PrivateLambdaApiGatewayProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { PrivateLambdaApiGateway } from 'eoapi-cdk'
PrivateLambdaApiGateway.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
api |
aws-cdk-lib.aws_apigateway.RestApi |
No description. |
vpcEndpoint |
aws-cdk-lib.aws_ec2.InterfaceVpcEndpoint |
No description. |
nodeRequired public readonly node: Node;
The tree node.
apiRequired public readonly api: RestApi;
vpcEndpointOptional public readonly vpcEndpoint: InterfaceVpcEndpoint;
import { StacAuthProxyLambda } from 'eoapi-cdk'
new StacAuthProxyLambda(scope: Construct, id: string, props: StacAuthProxyLambdaProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StacAuthProxyLambdaProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { StacAuthProxyLambda } from 'eoapi-cdk'
StacAuthProxyLambda.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
Lambda function for the STAC API. |
url |
string |
URL for the STAC API. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
Lambda function for the STAC API.
urlRequired public readonly url: string;
URL for the STAC API.
import { StacAuthProxyLambdaRuntime } from 'eoapi-cdk'
new StacAuthProxyLambdaRuntime(scope: Construct, id: string, props: StacAuthProxyLambdaRuntimeProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StacAuthProxyLambdaRuntimeProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { StacAuthProxyLambdaRuntime } from 'eoapi-cdk'
StacAuthProxyLambdaRuntime.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
import { StacBrowser } from 'eoapi-cdk'
new StacBrowser(scope: Construct, id: string, props: StacBrowserProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StacBrowserProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { StacBrowser } from 'eoapi-cdk'
StacBrowser.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
bucket |
aws-cdk-lib.aws_s3.IBucket |
No description. |
bucketDeployment |
aws-cdk-lib.aws_s3_deployment.BucketDeployment |
No description. |
nodeRequired public readonly node: Node;
The tree node.
bucketRequired public readonly bucket: IBucket;
bucketDeploymentRequired public readonly bucketDeployment: BucketDeployment;
import { StacIngestor } from 'eoapi-cdk'
new StacIngestor(scope: Construct, id: string, props: StacIngestorProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StacIngestorProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { StacIngestor } from 'eoapi-cdk'
StacIngestor.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
handlerRole |
aws-cdk-lib.aws_iam.Role |
No description. |
table |
aws-cdk-lib.aws_dynamodb.Table |
No description. |
nodeRequired public readonly node: Node;
The tree node.
handlerRoleRequired public readonly handlerRole: Role;
tableRequired public readonly table: Table;
import { StacItemLoader } from 'eoapi-cdk'
new StacItemLoader(scope: Construct, id: string, props: StacLoaderProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StacLoaderProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toStringpublic toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstructimport { StacItemLoader } from 'eoapi-cdk'
StacItemLoader.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.Queue |
Dead letter queue for failed objects loading attempts. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
The Lambda function that loads STAC objects into the pgstac database. |
queue |
aws-cdk-lib.aws_sqs.Queue |
The SQS queue that buffers messages before processing. |
topic |
aws-cdk-lib.aws_sns.Topic |
The SNS topic that receives STAC objects and S3 event notifications for loading. |
nodepublic readonly node: Node;
The tree node.
deadLetterQueuepublic readonly deadLetterQueue: Queue;
Dead letter queue for failed objects loading attempts.
Messages that fail processing after 5 attempts are sent here for inspection and potential replay. Retains messages for 14 days to allow for debugging and manual intervention.
User Responsibility: This construct provides NO automated monitoring, alerting, or reprocessing of dead letter queue messages. Applications using this construct must implement their own:
lambdaFunctionpublic readonly lambdaFunction: Function;
The Lambda function that loads STAC objects into the pgstac database.
This Python function receives batches of messages from SQS and processes them based on their type:
The function connects to PostgreSQL using credentials from Secrets Manager and uses pypgstac for efficient database operations.
queuepublic readonly queue: Queue;
The SQS queue that buffers messages before processing.
This queue collects both direct STAC objects from SNS and S3 event notifications, batching them for efficient database operations. Configured with a visibility timeout that accommodates Lambda processing time plus buffer.
topicpublic readonly topic: Topic;
The SNS topic that receives STAC objects and S3 event notifications for loading.
This topic serves as the entry point for two types of events:
The topic fans out to the SQS queue for batched processing.
AWS CDK Construct for STAC Object Loading Infrastructure.
The StacLoader creates a serverless, event-driven system for loading STAC (SpatioTemporal Asset Catalog) objects into a PostgreSQL database with the pgstac extension. This construct supports multiple ingestion pathways for flexible STAC object loading.
This construct creates the following AWS resources:
The loader supports two primary data ingestion patterns:
The SQS-to-Lambda integration uses intelligent batching to optimize performance:
batchSize messages (default: 500)batchSize messages are available, Lambda
triggers after maxBatchingWindow minutes (default: 1 minute)maxConcurrency concurrent executions to prevent database overloadreportBatchItemFailures to retry only failed objectsThis approach balances throughput (larger batches = fewer database connections) with latency (time-based triggers prevent indefinite waiting).
Failed messages are sent to the dead letter queue after 5 processing attempts. Important: This construct provides NO automated handling of dead letter queue messages - monitoring, inspection, and reprocessing of failed objects is the responsibility of the implementing application.
Consider implementing:
Before using this construct, ensure:
// Create database first
const database = new PgStacDatabase(this, 'Database', {
pgstacVersion: '0.9.5'
});
// Create Object loader
const loader = new StacLoader(this, 'StacLoader', {
pgstacDb: database,
batchSize: 1000, // Process up to 1000 objects per batch
maxBatchingWindowMinutes: 1, // Wait max 1 minute to fill batch
lambdaTimeoutSeconds: 300 // Allow up to 300 seconds for database operations
});
// The topic ARN can be used by other services to publish objects
new CfnOutput(this, 'LoaderTopicArn', {
value: loader.topic.topicArn
});
External services can publish STAC objects directly to the topic:
aws sns publish --topic-arn $STAC_LOAD_TOPIC --message '{
"id": "example-collection",
"type": "Collection",
"title": "Example Collection",
"description": "An example collection",
"license": "proprietary",
"extent": {
"spatial": {"bbox": [[-180, -90, 180, 90]]},
"temporal": {"interval": [[null, null]]}
},
"stac_version": "1.1.0",
"links": []
}'
aws sns publish --topic-arn $STAC_LOAD_TOPIC --message '{
"type": "Feature",
"stac_version": "1.0.0",
"id": "example-item",
"properties": {"datetime": "2021-01-01T00:00:00Z"},
"geometry": {"type": "Polygon", "coordinates": [...]},
"collection": "example-collection"
}'
To enable S3 event-driven loading, configure S3 bucket notifications to send events to the SNS topic when STAC objects (.json or .geojson files) are uploaded:
// Configure S3 bucket to send notifications to the loader topic
bucket.addEventNotification(
s3.EventType.OBJECT_CREATED,
new s3n.SnsDestination(loader.topic),
{ suffix: '.json' }
);
bucket.addEventNotification(
s3.EventType.OBJECT_CREATED,
new s3n.SnsDestination(loader.topic),
{ suffix: '.geojson' }
);
When STAC objects are uploaded to the configured S3 bucket, the loader will:
/aws/lambda/{FunctionName}Applications must implement their own dead letter queue monitoring:
// Example: CloudWatch alarm for dead letter queue depth
new cloudwatch.Alarm(this, 'DeadLetterAlarm', {
metric: loader.deadLetterQueue.metricApproximateNumberOfVisibleMessages(),
threshold: 1,
evaluationPeriods: 1
});
// Example: Lambda to reprocess dead letter messages
const reprocessFunction = new lambda.Function(this, 'Reprocess', {
// Implementation to fetch and republish failed messages
});
import { StacLoader } from 'eoapi-cdk'
new StacLoader(scope: Construct, id: string, props: StacLoaderProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StacLoaderProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { StacLoader } from 'eoapi-cdk'
StacLoader.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.Queue |
Dead letter queue for failed objects loading attempts. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
The Lambda function that loads STAC objects into the pgstac database. |
queue |
aws-cdk-lib.aws_sqs.Queue |
The SQS queue that buffers messages before processing. |
topic |
aws-cdk-lib.aws_sns.Topic |
The SNS topic that receives STAC objects and S3 event notifications for loading. |
nodeRequired public readonly node: Node;
The tree node.
deadLetterQueueRequired public readonly deadLetterQueue: Queue;
Dead letter queue for failed objects loading attempts.
Messages that fail processing after 5 attempts are sent here for inspection and potential replay. Retains messages for 14 days to allow for debugging and manual intervention.
User Responsibility: This construct provides NO automated monitoring, alerting, or reprocessing of dead letter queue messages. Applications using this construct must implement their own:
lambdaFunctionRequired public readonly lambdaFunction: Function;
The Lambda function that loads STAC objects into the pgstac database.
This Python function receives batches of messages from SQS and processes them based on their type:
The function connects to PostgreSQL using credentials from Secrets Manager and uses pypgstac for efficient database operations.
queueRequired public readonly queue: Queue;
The SQS queue that buffers messages before processing.
This queue collects both direct STAC objects from SNS and S3 event notifications, batching them for efficient database operations. Configured with a visibility timeout that accommodates Lambda processing time plus buffer.
topicRequired public readonly topic: Topic;
The SNS topic that receives STAC objects and S3 event notifications for loading.
This topic serves as the entry point for two types of events:
The topic fans out to the SQS queue for batched processing.
AWS CDK Construct for STAC Item Generation Infrastructure.
The StactoolsItemGenerator creates a serverless, event-driven system for generating STAC (SpatioTemporal Asset Catalog) items from source data. This construct implements the first phase of a two-stage ingestion pipeline that transforms raw geospatial data into standardized STAC metadata.
This construct creates the following AWS resources:
uvx to install the required stactools packagecreate-item CLI command with provided argumentsThe function expects messages matching the ItemRequest model:
{
"package_name": "stactools-glad-global-forest-change",
"group_name": "gladglobalforestchange",
"create_item_args": [
"https://example.com/data.tif"
],
"collection_id": "glad-global-forest-change-1.11"
}
// Create item loader first (or get existing topic ARN)
const loader = new StacLoader(this, 'ItemLoader', {
pgstacDb: database
});
// Create item generator that feeds the loader
const generator = new StactoolsItemGenerator(this, 'ItemGenerator', {
itemLoadTopicArn: loader.topic.topicArn,
lambdaTimeoutSeconds: 120, // Allow time for package installation
maxConcurrency: 100, // Control parallel processing
batchSize: 10 // Process 10 requests per invocation
});
// Grant permission to publish to the loader topic
loader.topic.grantPublish(generator.lambdaFunction);
Send messages to the generator topic to trigger item creation:
aws sns publish --topic-arn $ITEM_GEN_TOPIC --message '{
"package_name": "stactools-glad-global-forest-change",
"group_name": "gladglobalforestchange",
"create_item_args": [
"https://storage.googleapis.com/earthenginepartners-hansen/GFC-2023-v1.11/Hansen_GFC-2023-v1.11_gain_40N_080W.tif"
],
"collection_id": "glad-global-forest-change-1.11"
}'
For processing many assets, you can loop through URLs:
while IFS= read -r url; do
aws sns publish --topic-arn "$ITEM_GEN_TOPIC" --message "{
\"package_name\": \"stactools-glad-glclu2020\",
\"group_name\": \"gladglclu2020\",
\"create_item_args\": [\"$url\"]
}"
done < urls.txt
/aws/lambda/{FunctionName}Any package available on PyPI that follows the stactools plugin pattern can be used. Examples include:
stactools-glad-global-forest-changestactools-glad-glclu2020stactools-landsatstactools-sentinel2{@link https://stactools.readthedocs.io/} for stactools documentation
import { StactoolsItemGenerator } from 'eoapi-cdk'
new StactoolsItemGenerator(scope: Construct, id: string, props: StactoolsItemGeneratorProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
StactoolsItemGeneratorProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { StactoolsItemGenerator } from 'eoapi-cdk'
StactoolsItemGenerator.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.Queue |
Dead letter queue for failed item generation attempts. |
lambdaFunction |
aws-cdk-lib.aws_lambda.DockerImageFunction |
The containerized Lambda function that generates STAC items. |
queue |
aws-cdk-lib.aws_sqs.Queue |
The SQS queue that buffers item generation requests. |
topic |
aws-cdk-lib.aws_sns.Topic |
The SNS topic that receives item generation requests. |
nodeRequired public readonly node: Node;
The tree node.
deadLetterQueueRequired public readonly deadLetterQueue: Queue;
Dead letter queue for failed item generation attempts.
Messages that fail processing after 5 attempts are sent here for inspection and potential replay. This helps with debugging stactools package issues, network failures, or malformed requests.
lambdaFunctionRequired public readonly lambdaFunction: DockerImageFunction;
The containerized Lambda function that generates STAC items.
This Docker-based function dynamically installs stactools packages using uvx, processes source data, and publishes generated STAC items to the configured ItemLoad SNS topic.
queueRequired public readonly queue: Queue;
The SQS queue that buffers item generation requests.
This queue receives messages from the SNS topic containing ItemRequest payloads. It’s configured with a visibility timeout that matches the Lambda timeout plus buffer time to prevent duplicate processing.
topicRequired public readonly topic: Topic;
The SNS topic that receives item generation requests.
External systems publish ItemRequest messages to this topic to trigger STAC item generation. The topic fans out to the SQS queue for processing.
import { TiPgApiLambda } from 'eoapi-cdk'
new TiPgApiLambda(scope: Construct, id: string, props: TiPgApiLambdaProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TiPgApiLambdaProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { TiPgApiLambda } from 'eoapi-cdk'
TiPgApiLambda.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
Lambda function for the TiPg API. |
url |
string |
URL for the TiPg API. |
tiPgLambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
Lambda function for the TiPg API.
urlRequired public readonly url: string;
URL for the TiPg API.
tiPgLambdaFunctionpublic readonly tiPgLambdaFunction: Function;
import { TiPgApiLambdaRuntime } from 'eoapi-cdk'
new TiPgApiLambdaRuntime(scope: Construct, id: string, props: TiPgApiLambdaRuntimeProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TiPgApiLambdaRuntimeProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { TiPgApiLambdaRuntime } from 'eoapi-cdk'
TiPgApiLambdaRuntime.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
import { TitilerPgstacApiLambda } from 'eoapi-cdk'
new TitilerPgstacApiLambda(scope: Construct, id: string, props: TitilerPgstacApiLambdaProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TitilerPgstacApiLambdaProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { TitilerPgstacApiLambda } from 'eoapi-cdk'
TitilerPgstacApiLambda.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
Lambda function for the Titiler Pgstac API. |
url |
string |
URL for the Titiler Pgstac API. |
titilerPgstacLambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
Lambda function for the Titiler Pgstac API.
urlRequired public readonly url: string;
URL for the Titiler Pgstac API.
titilerPgstacLambdaFunctionpublic readonly titilerPgstacLambdaFunction: Function;
import { TitilerPgstacApiLambdaRuntime } from 'eoapi-cdk'
new TitilerPgstacApiLambdaRuntime(scope: Construct, id: string, props: TitilerPgstacApiLambdaRuntimeProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TitilerPgstacApiLambdaRuntimeProps |
No description. |
scopeRequired idRequired propsRequired | Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString public toString(): string
Returns a string representation of this construct.
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct import { TitilerPgstacApiLambdaRuntime } from 'eoapi-cdk'
TitilerPgstacApiLambdaRuntime.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired Any object.
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
lambdaFunction |
aws-cdk-lib.aws_lambda.Function |
No description. |
nodeRequired public readonly node: Node;
The tree node.
lambdaFunctionRequired public readonly lambdaFunction: Function;
import { BastionHostProps } from 'eoapi-cdk'
const bastionHostProps: BastionHostProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance |
No description. |
ipv4Allowlist |
string[] |
No description. |
userData |
aws-cdk-lib.aws_ec2.UserData |
No description. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
No description. |
createElasticIp |
boolean |
Whether or not an elastic IP should be created for the bastion host. |
sshPort |
number |
No description. |
dbRequired public readonly db: IDatabaseInstance;
ipv4AllowlistRequired public readonly ipv4Allowlist: string[];
userDataRequired public readonly userData: UserData;
vpcRequired public readonly vpc: IVpc;
createElasticIpOptional public readonly createElasticIp: boolean;
Whether or not an elastic IP should be created for the bastion host.
sshPortOptional public readonly sshPort: number;
import { DatabaseParameters } from 'eoapi-cdk'
const databaseParameters: DatabaseParameters = { ... }
| Name | Type | Description |
|---|---|---|
effectiveCacheSize |
string |
No description. |
maintenanceWorkMem |
string |
No description. |
maxConnections |
string |
No description. |
maxLocksPerTransaction |
string |
No description. |
randomPageCost |
string |
No description. |
seqPageCost |
string |
No description. |
sharedBuffers |
string |
Note: This value is measured in 8KB blocks. |
tempBuffers |
string |
No description. |
workMem |
string |
No description. |
effectiveCacheSizeRequired public readonly effectiveCacheSize: string;
maintenanceWorkMemRequired public readonly maintenanceWorkMem: string;
maxConnectionsRequired public readonly maxConnections: string;
maxLocksPerTransactionRequired public readonly maxLocksPerTransaction: string;
randomPageCostRequired public readonly randomPageCost: string;
seqPageCostRequired public readonly seqPageCost: string;
sharedBuffersRequired public readonly sharedBuffers: string;
{(DBInstanceClassMemory/(1024*8)) * 0.25}Note: This value is measured in 8KB blocks.
tempBuffersRequired public readonly tempBuffers: string;
workMemRequired public readonly workMem: string;
import { LambdaApiGatewayProps } from 'eoapi-cdk'
const lambdaApiGatewayProps: LambdaApiGatewayProps = { ... }
| Name | Type | Description |
|---|---|---|
lambdaFunction |
aws-cdk-lib.aws_lambda.Function \| aws-cdk-lib.aws_lambda.Version |
Lambda function to integrate with the API Gateway. |
apiName |
string |
Name of the API Gateway. |
domainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Custom Domain Name for the API. |
lambdaFunctionRequired public readonly lambdaFunction: Function | Version;
| Type: aws-cdk-lib.aws_lambda.Function | aws-cdk-lib.aws_lambda.Version |
Lambda function to integrate with the API Gateway.
apiNameOptional public readonly apiName: string;
Name of the API Gateway.
domainNameOptional public readonly domainName: IDomainName;
Custom Domain Name for the API.
If defined, will create the domain name and integrate it with the API.
import { PgStacApiLambdaProps } from 'eoapi-cdk'
const pgStacApiLambdaProps: PgStacApiLambdaProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance \| aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server. |
dbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing connection information for pgSTAC database. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to fastapi-pgstac runtime. |
enabledExtensions |
string[] |
List of STAC API extensions to enable. |
enableSnapStart |
boolean |
Enable SnapStart to reduce cold start latency. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
domainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Domain Name for the STAC API. |
stacApiDomainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Custom Domain Name Options for STAC API. |
dbRequired public readonly db: IDatabaseInstance | IInstance;
| Type: aws-cdk-lib.aws_rds.IDatabaseInstance | aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server.
dbSecretRequired public readonly dbSecret: ISecret;
Secret containing connection information for pgSTAC database.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to fastapi-pgstac runtime.
enabledExtensionsOptional public readonly enabledExtensions: string[];
List of STAC API extensions to enable.
enableSnapStartOptional public readonly enableSnapStart: boolean;
Enable SnapStart to reduce cold start latency.
SnapStart creates a snapshot of the initialized Lambda function, allowing new instances to start from this pre-initialized state instead of starting from scratch.
Benefits:
Considerations:
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
domainNameOptional public readonly domainName: IDomainName;
Domain Name for the STAC API.
If defined, will create the domain name and integrate it with the STAC API.
stacApiDomainNamepublic readonly stacApiDomainName: IDomainName;
Custom Domain Name Options for STAC API.
import { PgStacApiLambdaRuntimeProps } from 'eoapi-cdk'
const pgStacApiLambdaRuntimeProps: PgStacApiLambdaRuntimeProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance \| aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server. |
dbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing connection information for pgSTAC database. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to fastapi-pgstac runtime. |
enabledExtensions |
string[] |
List of STAC API extensions to enable. |
enableSnapStart |
boolean |
Enable SnapStart to reduce cold start latency. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
dbRequired public readonly db: IDatabaseInstance | IInstance;
| Type: aws-cdk-lib.aws_rds.IDatabaseInstance | aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server.
dbSecretRequired public readonly dbSecret: ISecret;
Secret containing connection information for pgSTAC database.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to fastapi-pgstac runtime.
enabledExtensionsOptional public readonly enabledExtensions: string[];
List of STAC API extensions to enable.
enableSnapStartOptional public readonly enableSnapStart: boolean;
Enable SnapStart to reduce cold start latency.
SnapStart creates a snapshot of the initialized Lambda function, allowing new instances to start from this pre-initialized state instead of starting from scratch.
Benefits:
Considerations:
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
import { PgStacDatabaseProps } from 'eoapi-cdk'
const pgStacDatabaseProps: PgStacDatabaseProps = { ... }
| Name | Type | Description |
|---|---|---|
vpc |
aws-cdk-lib.aws_ec2.IVpc |
The VPC network where the DB subnet group should be created. |
applyImmediately |
boolean |
Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the preferredMaintenanceWindow setting. |
autoMinorVersionUpgrade |
boolean |
Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window. |
availabilityZone |
string |
The name of the Availability Zone where the DB instance will be located. |
backupRetention |
aws-cdk-lib.Duration |
The number of days during which automatic DB snapshots are retained. |
caCertificate |
aws-cdk-lib.aws_rds.CaCertificate |
The identifier of the CA certificate for this DB instance. |
cloudwatchLogsExports |
string[] |
The list of log types that need to be enabled for exporting to CloudWatch Logs. |
cloudwatchLogsRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
cloudwatchLogsRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
copyTagsToSnapshot |
boolean |
Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. |
databaseInsightsMode |
aws-cdk-lib.aws_rds.DatabaseInsightsMode |
The database insights mode. |
deleteAutomatedBackups |
boolean |
Indicates whether automated backups should be deleted or retained when you delete a DB instance. |
deletionProtection |
boolean |
Indicates whether the DB instance should have deletion protection enabled. |
domain |
string |
The Active Directory directory ID to create the DB instance in. |
domainRole |
aws-cdk-lib.aws_iam.IRoleRef |
The IAM role to be used when making API calls to the Directory Service. |
enablePerformanceInsights |
boolean |
Whether to enable Performance Insights for the DB instance. |
engineLifecycleSupport |
aws-cdk-lib.aws_rds.EngineLifecycleSupport |
The life cycle type for this DB instance. |
iamAuthentication |
boolean |
Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. |
instanceIdentifier |
string |
A name for the DB instance. |
iops |
number |
The number of I/O operations per second (IOPS) that the database provisions. |
maxAllocatedStorage |
number |
Upper limit to which RDS can scale the storage in GiB(Gibibyte). |
monitoringInterval |
aws-cdk-lib.Duration |
The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance. |
monitoringRole |
aws-cdk-lib.aws_iam.IRoleRef |
Role that will be used to manage DB instance monitoring. |
multiAz |
boolean |
Specifies if the database instance is a multiple Availability Zone deployment. |
networkType |
aws-cdk-lib.aws_rds.NetworkType |
The network type of the DB instance. |
optionGroup |
aws-cdk-lib.aws_rds.IOptionGroup |
The option group to associate with the instance. |
parameterGroup |
aws-cdk-lib.aws_rds.IParameterGroup |
The DB parameter group to associate with the instance. |
performanceInsightEncryptionKey |
aws-cdk-lib.aws_kms.IKeyRef |
The AWS KMS key for encryption of Performance Insights data. |
performanceInsightRetention |
aws-cdk-lib.aws_rds.PerformanceInsightRetention |
The amount of time, in days, to retain Performance Insights data. |
port |
number |
The port for the instance. |
preferredBackupWindow |
string |
The daily time range during which automated backups are performed. |
preferredMaintenanceWindow |
string |
The weekly time range (in UTC) during which system maintenance can occur. |
processorFeatures |
aws-cdk-lib.aws_rds.ProcessorFeatures |
The number of CPU cores and the number of threads per core. |
publiclyAccessible |
boolean |
Indicates whether the DB instance is an internet-facing instance. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update. |
s3ExportBuckets |
aws-cdk-lib.aws_s3.IBucket[] |
S3 buckets that you want to load data into. |
s3ExportRole |
aws-cdk-lib.aws_iam.IRole |
Role that will be associated with this DB instance to enable S3 export. |
s3ImportBuckets |
aws-cdk-lib.aws_s3.IBucket[] |
S3 buckets that you want to load data from. |
s3ImportRole |
aws-cdk-lib.aws_iam.IRole |
Role that will be associated with this DB instance to enable S3 import. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The security groups to assign to the DB instance. |
storageThroughput |
number |
The storage throughput, specified in mebibytes per second (MiBps). |
storageType |
aws-cdk-lib.aws_rds.StorageType |
The storage type to associate with the DB instance. |
subnetGroup |
aws-cdk-lib.aws_rds.ISubnetGroup |
Existing subnet group for the instance. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets to add to the created DB subnet group. |
engine |
aws-cdk-lib.aws_rds.IInstanceEngine |
The database engine. |
allocatedStorage |
number |
The allocated storage size, specified in gibibytes (GiB). |
allowMajorVersionUpgrade |
boolean |
Whether to allow major version upgrades. |
databaseName |
string |
The name of the database. |
instanceType |
aws-cdk-lib.aws_ec2.InstanceType |
The name of the compute and memory capacity for the instance. |
licenseModel |
aws-cdk-lib.aws_rds.LicenseModel |
The license model. |
parameters |
{[ key: string ]: string} |
The parameters in the DBParameterGroup to create automatically. |
timezone |
string |
The time zone of the instance. |
characterSetName |
string |
For supported engines, specifies the character set to associate with the DB instance. |
credentials |
aws-cdk-lib.aws_rds.Credentials |
Credentials for the administrative user. |
storageEncrypted |
boolean |
Indicates whether the DB instance is encrypted. |
storageEncryptionKey |
aws-cdk-lib.aws_kms.IKeyRef |
The KMS key that’s used to encrypt the DB instance. |
addPgbouncer |
boolean |
Add pgbouncer instance for managing traffic to the pgSTAC database. |
bootstrapperLambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
customResourceProperties |
{[ key: string ]: any} |
Lambda function Custom Resource properties. |
pgbouncerInstanceProps |
any |
Properties for the pgbouncer ec2 instance. |
pgstacDbName |
string |
Name of database that is to be created and onto which pgSTAC will be installed. |
pgstacUsername |
string |
Name of user that will be generated for connecting to the pgSTAC database. |
pgstacVersion |
string |
Version of pgstac to install on the database. |
secretsPrefix |
string |
Prefix to assign to the generated secrets_manager.Secret. |
vpcRequired public readonly vpc: IVpc;
The VPC network where the DB subnet group should be created.
applyImmediatelyOptional public readonly applyImmediately: boolean;
Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the preferredMaintenanceWindow setting.
If set to false, changes are applied during the next maintenance window.
Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn’t fully reflect the requested modifications and temporarily diverges from the intended state.
This property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html
autoMinorVersionUpgradeOptional public readonly autoMinorVersionUpgrade: boolean;
Indicates that minor engine upgrades are applied automatically to the DB instance during the maintenance window.
availabilityZoneOptional public readonly availabilityZone: string;
The name of the Availability Zone where the DB instance will be located.
backupRetentionOptional public readonly backupRetention: Duration;
The number of days during which automatic DB snapshots are retained.
Set to zero to disable backups. When creating a read replica, you must enable automatic backups on the source database instance by setting the backup retention to a value other than zero.
caCertificateOptional public readonly caCertificate: CaCertificate;
The identifier of the CA certificate for this DB instance.
Specifying or updating this property triggers a reboot.
For RDS DB engines:
cloudwatchLogsExportsOptional public readonly cloudwatchLogsExports: string[];
The list of log types that need to be enabled for exporting to CloudWatch Logs.
cloudwatchLogsRetentionOptional public readonly cloudwatchLogsRetention: RetentionDays;
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn’t remove the log retention policy. To
remove the retention policy, set the value to Infinity.
cloudwatchLogsRetentionRoleOptional public readonly cloudwatchLogsRetentionRole: IRole;
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
copyTagsToSnapshotOptional public readonly copyTagsToSnapshot: boolean;
Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance.
databaseInsightsModeOptional public readonly databaseInsightsMode: DatabaseInsightsMode;
The database insights mode.
deleteAutomatedBackupsOptional public readonly deleteAutomatedBackups: boolean;
Indicates whether automated backups should be deleted or retained when you delete a DB instance.
deletionProtectionOptional public readonly deletionProtection: boolean;
removalPolicy is RETAIN, false otherwiseIndicates whether the DB instance should have deletion protection enabled.
domainOptional public readonly domain: string;
The Active Directory directory ID to create the DB instance in.
domainRoleOptional public readonly domainRole: IRoleRef;
DatabaseInstanceNewProps#domain is specifiedThe IAM role to be used when making API calls to the Directory Service.
The role needs the AWS-managed policy AmazonRDSDirectoryServiceAccess or equivalent.
enablePerformanceInsightsOptional public readonly enablePerformanceInsights: boolean;
performanceInsightRetention or performanceInsightEncryptionKey is set.Whether to enable Performance Insights for the DB instance.
engineLifecycleSupportOptional public readonly engineLifecycleSupport: EngineLifecycleSupport;
EngineLifecycleSupport.OPEN_SOURCE_RDS_EXTENDED_SUPPORTThe life cycle type for this DB instance.
This setting applies only to RDS for MySQL and RDS for PostgreSQL.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html
iamAuthenticationOptional public readonly iamAuthentication: boolean;
Whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts.
instanceIdentifierOptional public readonly instanceIdentifier: string;
A name for the DB instance.
If you specify a name, AWS CloudFormation converts it to lowercase.
iopsOptional public readonly iops: number;
The number of I/O operations per second (IOPS) that the database provisions.
The value must be equal to or greater than 1000.
maxAllocatedStorageOptional public readonly maxAllocatedStorage: number;
Upper limit to which RDS can scale the storage in GiB(Gibibyte).
monitoringIntervalOptional public readonly monitoringInterval: Duration;
The interval, in seconds, between points when Amazon RDS collects enhanced monitoring metrics for the DB instance.
monitoringRoleOptional public readonly monitoringRole: IRoleRef;
Role that will be used to manage DB instance monitoring.
multiAzOptional public readonly multiAz: boolean;
Specifies if the database instance is a multiple Availability Zone deployment.
networkTypeOptional public readonly networkType: NetworkType;
The network type of the DB instance.
optionGroupOptional public readonly optionGroup: IOptionGroup;
The option group to associate with the instance.
parameterGroupOptional public readonly parameterGroup: IParameterGroup;
The DB parameter group to associate with the instance.
performanceInsightEncryptionKeyOptional public readonly performanceInsightEncryptionKey: IKeyRef;
The AWS KMS key for encryption of Performance Insights data.
performanceInsightRetentionOptional public readonly performanceInsightRetention: PerformanceInsightRetention;
The amount of time, in days, to retain Performance Insights data.
If you set databaseInsightsMode to DatabaseInsightsMode.ADVANCED, you must set this property to PerformanceInsightRetention.MONTHS_15.
portOptional public readonly port: number;
The port for the instance.
preferredBackupWindowOptional public readonly preferredBackupWindow: string;
The daily time range during which automated backups are performed.
Constraints:
hh24:mi-hh24:mi.preferredMaintenanceWindowOptional public readonly preferredMaintenanceWindow: string;
The weekly time range (in UTC) during which system maintenance can occur.
Format: ddd:hh24:mi-ddd:hh24:mi
Constraint: Minimum 30-minute window
processorFeaturesOptional public readonly processorFeatures: ProcessorFeatures;
The number of CPU cores and the number of threads per core.
publiclyAccessibleOptional public readonly publiclyAccessible: boolean;
true if the instance’s vpcSubnets is subnetType: SubnetType.PUBLIC, false otherwiseIndicates whether the DB instance is an internet-facing instance.
If not specified, the instance’s vpcSubnets will be used to determine if the instance is internet-facing or not.
removalPolicyOptional public readonly removalPolicy: RemovalPolicy;
The CloudFormation policy to apply when the instance is removed from the stack or replaced during an update.
s3ExportBucketsOptional public readonly s3ExportBuckets: IBucket[];
S3 buckets that you want to load data into.
This property must not be used if s3ExportRole is used.
For Microsoft SQL Server:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
s3ExportRoleOptional public readonly s3ExportRole: IRole;
s3ExportBuckets is set, no role is defined otherwiseRole that will be associated with this DB instance to enable S3 export.
This property must not be used if s3ExportBuckets is used.
For Microsoft SQL Server:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-s3-integration.html
s3ImportBucketsOptional public readonly s3ImportBuckets: IBucket[];
S3 buckets that you want to load data from.
This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
This property must not be used if s3ImportRole is used.
For Microsoft SQL Server:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
s3ImportRoleOptional public readonly s3ImportRole: IRole;
s3ImportBuckets is set, no role is defined otherwiseRole that will be associated with this DB instance to enable S3 import.
This feature is only supported by the Microsoft SQL Server, Oracle, and PostgreSQL engines.
This property must not be used if s3ImportBuckets is used.
For Microsoft SQL Server:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/PostgreSQL.Procedural.Importing.html
securityGroupsOptional public readonly securityGroups: ISecurityGroup[];
The security groups to assign to the DB instance.
storageThroughputOptional public readonly storageThroughput: number;
The storage throughput, specified in mebibytes per second (MiBps).
Only applicable for GP3.
https://docs.aws.amazon.com//AmazonRDS/latest/UserGuide/CHAP_Storage.html#gp3-storage
storageTypeOptional public readonly storageType: StorageType;
The storage type to associate with the DB instance.
Storage types supported are gp2, gp3, io1, io2, and standard.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#Concepts.Storage.GeneralSSD
subnetGroupOptional public readonly subnetGroup: ISubnetGroup;
Existing subnet group for the instance.
vpcSubnetsOptional public readonly vpcSubnets: SubnetSelection;
The type of subnets to add to the created DB subnet group.
engineRequired public readonly engine: IInstanceEngine;
The database engine.
allocatedStorageOptional public readonly allocatedStorage: number;
The allocated storage size, specified in gibibytes (GiB).
allowMajorVersionUpgradeOptional public readonly allowMajorVersionUpgrade: boolean;
Whether to allow major version upgrades.
databaseNameOptional public readonly databaseName: string;
The name of the database.
instanceTypeOptional public readonly instanceType: InstanceType;
The name of the compute and memory capacity for the instance.
licenseModelOptional public readonly licenseModel: LicenseModel;
The license model.
parametersOptional public readonly parameters: {[ key: string ]: string};
The parameters in the DBParameterGroup to create automatically.
You can only specify parameterGroup or parameters but not both. You need to use a versioned engine to auto-generate a DBParameterGroup.
timezoneOptional public readonly timezone: string;
The time zone of the instance.
This is currently supported only by Microsoft Sql Server.
characterSetNameOptional public readonly characterSetName: string;
For supported engines, specifies the character set to associate with the DB instance.
credentialsOptional public readonly credentials: Credentials;
Credentials for the administrative user.
storageEncryptedOptional public readonly storageEncrypted: boolean;
Indicates whether the DB instance is encrypted.
storageEncryptionKeyOptional public readonly storageEncryptionKey: IKeyRef;
The KMS key that’s used to encrypt the DB instance.
addPgbouncerOptional public readonly addPgbouncer: boolean;
Add pgbouncer instance for managing traffic to the pgSTAC database.
bootstrapperLambdaFunctionOptionsOptional public readonly bootstrapperLambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
customResourcePropertiesOptional public readonly customResourceProperties: {[ key: string ]: any};
Lambda function Custom Resource properties.
A custom resource property is going to be created to trigger the boostrapping lambda function. This parameter allows the user to specify additional properties on top of the defaults ones.
pgbouncerInstancePropsOptional public readonly pgbouncerInstanceProps: any;
Properties for the pgbouncer ec2 instance.
pgstacDbNameOptional public readonly pgstacDbName: string;
Name of database that is to be created and onto which pgSTAC will be installed.
pgstacUsernameOptional public readonly pgstacUsername: string;
Name of user that will be generated for connecting to the pgSTAC database.
pgstacVersionOptional public readonly pgstacVersion: string;
Version of pgstac to install on the database.
secretsPrefixOptional public readonly secretsPrefix: string;
Prefix to assign to the generated secrets_manager.Secret.
import { PrivateLambdaApiGatewayProps } from 'eoapi-cdk'
const privateLambdaApiGatewayProps: PrivateLambdaApiGatewayProps = { ... }
| Name | Type | Description |
|---|---|---|
lambdaFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function to integrate with the API Gateway. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC to create the API Gateway in. |
createVpcEndpoint |
boolean |
Whether to create a VPC endpoint for the API Gateway. |
deployOptions |
aws-cdk-lib.aws_apigateway.StageOptions |
Deploy options for the API Gateway. |
description |
string |
Description for the API Gateway. |
lambdaIntegrationOptions |
aws-cdk-lib.aws_apigateway.LambdaIntegrationOptions |
Lambda integration options for the API Gateway. |
policy |
aws-cdk-lib.aws_iam.PolicyDocument |
Policy for the API Gateway. |
restApiName |
string |
Name for the API Gateway. |
vpcEndpointSubnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
The subnets in which to create a VPC endpoint network interface. |
lambdaFunctionRequired public readonly lambdaFunction: IFunction;
Lambda function to integrate with the API Gateway.
vpcRequired public readonly vpc: IVpc;
VPC to create the API Gateway in.
createVpcEndpointOptional public readonly createVpcEndpoint: boolean;
Whether to create a VPC endpoint for the API Gateway.
deployOptionsOptional public readonly deployOptions: StageOptions;
Deploy options for the API Gateway.
descriptionOptional public readonly description: string;
Description for the API Gateway.
lambdaIntegrationOptionsOptional public readonly lambdaIntegrationOptions: LambdaIntegrationOptions;
Lambda integration options for the API Gateway.
policyOptional public readonly policy: PolicyDocument;
Policy for the API Gateway.
restApiNameOptional public readonly restApiName: string;
${scope.node.id}-private-apiName for the API Gateway.
vpcEndpointSubnetSelectionOptional public readonly vpcEndpointSubnetSelection: SubnetSelection;
The subnets in which to create a VPC endpoint network interface.
At most one per availability zone.
import { StacAuthProxyLambdaProps } from 'eoapi-cdk'
const stacAuthProxyLambdaProps: StacAuthProxyLambdaProps = { ... }
| Name | Type | Description |
|---|---|---|
oidcDiscoveryUrl |
string |
URL to OIDC Discovery Endpoint. |
upstreamUrl |
string |
URL to upstream STAC API. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to stac-auth-proxy runtime. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
stacApiClientId |
string |
OAuth Client ID for Swagger UI. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
domainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Domain Name for the STAC API. |
oidcDiscoveryUrlRequired public readonly oidcDiscoveryUrl: string;
URL to OIDC Discovery Endpoint.
upstreamUrlRequired public readonly upstreamUrl: string;
URL to upstream STAC API.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to stac-auth-proxy runtime.
https://github.com/developmentseed/stac-auth-proxy/?tab=readme-ov-file#configuration
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
stacApiClientIdOptional public readonly stacApiClientId: string;
OAuth Client ID for Swagger UI.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
domainNameOptional public readonly domainName: IDomainName;
Domain Name for the STAC API.
If defined, will create the domain name and integrate it with the STAC API.
import { StacAuthProxyLambdaRuntimeProps } from 'eoapi-cdk'
const stacAuthProxyLambdaRuntimeProps: StacAuthProxyLambdaRuntimeProps = { ... }
| Name | Type | Description |
|---|---|---|
oidcDiscoveryUrl |
string |
URL to OIDC Discovery Endpoint. |
upstreamUrl |
string |
URL to upstream STAC API. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to stac-auth-proxy runtime. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
stacApiClientId |
string |
OAuth Client ID for Swagger UI. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
oidcDiscoveryUrlRequired public readonly oidcDiscoveryUrl: string;
URL to OIDC Discovery Endpoint.
upstreamUrlRequired public readonly upstreamUrl: string;
URL to upstream STAC API.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to stac-auth-proxy runtime.
https://github.com/developmentseed/stac-auth-proxy/?tab=readme-ov-file#configuration
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
stacApiClientIdOptional public readonly stacApiClientId: string;
OAuth Client ID for Swagger UI.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
import { StacBrowserProps } from 'eoapi-cdk'
const stacBrowserProps: StacBrowserProps = { ... }
| Name | Type | Description |
|---|---|---|
githubRepoTag |
string |
Tag of the radiant earth stac-browser repo to use to build the app. |
stacCatalogUrl |
string |
STAC catalog URL. |
bucketArn |
string |
Bucket ARN. |
cloneDirectory |
string |
Location in the filesystem where to compile the browser code. |
cloudFrontDistributionArn |
string |
The ARN of the cloudfront distribution that will be added to the bucket policy with read access. |
configFilePath |
string |
Path to config file for the STAC browser. |
websiteIndexDocument |
string |
The name of the index document (e.g. “index.html”) for the website. Enables static website hosting for this bucket. |
githubRepoTagRequired public readonly githubRepoTag: string;
Tag of the radiant earth stac-browser repo to use to build the app.
stacCatalogUrlRequired public readonly stacCatalogUrl: string;
STAC catalog URL.
Overrides the catalog URL in the stac-browser configuration.
bucketArnOptional public readonly bucketArn: string;
Bucket ARN.
If specified, the identity used to deploy the stack must have the appropriate permissions to create a deployment for this bucket.
In addition, if specified, cloudFrontDistributionArn is ignored since the policy of an imported resource can’t be modified.
cloneDirectoryOptional public readonly cloneDirectory: string;
Location in the filesystem where to compile the browser code.
cloudFrontDistributionArnOptional public readonly cloudFrontDistributionArn: string;
The ARN of the cloudfront distribution that will be added to the bucket policy with read access.
If bucketArn is specified, this parameter is ignored since the policy of an imported bucket can’t be modified.
configFilePathOptional public readonly configFilePath: string;
Path to config file for the STAC browser.
If not provided, default configuration in the STAC browser repository is used.
websiteIndexDocumentOptional public readonly websiteIndexDocument: string;
The name of the index document (e.g. “index.html”) for the website. Enables static website hosting for this bucket.
import { StacIngestorProps } from 'eoapi-cdk'
const stacIngestorProps: StacIngestorProps = { ... }
| Name | Type | Description |
|---|---|---|
dataAccessRole |
aws-cdk-lib.aws_iam.IRole |
ARN of AWS Role used to validate access to S3 data. |
stacDbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing pgSTAC DB connection information. |
stacDbSecurityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
Security Group used by pgSTAC DB. |
stacUrl |
string |
URL of STAC API. |
stage |
string |
Stage of deployment (e.g. dev, prod). |
apiEndpointConfiguration |
aws-cdk-lib.aws_apigateway.EndpointConfiguration |
API Endpoint Configuration, useful for creating private APIs. |
apiEnv |
{[ key: string ]: string} |
Environment variables to be sent to Lambda. |
apiLambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
apiPolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
API Policy Document, useful for creating private APIs. |
ingestorDomainNameOptions |
aws-cdk-lib.aws_apigateway.DomainNameOptions |
Custom Domain Name Options for Ingestor API. |
ingestorLambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
pgstacVersion |
string |
pgstac version - must match the version installed on the pgstac database. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed if using a VPC. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC running pgSTAC DB. |
dataAccessRoleRequired public readonly dataAccessRole: IRole;
ARN of AWS Role used to validate access to S3 data.
stacDbSecretRequired public readonly stacDbSecret: ISecret;
Secret containing pgSTAC DB connection information.
stacDbSecurityGroupRequired public readonly stacDbSecurityGroup: ISecurityGroup;
Security Group used by pgSTAC DB.
stacUrlRequired public readonly stacUrl: string;
URL of STAC API.
stageRequired public readonly stage: string;
Stage of deployment (e.g. dev, prod).
apiEndpointConfigurationOptional public readonly apiEndpointConfiguration: EndpointConfiguration;
API Endpoint Configuration, useful for creating private APIs.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Environment variables to be sent to Lambda.
apiLambdaFunctionOptionsOptional public readonly apiLambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
apiPolicyOptional public readonly apiPolicy: PolicyDocument;
API Policy Document, useful for creating private APIs.
ingestorDomainNameOptionsOptional public readonly ingestorDomainNameOptions: DomainNameOptions;
Custom Domain Name Options for Ingestor API.
ingestorLambdaFunctionOptionsOptional public readonly ingestorLambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
pgstacVersionOptional public readonly pgstacVersion: string;
pgstac version - must match the version installed on the pgstac database.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed if using a VPC.
vpcOptional public readonly vpc: IVpc;
VPC running pgSTAC DB.
import { StacItemLoaderProps } from 'eoapi-cdk'
const stacItemLoaderProps: StacItemLoaderProps = { ... }
| Name | Type | Description |
|---|---|---|
pgstacDb |
PgStacDatabase |
The PgSTAC database instance to load data into. |
batchSize |
number |
SQS batch size for lambda event source. |
environment |
{[ key: string ]: string} |
Additional environment variables for the lambda function. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
lambdaRuntime |
aws-cdk-lib.aws_lambda.Runtime |
The lambda runtime to use for the item loading function. |
lambdaTimeoutSeconds |
number |
The timeout for the item load lambda in seconds. |
maxBatchingWindowMinutes |
number |
Maximum batching window in minutes. |
maxConcurrency |
number |
Maximum concurrent executions for the StacLoader Lambda function. |
memorySize |
number |
Memory size for the lambda function in MB. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
pgstacDbpublic readonly pgstacDb: PgStacDatabase;
The PgSTAC database instance to load data into.
This database must have the pgstac extension installed and be properly configured with collections before objects can be loaded. The loader will use AWS Secrets Manager to securely access database credentials.
batchSizepublic readonly batchSize: number;
SQS batch size for lambda event source.
This determines the maximum number of STAC objects that will be processed together in a single lambda invocation. Larger batch sizes improve database insertion efficiency but require more memory and longer processing time.
Batching Behavior: SQS will wait to accumulate up to this many messages before triggering the Lambda, OR until the maxBatchingWindow timeout is reached, whichever comes first. This creates an efficient balance between throughput and latency.
environmentpublic readonly environment: {[ key: string ]: string};
Additional environment variables for the lambda function.
These will be merged with the default environment variables including PGSTAC_SECRET_ARN. Use this for custom configuration or debugging flags.
If you want to enable the option to upload a boilerplate collection record
in the event that the collection record does not yet exist for an item that
is set to be loaded, set the variable "CREATE_COLLECTIONS_IF_MISSING": "TRUE".
lambdaFunctionOptionspublic readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
lambdaRuntimepublic readonly lambdaRuntime: Runtime;
The lambda runtime to use for the item loading function.
The function is implemented in Python and uses pypgstac for database operations. Ensure the runtime version is compatible with the pgstac version specified in the database configuration.
lambdaTimeoutSecondspublic readonly lambdaTimeoutSeconds: number;
The timeout for the item load lambda in seconds.
This should accommodate the time needed to process up to batchSize
objects and perform database insertions. The SQS visibility timeout
will be set to this value plus 10 seconds.
maxBatchingWindowMinutespublic readonly maxBatchingWindowMinutes: number;
Maximum batching window in minutes.
Even if the batch size isn’t reached, the lambda will be triggered after this time period to ensure timely processing of objects. This prevents objects from waiting indefinitely in low-volume scenarios.
Important: This timeout works in conjunction with batchSize - SQS will trigger the Lambda when EITHER the batch size is reached OR this time window expires, ensuring objects are processed in a timely manner regardless of volume.
maxConcurrencypublic readonly maxConcurrency: number;
Maximum concurrent executions for the StacLoader Lambda function.
This limit will be applied to the Lambda function and will control how many concurrent batches will be released from the SQS queue.
memorySizepublic readonly memorySize: number;
Memory size for the lambda function in MB.
Higher memory allocation may improve performance when processing large batches of STAC objects, especially for memory-intensive database operations.
subnetSelectionpublic readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcpublic readonly vpc: IVpc;
VPC into which the lambda should be deployed.
Configuration properties for the StacLoader construct.
The StacLoader is part of a two-phase serverless STAC ingestion pipeline that loads STAC collections and items into a pgstac database. This construct creates the infrastructure for receiving STAC objects from multiple sources:
Objects from both sources are batched and inserted into PostgreSQL with the pgstac extension.
Example
const loader = new StacLoader(this, 'StacLoader', {
pgstacDb: database,
batchSize: 1000,
maxBatchingWindowMinutes: 1,
lambdaTimeoutSeconds: 300
});
import { StacLoaderProps } from 'eoapi-cdk'
const stacLoaderProps: StacLoaderProps = { ... }
| Name | Type | Description |
|---|---|---|
pgstacDb |
PgStacDatabase |
The PgSTAC database instance to load data into. |
batchSize |
number |
SQS batch size for lambda event source. |
environment |
{[ key: string ]: string} |
Additional environment variables for the lambda function. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
lambdaRuntime |
aws-cdk-lib.aws_lambda.Runtime |
The lambda runtime to use for the item loading function. |
lambdaTimeoutSeconds |
number |
The timeout for the item load lambda in seconds. |
maxBatchingWindowMinutes |
number |
Maximum batching window in minutes. |
maxConcurrency |
number |
Maximum concurrent executions for the StacLoader Lambda function. |
memorySize |
number |
Memory size for the lambda function in MB. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
pgstacDbRequired public readonly pgstacDb: PgStacDatabase;
The PgSTAC database instance to load data into.
This database must have the pgstac extension installed and be properly configured with collections before objects can be loaded. The loader will use AWS Secrets Manager to securely access database credentials.
batchSizeOptional public readonly batchSize: number;
SQS batch size for lambda event source.
This determines the maximum number of STAC objects that will be processed together in a single lambda invocation. Larger batch sizes improve database insertion efficiency but require more memory and longer processing time.
Batching Behavior: SQS will wait to accumulate up to this many messages before triggering the Lambda, OR until the maxBatchingWindow timeout is reached, whichever comes first. This creates an efficient balance between throughput and latency.
environmentOptional public readonly environment: {[ key: string ]: string};
Additional environment variables for the lambda function.
These will be merged with the default environment variables including PGSTAC_SECRET_ARN. Use this for custom configuration or debugging flags.
If you want to enable the option to upload a boilerplate collection record
in the event that the collection record does not yet exist for an item that
is set to be loaded, set the variable "CREATE_COLLECTIONS_IF_MISSING": "TRUE".
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
lambdaRuntimeOptional public readonly lambdaRuntime: Runtime;
The lambda runtime to use for the item loading function.
The function is implemented in Python and uses pypgstac for database operations. Ensure the runtime version is compatible with the pgstac version specified in the database configuration.
lambdaTimeoutSecondsOptional public readonly lambdaTimeoutSeconds: number;
The timeout for the item load lambda in seconds.
This should accommodate the time needed to process up to batchSize
objects and perform database insertions. The SQS visibility timeout
will be set to this value plus 10 seconds.
maxBatchingWindowMinutesOptional public readonly maxBatchingWindowMinutes: number;
Maximum batching window in minutes.
Even if the batch size isn’t reached, the lambda will be triggered after this time period to ensure timely processing of objects. This prevents objects from waiting indefinitely in low-volume scenarios.
Important: This timeout works in conjunction with batchSize - SQS will trigger the Lambda when EITHER the batch size is reached OR this time window expires, ensuring objects are processed in a timely manner regardless of volume.
maxConcurrencyOptional public readonly maxConcurrency: number;
Maximum concurrent executions for the StacLoader Lambda function.
This limit will be applied to the Lambda function and will control how many concurrent batches will be released from the SQS queue.
memorySizeOptional public readonly memorySize: number;
Memory size for the lambda function in MB.
Higher memory allocation may improve performance when processing large batches of STAC objects, especially for memory-intensive database operations.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
Configuration properties for the StactoolsItemGenerator construct.
The StactoolsItemGenerator is part of a two-phase serverless STAC ingestion pipeline that generates STAC items from source data. This construct creates the infrastructure for the first phase of the pipeline - processing metadata about assets and transforming them into standardized STAC items.
Example
const generator = new StactoolsItemGenerator(this, 'ItemGenerator', {
itemLoadTopicArn: loader.topic.topicArn,
lambdaTimeoutSeconds: 120,
maxConcurrency: 100,
batchSize: 10
});
import { StactoolsItemGeneratorProps } from 'eoapi-cdk'
const stactoolsItemGeneratorProps: StactoolsItemGeneratorProps = { ... }
| Name | Type | Description |
|---|---|---|
itemLoadTopicArn |
string |
ARN of the SNS topic to publish generated items to. |
batchSize |
number |
SQS batch size for lambda event source. |
environment |
{[ key: string ]: string} |
Additional environment variables for the lambda function. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
lambdaRuntime |
aws-cdk-lib.aws_lambda.Runtime |
The lambda runtime to use for the item generation function. |
lambdaTimeoutSeconds |
number |
The timeout for the item generation lambda in seconds. |
maxConcurrency |
number |
Maximum number of concurrent executions. |
memorySize |
number |
Memory size for the lambda function in MB. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
itemLoadTopicArnRequired public readonly itemLoadTopicArn: string;
ARN of the SNS topic to publish generated items to.
This is typically the topic from a StacLoader construct. Generated STAC items will be published here for downstream processing and database insertion.
batchSizeOptional public readonly batchSize: number;
SQS batch size for lambda event source.
This determines how many generation requests are processed together in a single lambda invocation. Unlike the loader, generation typically processes items individually, so smaller batch sizes are common.
environmentOptional public readonly environment: {[ key: string ]: string};
Additional environment variables for the lambda function.
These will be merged with default environment variables including ITEM_LOAD_TOPIC_ARN and LOG_LEVEL. Use this for custom configuration or to pass credentials for external data sources.
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
lambdaRuntimeOptional public readonly lambdaRuntime: Runtime;
The lambda runtime to use for the item generation function.
The function is containerized using Docker and can accommodate various stactools packages. The runtime version should be compatible with the packages you plan to use for STAC item generation.
lambdaTimeoutSecondsOptional public readonly lambdaTimeoutSeconds: number;
The timeout for the item generation lambda in seconds.
This should accommodate the time needed to:
The SQS visibility timeout will be set to this value plus 10 seconds.
maxConcurrencyOptional public readonly maxConcurrency: number;
Maximum number of concurrent executions.
This controls how many item generation tasks can run simultaneously. Higher concurrency enables faster processing of large batches but may strain downstream systems or external data sources.
memorySizeOptional public readonly memorySize: number;
Memory size for the lambda function in MB.
Higher memory allocation may be needed for processing large geospatial datasets or when stactools packages have high memory requirements. More memory also provides proportionally more CPU power.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
import { TiPgApiLambdaProps } from 'eoapi-cdk'
const tiPgApiLambdaProps: TiPgApiLambdaProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance \| aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server. |
dbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing connection information for pgSTAC database. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to titiler-pgstac runtime. |
enableSnapStart |
boolean |
Enable SnapStart to reduce cold start latency. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
domainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Domain Name for the TiPg API. |
tipgApiDomainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Custom Domain Name for tipg API. |
dbRequired public readonly db: IDatabaseInstance | IInstance;
| Type: aws-cdk-lib.aws_rds.IDatabaseInstance | aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server.
dbSecretRequired public readonly dbSecret: ISecret;
Secret containing connection information for pgSTAC database.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to titiler-pgstac runtime.
enableSnapStartOptional public readonly enableSnapStart: boolean;
Enable SnapStart to reduce cold start latency.
SnapStart creates a snapshot of the initialized Lambda function, allowing new instances to start from this pre-initialized state instead of starting from scratch.
Benefits:
Considerations:
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
domainNameOptional public readonly domainName: IDomainName;
Domain Name for the TiPg API.
If defined, will create the domain name and integrate it with the TiPg API.
tipgApiDomainNamepublic readonly tipgApiDomainName: IDomainName;
Custom Domain Name for tipg API.
If defined, will create the domain name and integrate it with the tipg API.
import { TiPgApiLambdaRuntimeProps } from 'eoapi-cdk'
const tiPgApiLambdaRuntimeProps: TiPgApiLambdaRuntimeProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance \| aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server. |
dbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing connection information for pgSTAC database. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to titiler-pgstac runtime. |
enableSnapStart |
boolean |
Enable SnapStart to reduce cold start latency. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
dbRequired public readonly db: IDatabaseInstance | IInstance;
| Type: aws-cdk-lib.aws_rds.IDatabaseInstance | aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server.
dbSecretRequired public readonly dbSecret: ISecret;
Secret containing connection information for pgSTAC database.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to titiler-pgstac runtime.
enableSnapStartOptional public readonly enableSnapStart: boolean;
Enable SnapStart to reduce cold start latency.
SnapStart creates a snapshot of the initialized Lambda function, allowing new instances to start from this pre-initialized state instead of starting from scratch.
Benefits:
Considerations:
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
import { TitilerPgstacApiLambdaProps } from 'eoapi-cdk'
const titilerPgstacApiLambdaProps: TitilerPgstacApiLambdaProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance \| aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server. |
dbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing connection information for pgSTAC database. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to titiler-pgstac runtime. |
buckets |
string[] |
list of buckets the lambda will be granted access to. |
enableSnapStart |
boolean |
Enable SnapStart to reduce cold start latency. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
domainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Domain Name for the Titiler Pgstac API. |
titilerPgstacApiDomainName |
aws-cdk-lib.aws_apigatewayv2.IDomainName |
Custom Domain Name Options for Titiler Pgstac API,. |
dbRequired public readonly db: IDatabaseInstance | IInstance;
| Type: aws-cdk-lib.aws_rds.IDatabaseInstance | aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server.
dbSecretRequired public readonly dbSecret: ISecret;
Secret containing connection information for pgSTAC database.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to titiler-pgstac runtime.
These will be merged with defaultTitilerPgstacEnv.
The database secret arn is automatically added to the environment variables at deployment.
bucketsOptional public readonly buckets: string[];
list of buckets the lambda will be granted access to.
enableSnapStartOptional public readonly enableSnapStart: boolean;
Enable SnapStart to reduce cold start latency.
SnapStart creates a snapshot of the initialized Lambda function, allowing new instances to start from this pre-initialized state instead of starting from scratch.
Benefits:
Considerations:
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.
domainNameOptional public readonly domainName: IDomainName;
Domain Name for the Titiler Pgstac API.
If defined, will create the domain name and integrate it with the Titiler Pgstac API.
titilerPgstacApiDomainNamepublic readonly titilerPgstacApiDomainName: IDomainName;
Custom Domain Name Options for Titiler Pgstac API,.
import { TitilerPgstacApiLambdaRuntimeProps } from 'eoapi-cdk'
const titilerPgstacApiLambdaRuntimeProps: TitilerPgstacApiLambdaRuntimeProps = { ... }
| Name | Type | Description |
|---|---|---|
db |
aws-cdk-lib.aws_rds.IDatabaseInstance \| aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server. |
dbSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Secret containing connection information for pgSTAC database. |
apiEnv |
{[ key: string ]: string} |
Customized environment variables to send to titiler-pgstac runtime. |
buckets |
string[] |
list of buckets the lambda will be granted access to. |
enableSnapStart |
boolean |
Enable SnapStart to reduce cold start latency. |
lambdaFunctionOptions |
any |
Can be used to override the default lambda function properties. |
subnetSelection |
aws-cdk-lib.aws_ec2.SubnetSelection |
Subnet into which the lambda should be deployed. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC into which the lambda should be deployed. |
dbRequired public readonly db: IDatabaseInstance | IInstance;
| Type: aws-cdk-lib.aws_rds.IDatabaseInstance | aws-cdk-lib.aws_ec2.IInstance |
RDS Instance with installed pgSTAC or pgbouncer server.
dbSecretRequired public readonly dbSecret: ISecret;
Secret containing connection information for pgSTAC database.
apiEnvOptional public readonly apiEnv: {[ key: string ]: string};
Customized environment variables to send to titiler-pgstac runtime.
These will be merged with defaultTitilerPgstacEnv.
The database secret arn is automatically added to the environment variables at deployment.
bucketsOptional public readonly buckets: string[];
list of buckets the lambda will be granted access to.
enableSnapStartOptional public readonly enableSnapStart: boolean;
Enable SnapStart to reduce cold start latency.
SnapStart creates a snapshot of the initialized Lambda function, allowing new instances to start from this pre-initialized state instead of starting from scratch.
Benefits:
Considerations:
lambdaFunctionOptionsOptional public readonly lambdaFunctionOptions: any;
Can be used to override the default lambda function properties.
subnetSelectionOptional public readonly subnetSelection: SubnetSelection;
Subnet into which the lambda should be deployed.
vpcOptional public readonly vpc: IVpc;
VPC into which the lambda should be deployed.