You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| <spanid="config">`config`</span> | The location of the htsget-rs server config. This must be specified. This config file configures the htsget-rs server. See [htsget-config] for a list of available server configuration options. |`string`|
21
-
| <spanid="domain">`domain`</span> | The domain name for the Route53 Hosted Zone that the htsget-rs server will be under. This must be specified. A hosted zone with this name will either be looked up or created depending on the value of [`lookupHostedZone?`](#lookupHostedZone). |`string`|
22
-
| <spanid="authorizer">`authorizer`</span> | Deployment options related to the authorizer. Note that this option allows specifying an AWS [JWT authorizer][jwt-authorizer]. The JWT authorizer automatically verifies tokens issued by a Cognito user pool. |[`HtsgetJwtAuthSettings`](#htsgetjwtauthsettings)|
23
-
| <spanid="subDomain">`subDomain?`</span> | The domain name prefix to use for the htsget-rs server. Together with the [`domain`](#domain), this specifies url that the htsget-rs server will be reachable under. Defaults to `"htsget"`. |`string`|
24
-
| <spanid="s3BucketResources">`s3BucketResources?`</span> | The resources that are affected by the bucket policy with actions: `["s3:List*", "s3:Get*"]`. If this is not specified, it defaults to `["arn:aws:s3:::*"]`. This affects which buckets are allowed to be accessed with the policy. |`string[]`|
25
-
| <spanid="lookupHostedZone">`lookupHostedZone?`</span> | Whether to lookup the hosted zone with the domain name. Defaults to `true`. If `true`, attempts to lookup an existing hosted zone using the domain name. Set this to `false` if you want to create a new hosted zone with the domain name. |`boolean`|
| <spanid="config">`config`</span> | The location of the htsget-rs server config. This must be specified. This config file configures the htsget-rs server. See [htsget-config] for a list of available server configuration options. |`string`|
22
+
| <spanid="domain">`domain`</span> | The domain name for the Route53 Hosted Zone that the htsget-rs server will be under. This must be specified. A hosted zone with this name will either be looked up or created depending on the value of [`lookupHostedZone?`](#lookupHostedZone). |`string`|
23
+
| <spanid="authorizer">`authorizer`</span> | Deployment options related to the authorizer. Note that this option allows specifying an AWS [JWT authorizer][jwt-authorizer]. The JWT authorizer automatically verifies tokens issued by a Cognito user pool. |[`HtsgetJwtAuthSettings`](#htsgetjwtauthsettings)|
24
+
| <spanid="subDomain">`subDomain?`</span> | The domain name prefix to use for the htsget-rs server. Together with the [`domain`](#domain), this specifies url that the htsget-rs server will be reachable under. Defaults to `"htsget"`. |`string`|
25
+
| <spanid="s3BucketResources">`s3BucketResources`</span> | The buckets to serve data from. If this is not specified, this defaults to `[]`. This affects which buckets are allowed to be accessed by the policy actions which are `["s3:List*", "s3:Get*"]`. Note that this option does not create buckets, it only gives permission to access them, see the `createS3Buckets` option. This option must be specified to allow `htsget-rs` to access data in buckets that are not created in this stack. |`string[]`|
26
+
| <spanid="lookupHostedZone">`lookupHostedZone?`</span> | Whether to lookup the hosted zone with the domain name. Defaults to `true`. If `true`, attempts to lookup an existing hosted zone using the domain name. Set this to `false` if you want to create a new hosted zone with the domain name. |`boolean`|
27
+
| <spanid="createS3Bucket">`createS3Bucket?`</span> | Whether to create a test bucket. Defaults to true. Buckets are created with [`RemovalPolicy.RETAIN`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.RemovalPolicy.html). The correct access permissions are automatically added. |`boolean`|
28
+
| <spanid="bucketName">`bucketName?`</span> | The name of the bucket created using `createS3Bucket`. The name defaults to an automatically generated CDK name, use this option to override that. This option only has an affect is `createS3Buckets` is true. |`string`|
29
+
| <spanid="copyTestData">`copyTestData?`</span> | Whether to copy test data into the bucket. Defaults to true. This copies the example data under the `data` directory to those buckets. This option only has an affect is `createS3Buckets` is true. |`boolean`|
26
30
27
31
#### HtsgetJwtAuthSettings
32
+
28
33
These settings are used to determine if the htsget API gateway endpoint is configured to have a JWT authorizer or not.
| <spanid="public">`public`</span> | Whether this deployment is public. If this is `true` then no authorizer is present on the API gateway and the options below have no effect. |`boolean`|
33
-
| <spanid="jwtAudience">`jwtAudience?`</span> | A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. |`string[]`|
38
+
| <spanid="jwtAudience">`jwtAudience?`</span> | A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. |`string[]`|
34
39
| <spanid="cogUserPoolId?">`cogUserPoolId?`</span> | The cognito user pool id for the authorizer. If this is not set, then a new user pool is created. No user pool is created if [`public`](#public) is true. |`string`|
35
40
36
41
The [`HtsgetSettings`](#htsgetsettings) are passed into [`HtsgetLambdaStack`][htsget-lambda-stack] in order to change the deployment config. An example of a public instance deployment
@@ -49,7 +54,7 @@ After installing the basic dependencies, complete the following steps:
49
54
50
55
1. Login to AWS and define `CDK_DEFAULT_*` env variables (if not defined already). You must be authenticated with your AWS cloud to run this step.
51
56
2. Install [cargo-lambda], as it is used to compile artifacts that are uploaded to aws lambda.
52
-
3. Define which configuration to use for htsget-rs as stated in the configuration section.
57
+
3. Define which configuration to use for htsget-rs as stated in the configuration section.
53
58
54
59
Below is a summary of commands to run in this directory:
55
60
@@ -67,6 +72,11 @@ npm install
67
72
68
73
### Deploy to AWS
69
74
75
+
> [!IMPORTANT]
76
+
> The default deployment is designed to work out of the box. A bucket with a CDK-generated name is created with test
77
+
> data from the [`data`][data] directory. All deployment settings can be tweaked using the [`settings.ts`][htsget-settings].
78
+
> The only option that must be specified in the `domain`, which determines the domain name to serve htsget-rs at.
79
+
70
80
CDK should be bootstrapped once, if this hasn't been done before:
71
81
72
82
```sh
@@ -79,6 +89,10 @@ Then to deploy the stack, run:
79
89
npx cdk deploy
80
90
```
81
91
92
+
> [!WARNING]
93
+
> By default this deployment will create a public instance of htsget-rs. Anyone will be able to query the server
94
+
> without authorizing unless you modify the `HtsgetJwtAuthSettings` settings.
95
+
82
96
### Testing the endpoint
83
97
84
98
When the deployment is finished, the htsget endpoint can be tested by querying it. If a JWT authorizer is configured,
@@ -173,3 +187,4 @@ and a [MinIO][minio] deployment.
0 commit comments