Adding basic SaaS code samples

ogiderek · ogiderek · commit 76d887d7aa93 · 2025-06-27T20:22:13.000Z
diff --git a/.doc_gen/metadata/cloudfront_metadata.yaml b/.doc_gen/metadata/cloudfront_metadata.yaml
@@ -80,6 +80,54 @@ cloudfront_CreateDistribution:
                 - cloudfront.java2.createdistribution.main
   services:
     cloudfront: {CreateDistribution}
+cloudfront_CreateSaasResources:
+  title: Create a SaaS resource stack &AWS; SDK
+  title_abbrev: Create a multi tenant distribution and distribution tenant
+  synopsis: Create a multi tenant distribution and distribution tenant with various configurations.
+  category: Scenarios
+  languages:
+    Java:
+      versions:
+        - sdk_version: 2
+          github: javav2/example_code/cloudfront
+          sdkguide:
+          excerpts:
+            - description: >-
+                The following example demonstrates how to create a multi tenant distribution with parameters and wildcard certificate
+              snippet_tags:
+                - cloudfront.java2.createmultitenantdistribution.import
+                - cloudfront.java2.createmultitenantdistribution.main
+            - description: >-
+                The following example demonstrates how to create a distribution tenant associated with that template, including utilizing the parameter we declared above.  Note that we don't need to add certificate info here because our domain is already covered by the parent template.
+              snippet_tags:
+                - cloudfront.java2.createdistributiontenant.import
+                - cloudfront.java2.createdistributiontenant.title
+                - cloudfront.java2.createdistributiontenant.nocert
+                - cloudfront.java2.createdistributiontenant.closebrace
+            - description: >-
+                <para>If the viewer certificate was omitted from the parent template, you would need to add certificate info on the tenant(s) associated with it instead.</para>
+                The following example demonstrates how to do so via an ACM certificate arn that covers the necessary domain for the tenant.
+              snippet_tags:
+                - cloudfront.java2.createdistributiontenant.import
+                - cloudfront.java2.createdistributiontenant.title
+                - cloudfront.java2.createdistributiontenant.withcert
+                - cloudfront.java2.createdistributiontenant.closebrace
+            - description: >-
+                The following example demonstrates how to do so with a cloudfront hosted managed certificate request.
+              snippet_tags:
+                - cloudfront.java2.createdistributiontenant.import
+                - cloudfront.java2.createdistributiontenant.title
+                - cloudfront.java2.createdistributiontenant.cfhosted
+                - cloudfront.java2.createdistributiontenant.closebrace
+            - description: >-
+                The following example demonstrates how to do so with a self-hosted managed certificate request.
+              snippet_tags:
+                - cloudfront.java2.createdistributiontenant.import
+                - cloudfront.java2.createdistributiontenant.title
+                - cloudfront.java2.createdistributiontenant.selfhosted
+                - cloudfront.java2.createdistributiontenant.closebrace
+  services:
+    cloudfront: {CreateDistribution, CreateDistributionTenant}
 cloudfront_CreateKeyGroup:
   languages:
     Java:
diff --git a/javav2/example_code/cloudfront/src/main/java/com/example/cloudfront/CreateDistributionTenant.java b/javav2/example_code/cloudfront/src/main/java/com/example/cloudfront/CreateDistributionTenant.java
@@ -0,0 +1,170 @@
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package com.example.cloudfront;
+
+// snippet-start:[cloudfront.java2.createdistributiontenant.import]
+import software.amazon.awssdk.core.internal.waiters.ResponseOrException;
+import software.amazon.awssdk.services.cloudfront.CloudFrontClient;
+import software.amazon.awssdk.services.cloudfront.model.CreateDistributionResponse;
+import software.amazon.awssdk.services.cloudfront.model.Distribution;
+import software.amazon.awssdk.services.cloudfront.model.GetDistributionResponse;
+import software.amazon.awssdk.services.cloudfront.model.ItemSelection;
+import software.amazon.awssdk.services.cloudfront.model.Method;
+import software.amazon.awssdk.services.cloudfront.model.ViewerProtocolPolicy;
+import software.amazon.awssdk.services.cloudfront.waiters.CloudFrontWaiter;
+import software.amazon.awssdk.services.s3.S3Client;
+
+import java.time.Instant;
+// snippet-end:[cloudfront.java2.createdistributiontenant.import]
+
+// snippet-start:[cloudfront.java2.createdistributiontenant.title]
+public class CreateMultiTenantDistribution {
+    // snippet-end:[cloudfront.java2.createdistributiontenant.title]
+// snippet-start:[cloudfront.java2.createdistributiontenant.nocert]
+    public static DistributionTenant createDistributionTenantNoCert(CloudFrontClient cloudFrontClient,
+                                                                    Route53Client route53Client,
+                                                                    String distributionId,
+                                                                    String domain,
+                                                                    String hostedZoneId) {
+        CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder
+                .distributionId(distributionId)
+                .domains(b1 -> b1
+                        .domain(domain))
+                .enabled(true)
+                .name("no-cert-tenant")
+        );
+
+        final DistributionTenant distributionTenant = createResponse.distributionTenant();
+
+        final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient.getConnectionGroup(builder -> builder
+                .identifier(distributionTenant.connectionGroupId()));
+
+        route53Client.changeResourceRecordSets(builder -> builder
+                .hostedZoneId(hostedZoneId)
+                .changeBatch(b1 -> b1
+                        .comment("ChangeBatch comment")
+                        .changes(b2 -> b2
+                                .resourceRecordSet(b3 -> b3
+                                        .name(domain)
+                                        .type("CNAME")
+                                        .ttl(300L)
+                                        .resourceRecords(b4 -> b4
+                                                .value(fetchedConnectionGroup.connectionGroup().routingEndpoint())))
+                                .action("CREATE"))
+                ));
+        return distributionTenant;
+    }
+// snippet-end:[cloudfront.java2.createdistributiontenant.nocert]
+
+    // snippet-start:[cloudfront.java2.createdistributiontenant.withcert]
+    public static DistributionTenant createDistributionTenantWithCert(CloudFrontClient cloudFrontClient,
+                                                                      Route53Client route53Client,
+                                                                      String distributionId,
+                                                                      String domain,
+                                                                      String hostedZoneId) {
+        CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder
+                .distributionId(distributionId)
+                .domains(b1 -> b1
+                        .domain(domain))
+                .enabled(true)
+                .name("no-cert-tenant")
+        );
+
+        final DistributionTenant distributionTenant = createResponse.distributionTenant();
+
+        final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient.getConnectionGroup(builder -> builder
+                .identifier(distributionTenant.connectionGroupId()));
+
+        route53Client.changeResourceRecordSets(builder -> builder
+                .hostedZoneId(hostedZoneId)
+                .changeBatch(b1 -> b1
+                        .comment("ChangeBatch comment")
+                        .changes(b2 -> b2
+                                .resourceRecordSet(b3 -> b3
+                                        .name(domain)
+                                        .type("CNAME")
+                                        .ttl(300L)
+                                        .resourceRecords(b4 -> b4
+                                                .value(fetchedConnectionGroup.connectionGroup().routingEndpoint())))
+                                .action("CREATE"))
+                ));
+        return distributionTenant;
+    }
+// snippet-end:[cloudfront.java2.createdistributiontenant.withcert]
+
+    // snippet-start:[cloudfront.java2.createdistributiontenant.cfhosted]
+    public static DistributionTenant createDistributionTenantCfHosted(CloudFrontClient cloudFrontClient,
+                                                                      Route53Client route53Client,
+                                                                      String distributionId,
+                                                                      String domain,
+                                                                      String hostedZoneId) {
+        CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder
+                .distributionId(distributionId)
+                .domains(b1 -> b1
+                        .domain(domain))
+                .enabled(true)
+                .name("no-cert-tenant")
+        );
+
+        final DistributionTenant distributionTenant = createResponse.distributionTenant();
+
+        final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient.getConnectionGroup(builder -> builder
+                .identifier(distributionTenant.connectionGroupId()));
+
+        route53Client.changeResourceRecordSets(builder -> builder
+                .hostedZoneId(hostedZoneId)
+                .changeBatch(b1 -> b1
+                        .comment("ChangeBatch comment")
+                        .changes(b2 -> b2
+                                .resourceRecordSet(b3 -> b3
+                                        .name(domain)
+                                        .type("CNAME")
+                                        .ttl(300L)
+                                        .resourceRecords(b4 -> b4
+                                                .value(fetchedConnectionGroup.connectionGroup().routingEndpoint())))
+                                .action("CREATE"))
+                ));
+        return distributionTenant;
+    }
+// snippet-end:[cloudfront.java2.createdistributiontenant.cfhosted]
+
+    // snippet-start:[cloudfront.java2.createdistributiontenant.selfhosted]
+    public static DistributionTenant createDistributionTenantSelfHosted(CloudFrontClient cloudFrontClient,
+                                                                        Route53Client route53Client,
+                                                                        String distributionId,
+                                                                        String domain,
+                                                                        String hostedZoneId) {
+        CreateDistributionTenantResponse createResponse = cloudFrontClient.createDistributionTenant(builder -> builder
+                .distributionId(distributionId)
+                .domains(b1 -> b1
+                        .domain(domain))
+                .enabled(true)
+                .name("no-cert-tenant")
+        );
+
+        final DistributionTenant distributionTenant = createResponse.distributionTenant();
+
+        final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient.getConnectionGroup(builder -> builder
+                .identifier(distributionTenant.connectionGroupId()));
+
+        route53Client.changeResourceRecordSets(builder -> builder
+                .hostedZoneId(hostedZoneId)
+                .changeBatch(b1 -> b1
+                        .comment("ChangeBatch comment")
+                        .changes(b2 -> b2
+                                .resourceRecordSet(b3 -> b3
+                                        .name(domain)
+                                        .type("CNAME")
+                                        .ttl(300L)
+                                        .resourceRecords(b4 -> b4
+                                                .value(fetchedConnectionGroup.connectionGroup().routingEndpoint())))
+                                .action("CREATE"))
+                ));
+        return distributionTenant;
+    }
+// snippet-end:[cloudfront.java2.createdistributiontenant.selfhosted]
+
+// snippet-start:[cloudfront.java2.createdistributiontenant.closebrace]
+}
+// snippet-end:[cloudfront.java2.createdistributiontenant.closebrace]
diff --git a/javav2/example_code/cloudfront/src/main/java/com/example/cloudfront/CreateMultiTenantDistribution.java b/javav2/example_code/cloudfront/src/main/java/com/example/cloudfront/CreateMultiTenantDistribution.java
@@ -0,0 +1,80 @@
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package com.example.cloudfront;
+
+// snippet-start:[cloudfront.java2.createmultitenantdistribution.import]
+import software.amazon.awssdk.core.internal.waiters.ResponseOrException;
+import software.amazon.awssdk.services.cloudfront.CloudFrontClient;
+import software.amazon.awssdk.services.cloudfront.model.CreateDistributionResponse;
+import software.amazon.awssdk.services.cloudfront.model.Distribution;
+import software.amazon.awssdk.services.cloudfront.model.GetDistributionResponse;
+import software.amazon.awssdk.services.cloudfront.model.ItemSelection;
+import software.amazon.awssdk.services.cloudfront.model.Method;
+import software.amazon.awssdk.services.cloudfront.model.ViewerProtocolPolicy;
+import software.amazon.awssdk.services.cloudfront.waiters.CloudFrontWaiter;
+import software.amazon.awssdk.services.s3.S3Client;
+
+import java.time.Instant;
+// snippet-end:[cloudfront.java2.createmultitenantdistribution.import]
+
+// snippet-start:[cloudfront.java2.createmultitenantdistribution.main]
+public class CreateMultiTenantDistribution {
+    public static Distribution CreateMultiTenantDistribution(CloudFrontClient cloudFrontClient,
+                                                             S3Client s3Client,
+                                                             final String bucketName,
+                                                             final String certificateArn) {
+        // fetch the origin info if necessary
+        final String region = s3Client.headBucket(b -> b.bucket(bucketName)).sdkHttpResponse().headers()
+                .get("x-amz-bucket-region").get(0);
+        final String originDomain = bucketName + ".s3." + region + ".amazonaws.com";
+        String originId = originDomain; // Use the originDomain value for the originId.
+
+        CreateDistributionResponse createDistResponse = cloudFrontClient.createDistribution(builder -> builder
+                .distributionConfig(b1 -> b1
+                        .httpVersion(HttpVersion.HTTP2)
+                        .enabled(true)
+                        .comment("Template Distribution with cert built with java")
+                        .connectionMode(ConnectionMode.TENANT_ONLY)
+                        .callerReference(Instant.now().toString())
+                        .viewerCertificate(certBuilder -> certBuilder
+                                .acmCertificateArn(certificateArn)
+                                .sslSupportMethod(SSLSupportMethod.SNI_ONLY))
+                        .origins(b2 -> b2
+                                .quantity(1)
+                                .items(b3 -> b3
+                                        .domainName(originDomain)
+                                        .id(originId)
+                                        .originPath("/{{region}}")
+                                        .s3OriginConfig(builder4 -> builder4
+                                                .originAccessIdentity(
+                                                        ""))))
+                        .tenantConfig(b5 -> b5
+                                .parameterDefinitions(b6 -> b6
+                                        .name("region")
+                                        .definition(b7 -> b7
+                                                .stringSchema(b8 -> b8
+                                                        .comment("region value")
+                                                        .defaultValue("us-west-2")
+                                                        .required(false)))))
+                        .defaultCacheBehavior(b2 -> b2
+                                .viewerProtocolPolicy(ViewerProtocolPolicy.ALLOW_ALL)
+                                .targetOriginId(originId)
+                                .cachePolicyId("658327ea-f89d-4fab-a63d-7e88639e58f6") // Cache Optimized Policy
+                                .allowedMethods(b4 -> b4
+                                        .quantity(2)
+                                        .items(Method.HEAD, Method.GET)))
+                ));
+
+        final Distribution distribution = createDistResponse.distribution();
+        try (CloudFrontWaiter cfWaiter = CloudFrontWaiter.builder().client(cloudFrontClient).build()) {
+            ResponseOrException<GetDistributionResponse> responseOrException = cfWaiter
+                    .waitUntilDistributionDeployed(builder -> builder.id(distribution.id()))
+                    .matched();
+            responseOrException.response()
+                    .orElseThrow(() -> new RuntimeException("Distribution not created"));
+        }
+        return distribution;
+    }
+}
+// snippet-end:[cloudfront.java2.createmultitenantdistribution.main]
