Skip to content
This repository was archived by the owner on Sep 28, 2022. It is now read-only.


Repository files navigation


AWS CDK evovled rapidly in the last 3 years since this constructs have been created. All constructs here have been replaced by official Features. Please use out of the box functinality instead of this library.

Ventx AWS CDK Library

A collection of usefull AWS CDK Constructs. To learn more about the AWS CDK checkout the aws-cdk github repo



Language install package import
python pip install from ventx import aws_cdk_library as vlib
typescrupt npm install --save @ventx/aws-cdk-library import vlib = require('@ventx/aws-cdk-library')


The library contains the following components


A AWS CloudFormation custom resource that deletes all files from a s3 bucket when the stack is deleted. This allows CloudFormation to delete the Bucket even when it has contents. Attention: This may cause your data to be lost if you do not know what you are doing!

Usage - Python:

        # attach the cleanup function to a bucket you want to be emptied when the stack is deleted
        vlib.BucketCleanupFunction(self, 'jsonFileBucketCleanup', bucket=YourBucketToBeEmptied)

Usage - Typescript:

new vlib.BucketCleanupFunction(this, 'bucketCleanupFunction', {
        bucket: YourBucketToBeEmptied


The SamlProvider Construct adds support for the iam.SamlProvider resource, which is not supported by cloudformation at the moment.

Usage - Python:

        with open("SAML.xml", encoding="utf8") as fp:
            metadata =

        vlib.SamlProvider(this, 'samlProviderTest',metadataDocument=metadata)

Usage - Typescript:

    const metadata = fs.readFileSync('SAML.xml', 'utf8')

    const samlProvider = new vlib.SamlProvider(this, 'samlProviderTest', {
      metadataDocument: metadata


The BastionHost Construct creates a self healing single instance that is available over a public IP address. The ASG notification triggers an AWS Lambda function, which attaches the same elastic IP to the newest instance in the ASG.

Usage - Python:

        network = ec2.Vpc(self, 'main', maxAzs=1)

        bastionHost = vlib.BastionHost(self, 'bastionHost',
            keyName= 'raphaels-key',
            peers= [ec2.Peer.any_ipv4()]

        # now you can add the bastionHost.internalSshSecurityGroup to your backend instance to allow SSH communciations.
        # the public ip is available at bastionHost.publicIp

Usage - Typescript:

    const network = new ec2.Vpc(this, 'main', {
      maxAZs: 1

    const bastionHost = new vlib.BastionHost(this, 'bastionHost', {
      image: new ec2.AmazonLinuxImage(), // A default Amazon Linux does not make a good bastion host!
      peers: [ec2.Peer.anyIpv4()], // anyIpv4 should probably not be used in Production!
      vpc: network,
      keyName: 'raphaels-key'

    // now you can add the bastionHost.internalSshSecurityGroup to your backend instance to allow SSH communciations.
    // the public ip is available at bastionHost.publicIp


If you got any problems or questions please create a GitHub issue