def __init__(self, scope, id, name=None, state_machine_arn=None) -> None:
super().__init__(scope, id)
# ==================================================
# ================= IAM ROLE =======================
# ==================================================
api_role = iam.Role(
scope=self,
id='api_role',
assumed_by=iam.ServicePrincipal(service='apigateway.amazonaws.com'),
)
api_role.add_to_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=['states:StartSyncExecution'],
resources=['*']
)
)
# ==================================================
# ================== API GATEWAY ===================
# ==================================================
api = apigw.HttpApi(
scope=self,
id='api',
api_name=name,
cors_preflight={
"allow_headers": ["Authorization"],
"allow_methods": [apigw.HttpMethod.POST],
"allow_origins": ["*"],
"max_age": core.Duration.days(10)
}
)
integration = apigw.CfnIntegration(
scope=self,
id='integration',
api_id=api.http_api_id,
credentials_arn=api_role.role_arn,
integration_type='AWS_PROXY',
integration_subtype='StepFunctions-StartSyncExecution',
request_parameters={
'Input': '$request.body',
'StateMachineArn': f'{state_machine_arn}'
},
payload_format_version='1.0'
)
apigw.CfnRoute(
scope=self,
id='route',
api_id=api.http_api_id,
route_key='POST /',
target=f'integrations/{integration.ref}'
)
def _create_sqs_send_msg_route(self):
_integ = _apigwv2.CfnIntegration(
self,
'HttpApiIntegSqsSendMessage',
api_id=self._http_api.ref,
integration_type='AWS_PROXY',
integration_subtype='SQS-SendMessage',
payload_format_version='1.0',
request_parameters={
'QueueUrl': self._queue.queue_url,
'MessageBody': '$request.body.MessageBody',
},
credentials_arn=self._integration_role.role_arn,
)
return _apigwv2.CfnRoute(
self,
'HttpApiRouteSqsSendMsg',
api_id=self._http_api.ref,
route_key='POST /send',
target='/'.join(['integrations', _integ.ref]),
)
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
brand = 'a'
stage = 'dev'
tablename = 'webchat'
connectionstable = dynamodb.Table(
self,
'connectionsTable',
billing_mode=dynamodb.BillingMode.PAY_PER_REQUEST,
removal_policy=core.RemovalPolicy.DESTROY,
table_name=tablename,
partition_key=dynamodb.Attribute(
name="connectionId", type=dynamodb.AttributeType.STRING),
)
websocketgw = apiv2.CfnApi(
self,
'websocket',
name='SimpleChatWebSocket',
protocol_type='WEBSOCKET',
route_selection_expression='$request.body.action')
# connect function
connect_function = py_lambda.PythonFunction(
self,
"connect_function",
entry='websocket/api_lambda/connect', #folder
index='connect.py', #file
handler='lambda_handler', #function
description='connect',
environment={
'brand': brand,
'stage': stage,
'CONNECTION_TABLE_NAME': tablename
},
timeout=core.Duration.seconds(60))
connectionstable.grant_read_write_data(connect_function)
connect_function_policy = iam.Policy(
self,
'connect_policy',
statements=[
iam.PolicyStatement(actions=['dynamodb:*'],
resources=[connectionstable.table_arn])
],
roles=[connect_function.role])
connect_function_permission = aws_lambda.CfnPermission(
self,
'connectFunctionPermission',
action='lambda:InvokeFunction',
function_name=connect_function.function_name,
principal='apigateway.amazonaws.com')
connect_function_permission.add_depends_on(websocketgw)
# # disconnect function
disconnect_function = py_lambda.PythonFunction(
self,
"disconnect_function",
entry='websocket/api_lambda/disconnect', #folder
index='disconnect.py', #file
handler='lambda_handler', #function
description='disconnect',
environment={
'brand': brand,
'stage': stage,
'CONNECTION_TABLE_NAME': tablename
},
timeout=core.Duration.seconds(60))
disconnect_function_policy = iam.Policy(
self,
'disconnect_policy',
statements=[
iam.PolicyStatement(actions=['dynamodb:*'],
resources=[connectionstable.table_arn])
],
roles=[disconnect_function.role])
disconnect_function_permission = aws_lambda.CfnPermission(
self,
'disconnectFunctionPermission',
action='lambda:InvokeFunction',
function_name=disconnect_function.function_name,
principal='apigateway.amazonaws.com')
connectionstable.grant_read_write_data(disconnect_function)
disconnect_function_permission.add_depends_on(websocketgw)
#send message function.
sendmessage_function = py_lambda.PythonFunction(
self,
"sendmessage_function",
entry='websocket/api_lambda/sendmessage', #folder
index='sendmessage.py', #file
handler='lambda_handler', #function
description='sendmessage',
environment={
'brand': brand,
'stage': stage,
'CONNECTION_TABLE_NAME': tablename
},
timeout=core.Duration.seconds(60))
connectionstable.grant_read_write_data(connect_function)
sendmessage_function_policy = iam.Policy(
self,
'sendmessage_policy',
statements=[
iam.PolicyStatement(actions=['dynamodb:*'],
resources=[connectionstable.table_arn]),
iam.PolicyStatement(
actions=['execute-api:ManageConnections'],
resources=[
f'arn:aws:execute-api:aws:{self.region}:{self.account}:{websocketgw.ref}/*',
f'arn:aws:execute-api:{self.region}:{self.account}:{websocketgw.ref}/prod/POST/@connections/*'
],
),
],
roles=[sendmessage_function.role])
sendmessage_function_permission = aws_lambda.CfnPermission(
self,
'sendmessageFunctionPermission',
action='lambda:InvokeFunction',
function_name=sendmessage_function.function_name,
principal='apigateway.amazonaws.com')
sendmessage_function_permission.add_depends_on(websocketgw)
#set username function
setusername_function = py_lambda.PythonFunction(
self,
"setusername_function",
entry='websocket/api_lambda/setusername', #folder
index='setusername.py', #file
handler='lambda_handler', #function
description='setusername',
environment={
'brand': brand,
'stage': stage,
'CONNECTION_TABLE_NAME': tablename
},
timeout=core.Duration.seconds(60))
connectionstable.grant_read_write_data(connect_function)
setusername_function_policy = iam.Policy(
self,
'setusername_policy',
statements=[
iam.PolicyStatement(actions=['dynamodb:*'],
resources=[connectionstable.table_arn]),
iam.PolicyStatement(
actions=['execute-api:ManageConnections'],
resources=[
f'arn:aws:execute-api:aws:{self.region}:{self.account}:{websocketgw.ref}/*',
f'arn:aws:execute-api:{self.region}:{self.account}:{websocketgw.ref}/prod/POST/@connections/*'
],
),
],
roles=[setusername_function.role])
setusername_function_permission = aws_lambda.CfnPermission(
self,
'setusernameFunctionPermission',
action='lambda:InvokeFunction',
function_name=setusername_function.function_name,
principal='apigateway.amazonaws.com')
setusername_function_permission.add_depends_on(websocketgw)
# Connect route
connect_integration = apiv2.CfnIntegration(
self,
'ConnectIntegration',
api_id=websocketgw.ref,
description='Connect Integration',
integration_type='AWS_PROXY',
integration_uri=
f'arn:aws:apigateway:{self.region}:lambda:path/2015-03-31/functions/{connect_function.function_arn}/invocations'
)
connect_route = apiv2.CfnRoute(self,
'connectRoute',
api_id=websocketgw.ref,
route_key='$connect',
authorization_type='NONE',
operation_name='ConnectRoute',
target='integrations/' +
connect_integration.ref)
# #Disconnect route
disconnect_integration = apiv2.CfnIntegration(
self,
'disConnectIntegration',
api_id=websocketgw.ref,
description='disConnect Integration',
integration_type='AWS_PROXY',
integration_uri=
f'arn:aws:apigateway:{self.region}:lambda:path/2015-03-31/functions/{disconnect_function.function_arn}/invocations'
)
disconnect_route = apiv2.CfnRoute(self,
'disconnectRoute',
api_id=websocketgw.ref,
route_key='$disconnect',
authorization_type='NONE',
operation_name='DisconnectRoute',
target='integrations/' +
disconnect_integration.ref)
#Send Route
sendmessage_integration = apiv2.CfnIntegration(
self,
'sendMessageIntegration',
api_id=websocketgw.ref,
description='sendmessage Integration',
integration_type='AWS_PROXY',
integration_uri=
f'arn:aws:apigateway:{self.region}:lambda:path/2015-03-31/functions/{sendmessage_function.function_arn}/invocations'
)
sendmessage_route = apiv2.CfnRoute(self,
'sendRoute',
api_id=websocketgw.ref,
route_key='sendmessage',
authorization_type='NONE',
operation_name='SendRoute',
target='integrations/' +
sendmessage_integration.ref)
#Set username Route
setusername_integration = apiv2.CfnIntegration(
self,
'setUsernameIntegration',
api_id=websocketgw.ref,
description='setusername Integration',
integration_type='AWS_PROXY',
integration_uri=
f'arn:aws:apigateway:{self.region}:lambda:path/2015-03-31/functions/{setusername_function.function_arn}/invocations'
)
setusername_route = apiv2.CfnRoute(self,
'setUsernameRoute',
api_id=websocketgw.ref,
route_key='setusername',
authorization_type='NONE',
operation_name='SetUsernameRoute',
target='integrations/' +
setusername_integration.ref)
deployment = apiv2.CfnDeployment(
self,
'Deployment',
api_id=websocketgw.ref,
)
deployment.add_depends_on(sendmessage_route)
deployment.add_depends_on(setusername_route)
deployment.add_depends_on(connect_route)
deployment.add_depends_on(disconnect_route)
stage = apiv2.CfnStage(
self,
'stage',
stage_name='prod',
description='prod stage',
# deployment_id= deployment.ref,
api_id=websocketgw.ref,
)
core.CfnOutput(
self,
'WebSocketURI',
value=
f'wss://{websocketgw.ref}.execute-api.{self.region}.amazonaws.com/prod',
description='URI of websocket')
print('WebSocket')
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# Step Function Starts Here
# The first thing we need to do is see if they are asking for pineapple on a pizza
pineapple_check_lambda = _lambda.Function(
self,
"pineappleCheckLambdaHandler",
runtime=_lambda.Runtime.NODEJS_12_X,
handler="orderPizza.handler",
code=_lambda.Code.from_asset("lambda_fns"),
)
# Step functions are built up of steps, we need to define our first step
order_pizza = step_fn_tasks.LambdaInvoke(
self,
'Order Pizza Job',
lambda_function=pineapple_check_lambda,
input_path='$.flavour',
result_path='$.pineappleAnalysis',
payload_response_only=True)
# Pizza Order failure step defined
pineapple_detected = step_fn.Fail(self,
'Sorry, We Dont add Pineapple',
cause='They asked for Pineapple',
error='Failed To Make Pizza')
# If they didnt ask for pineapple let's cook the pizza
cook_pizza = step_fn.Succeed(self,
'Lets make your pizza',
output_path='$.pineappleAnalysis')
# If they ask for a pizza with pineapple, fail. Otherwise cook the pizza
definition = step_fn.Chain \
.start(order_pizza) \
.next(step_fn.Choice(self, 'With Pineapple?')
.when(step_fn.Condition.boolean_equals('$.pineappleAnalysis.containsPineapple', True),
pineapple_detected)
.otherwise(cook_pizza))
state_machine = step_fn.StateMachine(
self,
'StateMachine',
definition=definition,
timeout=core.Duration.minutes(5),
tracing_enabled=True,
state_machine_type=step_fn.StateMachineType.EXPRESS)
# HTTP API Definition
# Give our gateway permissions to interact with SNS
http_api_role = iam.Role(
self,
'HttpApiRole',
assumed_by=iam.ServicePrincipal('apigateway.amazonaws.com'),
inline_policies={
"AllowSFNExec":
iam.PolicyDocument(statements=[
iam.PolicyStatement(
actions=["states:StartSyncExecution"],
effect=iam.Effect.ALLOW,
resources=[state_machine.state_machine_arn])
])
})
api = api_gw.HttpApi(self,
'the_state_machine_api',
create_default_stage=True)
# create an AWS_PROXY integration between the HTTP API and our Step Function
integ = api_gw.CfnIntegration(
self,
'Integ',
api_id=api.http_api_id,
integration_type='AWS_PROXY',
connection_type='INTERNET',
integration_subtype='StepFunctions-StartSyncExecution',
credentials_arn=http_api_role.role_arn,
request_parameters={
"Input": "$request.body",
"StateMachineArn": state_machine.state_machine_arn
},
payload_format_version="1.0",
timeout_in_millis=10000)
api_gw.CfnRoute(self,
'DefaultRoute',
api_id=api.http_api_id,
route_key=api_gw.HttpRouteKey.DEFAULT.key,
target="integrations/" + integ.ref)
core.CfnOutput(self, 'HTTP API URL', value=api.url)
def __init__(self, scope: core.Construct, construct_id: str,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
# ==================================================
# =============== CFN PARAMETERS ===================
# ==================================================
project_name = core.CfnParameter(scope=self,
id='SageMakerProjectName',
type='String')
model_execution_role_arn = core.CfnParameter(
scope=self, id='ModelExecutionRoleArn', type='String')
model_binary_location = core.CfnParameter(scope=self,
id='ModelBinaryLocation',
type='String')
stage_name = core.CfnParameter(scope=self,
id='StageName',
type='String')
name = f'{project_name.value_as_string}-{stage_name.value_as_string}'
# ==================================================
# ================== IAM ROLE ======================
# ==================================================
role = iam.Role.from_role_arn(
scope=self,
id='role',
role_arn=model_execution_role_arn.value_as_string)
# ==================================================
# ================== ECR IMAGE =====================
# ==================================================
ecr_repository = ecr.Repository.from_repository_name(
scope=self,
id='repo',
repository_name='<ADD YOUR CONTAINER REPO HERE>')
ecr_image = aws_lambda.DockerImageCode.from_ecr(
repository=ecr_repository, tag='<ADD YOUR IMAGE TAG HERE>')
# ==================================================
# ================ LAMBDA FUNCTION =================
# ==================================================
lambda_function = aws_lambda.DockerImageFunction(
scope=self,
id='lambda',
function_name=name,
code=ecr_image,
memory_size=1024,
role=role,
environment={
'MODEL_S3_URI': model_binary_location.value_as_string,
},
timeout=core.Duration.seconds(60))
# ==================================================
# ================== API GATEWAY ===================
# ==================================================
api = apigw.HttpApi(scope=self,
id='api_gateway',
api_name=name,
cors_preflight={
"allow_headers": ["Authorization"],
"allow_methods": [apigw.HttpMethod.POST],
"allow_origins": ["*"],
"max_age": core.Duration.days(10)
})
integration = apigw.CfnIntegration(
scope=self,
id='integration',
api_id=api.http_api_id,
credentials_arn=role.role_arn,
integration_type='AWS_PROXY',
integration_uri=lambda_function.function_arn,
integration_method='POST',
payload_format_version='2.0')
apigw.CfnRoute(scope=self,
id='route',
api_id=api.http_api_id,
route_key='POST /',
target=f'integrations/{integration.ref}')
def __init__(self, scope: core.Construct, construct_id: str,
apigw_role: _iam.Role, eventBus: _events.EventBus, **kwargs):
super().__init__(scope, construct_id, **kwargs)
myApi = _apigwv2.CfnApi(
self,
construct_id,
protocol_type="WEBSOCKET",
route_selection_expression="${request.body.language}",
name=construct_id)
integration = _apigwv2.CfnIntegration(self, "EventBusIntegration",
api_id=myApi.ref,
integration_type="AWS",
integration_method="POST",
integration_uri=f"arn:aws:apigateway:{os.environ['CDK_DEFAULT_REGION']}:events:path//",
credentials_arn=apigw_role.role_arn,
template_selection_expression="application/json",
request_parameters={
"integration.request.header.X-Amz-Target": "'AWSEvents.PutEvents'",
"integration.request.header.Content-Type": "'application/x-amz-json-1.1'",
},
request_templates={
"application/json":'#set($language=$input.params(\'language\'))\n{"Entries": [{"Source": "com.amazon.alexa.$language",' + \
' "Detail": "$util.escapeJavaScript($input.body)",' + \
' "Resources": ["resource1", "resource2"], ' + \
' "DetailType": "myDetailType", "EventBusName": "' + eventBus.event_bus_name + '"}]}'
}
)
germanRoute = _apigwv2.CfnRoute(
self,
"MyGermanRoute",
api_id=myApi.ref,
route_key="german",
target=f"integrations/{integration.ref}",
route_response_selection_expression='$default')
genericIntegrationResponse = _apigwv2.CfnIntegrationResponse(
self,
"genericIntegrationResponse",
api_id=myApi.ref,
integration_id=integration.ref,
integration_response_key="/200/")
genericRouteResponse = _apigwv2.CfnRouteResponse(
self,
"genericRouteResponse",
api_id=myApi.ref,
route_id=germanRoute.ref,
route_response_key="$default")
defaultRoute = _apigwv2.CfnRoute(
self,
"MyDefaultRoute",
api_id=myApi.ref,
route_key="$default",
target=f"integrations/{integration.ref}",
)
myStage = _apigwv2.CfnStage(self,
"MyStage",
api_id=myApi.ref,
stage_name="prod",
auto_deploy=True)
myStage.add_depends_on(defaultRoute)
myStage.add_depends_on(germanRoute)
myStage.add_depends_on(genericIntegrationResponse)
core.CfnOutput(
self,
"APIEndpoint",
description="APIEndpoint",
value=
f"wss://{myApi.ref}.execute-api.{os.environ['CDK_DEFAULT_REGION']}.amazonaws.com/prod"
)