def __init__(self, app: App, id: str) -> None: super().__init__(app, id) # Lambda Function lambdaFn = _lambda.Function(self, "SNSEventHandler", runtime=_lambda.Runtime.PYTHON_3_9, code=_lambda.Code.from_asset("lambda"), handler="handler.main", timeout=Duration.seconds(10)) # Set Lambda Logs Retention and Removal Policy logs.LogGroup(self, 'logs', log_group_name=f"/aws/lambda/{lambdaFn.function_name}", removal_policy=RemovalPolicy.DESTROY, retention=logs.RetentionDays.ONE_DAY) # SNS topic topic = sns.Topic(self, 'sns-to-lambda-topic-test', display_name='My SNS topic') # subscribe Lambda to SNS topic topic.add_subscription(subs.LambdaSubscription(lambdaFn)) # Output information about the created resources CfnOutput(self, 'snsTopicArn', value=topic.topic_arn, description='The arn of the SNS topic') CfnOutput(self, 'functionName', value=lambdaFn.function_name, description='The name of the handler function')
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) #SNS Topic MySnsTopic = sns.Topic(self, "MySnsTopic") # Custom EventBridge Bus custom_bus = events.EventBus(self, "bus", event_bus_name="test-bus-cdk") # EventBridge Rule rule = events.Rule(self, "rule", event_bus=custom_bus) # Event Pattern to filter events rule.add_event_pattern(source=["my-application"], detail_type=["message"]) # SNS topic as target for Eventbridge Rue rule.add_target(targets.SnsTopic(MySnsTopic)) # CDK Outputs CfnOutput(self, "SNS topic name", description="SNS topic name", value=MySnsTopic.topic_name) CfnOutput(self, "SNS topic ARN", description="SNS topic ARN", value=MySnsTopic.topic_arn)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # Create the queue MySqsQueue = sqs.Queue(self, "MySqsQueue") # Create the Topic MySnsTopic = sns.Topic(self, "MySnsTopic") # Create an SQS topic subscription object sqsSubscription = snssubs.SqsSubscription(MySqsQueue) # Add the SQS subscription to the sns topic MySnsTopic.add_subscription(sqsSubscription) # Add policy statement to SQS Policy that is created as part of the new queue iam.PolicyStatement(actions=['SQS:SendMessage'], effect=iam.Effect.ALLOW, conditions={'ArnEquals': MySnsTopic.topic_arn}, resources=[MySqsQueue.queue_arn], principals=[ iam.ServicePrincipal('sns.amazonaws.com') ] ) CfnOutput(self, "SQS queue name", description="SQS queue name", value=MySqsQueue.queue_name) CfnOutput(self, "SQS queue ARN", description="SQS queue arn", value=MySqsQueue.queue_arn) CfnOutput(self, "SQS queue URL", description="SQS queue URL", value=MySqsQueue.queue_url) CfnOutput(self, "SNS topic name", description="SNS topic name", value=MySnsTopic.topic_name) CfnOutput(self, "SNS topic ARN", description="SNS topic ARN", value=MySnsTopic.topic_arn)
def _setup_sqlserver(self) -> None: port = 1433 database = "test" schema = "dbo" sqlserver = rds.DatabaseInstance( self, "aws-data-wrangler-sqlserver-instance", instance_identifier="sqlserver-instance-wrangler", engine=rds.DatabaseInstanceEngine.sql_server_ex(version=rds.SqlServerEngineVersion.VER_15), instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL), credentials=rds.Credentials.from_password( username=self.db_username, password=self.db_password_secret, ), port=port, vpc=self.vpc, subnet_group=self.rds_subnet_group, security_groups=[self.db_security_group], publicly_accessible=True, s3_import_role=self.rds_role, s3_export_role=self.rds_role, ) glue.Connection( self, "aws-data-wrangler-sqlserver-glue-connection", description="Connect to SQL Server.", type=glue.ConnectionType.JDBC, connection_name="aws-data-wrangler-sqlserver", properties={ "JDBC_CONNECTION_URL": f"jdbc:sqlserver://{sqlserver.instance_endpoint.hostname}:{port};databaseName={database}", # noqa: E501 "USERNAME": self.db_username, "PASSWORD": self.db_password, }, subnet=self.vpc.private_subnets[0], security_groups=[self.db_security_group], ) secrets.Secret( self, "aws-data-wrangler-sqlserver-secret", secret_name="aws-data-wrangler/sqlserver", description="SQL Server credentials", generate_secret_string=secrets.SecretStringGenerator( generate_string_key="dummy", secret_string_template=json.dumps( { "username": self.db_username, "password": self.db_password, "engine": "sqlserver", "host": sqlserver.instance_endpoint.hostname, "port": port, "dbClusterIdentifier": sqlserver.instance_identifier, "dbname": database, } ), ), ) CfnOutput(self, "SqlServerAddress", value=sqlserver.instance_endpoint.hostname) CfnOutput(self, "SqlServerPort", value=str(port)) CfnOutput(self, "SqlServerDatabase", value=database) CfnOutput(self, "SqlServerSchema", value=schema)
def _setup_oracle(self) -> None: port = 1521 database = "ORCL" schema = "TEST" oracle = rds.DatabaseInstance( self, "aws-data-wrangler-oracle-instance", instance_identifier="oracle-instance-wrangler", engine=rds.DatabaseInstanceEngine.oracle_ee(version=rds.OracleEngineVersion.VER_19_0_0_0_2021_04_R1), instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.SMALL), credentials=rds.Credentials.from_password( username=self.db_username, password=self.db_password_secret, ), port=port, vpc=self.vpc, subnet_group=self.rds_subnet_group, security_groups=[self.db_security_group], publicly_accessible=True, s3_import_role=self.rds_role, s3_export_role=self.rds_role, ) glue.Connection( self, "aws-data-wrangler-oracle-glue-connection", description="Connect to Oracle.", type=glue.ConnectionType.JDBC, connection_name="aws-data-wrangler-oracle", properties={ "JDBC_CONNECTION_URL": f"jdbc:oracle:thin://@{oracle.instance_endpoint.hostname}:{port}/{database}", # noqa: E501 "USERNAME": self.db_username, "PASSWORD": self.db_password, }, subnet=self.vpc.private_subnets[0], security_groups=[self.db_security_group], ) secrets.Secret( self, "aws-data-wrangler-oracle-secret", secret_name="aws-data-wrangler/oracle", description="Oracle credentials", generate_secret_string=secrets.SecretStringGenerator( generate_string_key="dummy", secret_string_template=json.dumps( { "username": self.db_username, "password": self.db_password, "engine": "oracle", "host": oracle.instance_endpoint.hostname, "port": port, "dbClusterIdentifier": oracle.instance_identifier, "dbname": database, } ), ), ) CfnOutput(self, "OracleAddress", value=oracle.instance_endpoint.hostname) CfnOutput(self, "OraclePort", value=str(port)) CfnOutput(self, "OracleDatabase", value=database) CfnOutput(self, "OracleSchema", value=schema)
def __init__(self, scope: Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # This resource alone will create a private/public subnet in each AZ as well as nat/internet gateway(s) vpc = ec2.Vpc(self, "VPC") # To create number of Batch Compute Environment count = 3 batch_ce = [] # For loop to create Batch Compute Environments for i in range(count): name = "MyBatchARM64Env" + str(i) batch_environment = batch.ComputeEnvironment( self, name, compute_resources=batch.ComputeResources( type=batch.ComputeResourceType.SPOT, bid_percentage=75, instance_types=[ ec2.InstanceType("a1.medium"), ec2.InstanceType("a1.large") ], image=ecs.EcsOptimizedImage.amazon_linux2( ecs.AmiHardwareType.ARM), vpc_subnets=ec2.SubnetSelection( subnet_type=ec2.SubnetType.PRIVATE_WITH_NAT), vpc=vpc)) batch_ce.append( batch.JobQueueComputeEnvironment( compute_environment=batch_environment, order=i)) # Create AWS Batch Job Queue and associate all Batch CE. self.batch_queue = batch.JobQueue(self, "JobQueueArm64", compute_environments=batch_ce) # Create Job Definition to submit job in batch job queue. batch_jobDef = batch.JobDefinition( self, "MyJobDefArm64", job_definition_name="CDKJobDefArm64", container=batch.JobDefinitionContainer( image=ecs.ContainerImage.from_registry( "public.ecr.aws/amazonlinux/amazonlinux:latest"), command=["sleep", "60"], memory_limit_mib=512, vcpus=1), ) # Output resources CfnOutput(self, "BatchJobQueue", value=self.batch_queue.job_queue_name) CfnOutput(self, "JobDefinition", value=batch_jobDef.job_definition_name)
def _cfnoutput(self): CfnOutput(self, f"s3Bucket", value=self.s3_bucket.bucket_name) CfnOutput(self, f"StepFunctionsWorkflowExecutionRole", value=self.sfn_wf_exec_role.role_arn) CfnOutput(self, f"AmazonSageMakerExecutionRole", value=self.sagemaker_exec_role.role_arn) CfnOutput(self, f"SecretsManagerArn", value=self.rds.secret.secret_arn) CfnOutput(self, f"StepFunctionsName", value=self.sfn_name)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) queue = _sqs.Queue(self, "MyQueue", visibility_timeout=Duration.seconds(300)) # Create the AWS Lambda function to subscribe to Amazon SQS queue # The source code is in './lambda' directory lambda_function = _lambda.Function( self, "MyLambdaFunction", runtime=_lambda.Runtime.PYTHON_3_9, handler="get_messages.handler", code=_lambda.Code.from_asset("lambda"), ) # Set Lambda Logs Retention and Removal Policy logs.LogGroup( self, 'logs', log_group_name=f"/aws/lambda/{lambda_function.function_name}", removal_policy=RemovalPolicy.DESTROY, retention=logs.RetentionDays.ONE_DAY) #Grant permission to AWS Lambda function to consume messages from the Amazon SQS queue queue.grant_consume_messages(lambda_function) #Configure the Amazon SQS queue to trigger the AWS Lambda function lambda_function.add_event_source(_event.SqsEventSource(queue)) CfnOutput(self, "FunctionName", value=lambda_function.function_name, export_name='FunctionName', description='Function name') CfnOutput(self, "QueueName", value=queue.queue_name, export_name='QueueName', description='SQS queue name') CfnOutput(self, "QueueArn", value=queue.queue_arn, export_name='QueueArn', description='SQS queue ARN') CfnOutput(self, "QueueUrl", value=queue.queue_url, export_name='QueueUrl', description='SQS queue URL')
def _setup_neptune(self, iam_enabled: bool = False, port: int = 8182) -> None: cluster = neptune.DatabaseCluster( self, "DataWrangler", vpc=self.vpc, instance_type=neptune.InstanceType.R5_LARGE, iam_authentication=iam_enabled, security_groups=[self.db_security_group], ) CfnOutput(self, "NeptuneClusterEndpoint", value=cluster.cluster_endpoint.hostname) CfnOutput(self, "NeptuneReaderEndpoint", value=cluster.cluster_read_endpoint.hostname) CfnOutput(self, "NeptunePort", value=str(port)) CfnOutput(self, "NeptuneIAMEnabled", value=str(iam_enabled))
def __init__(self, scope, construct_id, props, **kwargs): super().__init__(scope, construct_id, **kwargs) site_domain_name = props["domain_name"] if props["sub_domain_name"]: site_domain_name = ( f'{props["sub_domain_name"]}.{props["domain_name"]}') # If S3 website endpoint enabled, it creates the static site using a # public S3 as the origin. Otherwise, it creates a private S3 as the # origin. if props["enable_s3_website_endpoint"]: site = StaticSitePublicS3( self, f"{props['namespace']}-construct", site_domain_name=site_domain_name, domain_certificate_arn=props["domain_certificate_arn"], origin_referer_header_parameter_name=props[ "origin_custom_header_parameter_name"], hosted_zone_id=props["hosted_zone_id"], hosted_zone_name=props["hosted_zone_name"], ) else: site = StaticSitePrivateS3( self, f"{props['namespace']}-construct", site_domain_name=site_domain_name, domain_certificate_arn=props["domain_certificate_arn"], hosted_zone_id=props["hosted_zone_id"], hosted_zone_name=props["hosted_zone_name"], ) # Add stack outputs CfnOutput( self, "SiteBucketName", value=site.bucket.bucket_name, ) CfnOutput( self, "DistributionId", value=site.distribution.distribution_id, ) CfnOutput( self, "CertificateArn", value=site.certificate.certificate_arn, )
def __init__(self, app: App, id: str) -> None: super().__init__(app, id) # SQS Queue queue = sqs.Queue( self, "queue", ) # Custom EventBridge Bus custom_bus = events.EventBus( self, "bus", event_bus_name="test-bus-cdk" ) # EventBridge Rule rule = events.Rule( self, "rule", event_bus=custom_bus ) rule.add_event_pattern( source=["my-cdk-application"], detail_type=["message-for-queue"] ) rule.add_target(targets.SqsQueue(queue)) # Stack Outputs CfnOutput( self, "QueueURL", description="URL of SQS Queue", value=queue.queue_url )
def __init__(self, scope: Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here self.vpc = ec2.Vpc(self, "VPC", max_azs=2, cidr="10.10.0.0/16", # configuration will create 3 groups in 2 AZs = 6 subnets. subnet_configuration=[ec2.SubnetConfiguration( subnet_type=ec2.SubnetType.PUBLIC, name="Public", cidr_mask=24 ), ec2.SubnetConfiguration( subnet_type=ec2.SubnetType.PRIVATE_WITH_NAT, name="Private", cidr_mask=24 ), ec2.SubnetConfiguration( subnet_type=ec2.SubnetType.PRIVATE_ISOLATED, name="DB", cidr_mask=24 ) ], # nat_gateway_provider=ec2.NatProvider.gateway(), nat_gateways=2, ) CfnOutput(self, "Output", value=self.vpc.vpc_id)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) _vpc = ec2.Vpc(self, 'theVpc', max_azs=2) _fs = efs.FileSystem(self, 'theFileSystem', vpc=_vpc, removal_policy=RemovalPolicy.DESTROY) _access_point = _fs.add_access_point( 'theAccessPoint', create_acl=efs.Acl(owner_gid='1001', owner_uid='1001', permissions='750'), path="/export/lambda", posix_user=efs.PosixUser(gid="1001", uid="1001")) _efs_lambda = _lambda.Function( self, 'lambdaEfsHandler', runtime=_lambda.Runtime.PYTHON_3_8, code=_lambda.Code.from_asset('lambda_function'), handler='lambda_function.lambda_handler', vpc=_vpc, filesystem=_lambda.FileSystem.from_efs_access_point( _access_point, '/mnt/text')) _api = api_gateway.HttpApi( self, 'EFS LAMBDA APIGATEWAY', default_integration=integrations.HttpLambdaIntegration( id="LambdaFunction", handler=_efs_lambda)) CfnOutput(self, 'API Url', value=_api.url)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) lambda_edge = _lambda.Function( self, 'LambdaEdge', runtime=_lambda.Runtime.PYTHON_3_7, handler='index.handler', code=_lambda.Code.from_asset('lambda'), ) #create an S3 bucket used as origin for Cloudfront, not used but origin is a required field hosting_bucket = s3.Bucket(self, "MyHostingBucket") my_distribution = cloudfront.Distribution( self, "MyDistribution", default_behavior=cloudfront.BehaviorOptions( origin=origins.S3Origin(hosting_bucket), edge_lambdas=[ cloudfront.EdgeLambda( function_version=lambda_edge.current_version, event_type=cloudfront.LambdaEdgeEventType. ORIGIN_REQUEST) ]), comment='Dynamic content generation using Lambda@Edge') CfnOutput(self, "DomainName", value=my_distribution.domain_name, export_name='DomainName', description='CloudFront Domain Name')
def __init__(self, scope: Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # Create VPC and Fargate Cluster # NOTE: Limit AZs to avoid reaching resource quotas vpc = ec2.Vpc(self, "MyVpc", max_azs=2) cluster = ecs.Cluster(self, 'Ec2Cluster', vpc=vpc) fargate_service = ecs_patterns.NetworkLoadBalancedFargateService( self, "FargateService", cluster=cluster, task_image_options={ 'image': ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample") }) fargate_service.service.connections.security_groups[ 0].add_ingress_rule(peer=ec2.Peer.ipv4(vpc.vpc_cidr_block), connection=ec2.Port.tcp(80), description="Allow http inbound from VPC") CfnOutput(self, "LoadBalancerDNS", value=fargate_service.load_balancer.load_balancer_dns_name)
def __init__(self, app: App, id: str) -> None: super().__init__(app, id) # CloudWatch Logs Group log_group = logs.LogGroup( self, "logs", retention=logs.RetentionDays.ONE_DAY, removal_policy = RemovalPolicy.DESTROY ) # Custom EventBridge Bus custom_bus = events.EventBus( self, "bus", event_bus_name="test-bus-cdk" ) # EventBridge Rule rule = events.Rule( self, "rule", event_bus=custom_bus ) rule.add_event_pattern( source=["my-cdk-application"], detail_type=["message"] ) rule.add_target(targets.CloudWatchLogGroup(log_group)) CfnOutput( self, "LogGroupName", description="Name of CloudWatch Log Group", value=log_group.log_group_name )
def __init__(self, scope: Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # Create a cluster vpc = ec2.Vpc(self, "Vpc", max_azs=2) cluster = ecs.Cluster(self, 'fargate-service-autoscaling', vpc=vpc) # Create Fargate Service fargate_service = ecs_patterns.NetworkLoadBalancedFargateService( self, "sample-app", cluster=cluster, task_image_options={ 'image': ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample") }) fargate_service.service.connections.security_groups[ 0].add_ingress_rule(peer=ec2.Peer.ipv4(vpc.vpc_cidr_block), connection=ec2.Port.tcp(80), description="Allow http inbound from VPC") # Setup AutoScaling policy scaling = fargate_service.service.auto_scale_task_count(max_capacity=2) scaling.scale_on_cpu_utilization( "CpuScaling", target_utilization_percent=50, scale_in_cooldown=Duration.seconds(60), scale_out_cooldown=Duration.seconds(60), ) CfnOutput(self, "LoadBalancerDNS", value=fargate_service.load_balancer.load_balancer_dns_name)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) # Create the Lambda function to receive the request # The source code is in './src' directory lambda_fn = lambda_.Function( self, "MyFunction", runtime=lambda_.Runtime.PYTHON_3_9, handler="index.handler", code=lambda_.Code.from_asset(os.path.join(DIRNAME, "src")), environment={ "env_var1": "value 1", "env_var2": "value 2", } ) # Create the HTTP API with CORS http_api = _apigw.HttpApi( self, "MyHttpApi", cors_preflight=_apigw.CorsPreflightOptions( allow_methods=[_apigw.CorsHttpMethod.GET], allow_origins=["*"], max_age=Duration.days(10), ) ) # Add a route to GET / http_api.add_routes( path="/", methods=[_apigw.HttpMethod.GET], integration=_integrations.HttpLambdaIntegration("LambdaProxyIntegration", handler=lambda_fn), ) # Outputs CfnOutput(self, "API Endpoint", description="API Endpoint", value=http_api.api_endpoint)
def __init__(self, scope: Construct, id: str, props, **kwargs) -> None: super().__init__(scope, id, **kwargs) # Subnet configurations for a public and private tier subnet1 = SubnetConfiguration( name="Public", subnet_type=SubnetType.PUBLIC, cidr_mask=24) subnet2 = SubnetConfiguration( name="Private", subnet_type=SubnetType.PRIVATE_WITH_NAT, cidr_mask=24) vpc = Vpc(self, "TheVPC", cidr="10.0.0.0/16", enable_dns_hostnames=True, enable_dns_support=True, max_azs=2, nat_gateway_provider=NatProvider.gateway(), nat_gateways=1, subnet_configuration=[subnet1, subnet2] ) # This will export the VPC's ID in CloudFormation under the key # 'vpcid' CfnOutput(self, "vpcid", value=vpc.vpc_id) # Prepares output attributes to be passed into other stacks # In this case, it is our VPC and subnets. self.output_props = props.copy() self.output_props['vpc'] = vpc self.output_props['subnets'] = vpc.public_subnets
def __init__(self, scope: Construct, id: str, **kwargs) -> None: super().__init__(scope, id, *kwargs) vpc = ec2.Vpc(self, "MyVpc", max_azs=2) cluster = ecs.Cluster(self, 'Ec2Cluster', vpc=vpc) asg = autoscaling.AutoScalingGroup( self, "DefaultAutoScalingGroup", instance_type=ec2.InstanceType("t2.micro"), machine_image=ecs.EcsOptimizedImage.amazon_linux2(), vpc=vpc, ) capacity_provider = ecs.AsgCapacityProvider(self, "AsgCapacityProvider", auto_scaling_group=asg) cluster.add_asg_capacity_provider(capacity_provider) ecs_service = ecs_patterns.NetworkLoadBalancedEc2Service( self, "Ec2Service", cluster=cluster, memory_limit_mib=512, task_image_options={ 'image': ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample") }) CfnOutput(self, "LoadBalancerDNS", value=ecs_service.load_balancer.load_balancer_dns_name)
def _setup_elasticsearch_7_10_fgac(self) -> None: domain_name = "wrangler-es-7-10-fgac" validate_domain_name(domain_name) domain_arn = f"arn:aws:es:{self.region}:{self.account}:domain/{domain_name}" domain = opensearch.Domain( self, domain_name, domain_name=domain_name, version=opensearch.EngineVersion.ELASTICSEARCH_7_10, capacity=opensearch.CapacityConfig( data_node_instance_type="t3.small.search", data_nodes=1), access_policies=[ iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=["es:*"], principals=[iam.AnyPrincipal()], # FGACs resources=[f"{domain_arn}/*"], ) ], fine_grained_access_control=opensearch.AdvancedSecurityOptions( master_user_name=self.username, master_user_password=self.password_secret, ), node_to_node_encryption=True, encryption_at_rest=opensearch.EncryptionAtRestOptions( enabled=True, kms_key=self.key), enforce_https=True, removal_policy=RemovalPolicy.DESTROY, ) CfnOutput(self, f"DomainEndpoint-{domain_name}", value=domain.domain_endpoint)
def _setup_opensearch_1_0(self) -> None: domain_name = "wrangler-os-1-0" validate_domain_name(domain_name) domain_arn = f"arn:aws:es:{self.region}:{self.account}:domain/{domain_name}" domain = opensearch.Domain( self, domain_name, domain_name=domain_name, version=opensearch.EngineVersion.OPENSEARCH_1_0, capacity=opensearch.CapacityConfig( data_node_instance_type="t3.small.search", data_nodes=1), access_policies=[ iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=["es:*"], principals=[iam.AccountRootPrincipal()], resources=[f"{domain_arn}/*"], ) ], removal_policy=RemovalPolicy.DESTROY, ) CfnOutput(self, f"DomainEndpoint-{domain_name}", value=domain.domain_endpoint)
def __init__(self, scope: Construct, id: str, connection_name: str, *, host_arn: str = None, ssm_parameter_space: str = '/github/connections', **connection_args) -> None: super().__init__(scope, id) if host_arn: connection_args['host_arn'] = host_arn self.connection = aws_codestarconnections.CfnConnection( self, 'github-connection', connection_name=connection_name, provider_type='GitHub', **connection_args) CfnOutput( self, "output", value=self.connection.attr_connection_arn, description= "Validate with Github app connection at: https://console.aws.amazon.com/codesuite/settings/connections" ) if ssm_parameter_space: aws_ssm.StringParameter( self, "ssm", string_value=self.connection.attr_connection_arn, parameter_name=f"{ssm_parameter_space}/{connection_name}")
def Function(self, id: str, *, **attr) -> aws_lambda.Function: if 'layers' in attr: for layer in attr['layers']: if layer in self._layers: layer = self._layers[layer] fx = aws_lambda.Function(self, id, **attr) CfnOutput(self, f"{id}-cfn", value=fx.function_arn) return fx
def __init__(self, app: App, id: str) -> None: super().__init__(app, id) # SQS queue queue = sqs.Queue(self, 's3-to-sqs-test') bucket = s3.Bucket(self, "MyBucket") bucket.add_event_notification(s3.EventType.OBJECT_CREATED, s3n.SqsDestination(queue)) # Output information about the created resources CfnOutput(self, 'sqsQueueUrl', value=queue.queue_url, description='The URL of the SQS queue') CfnOutput(self, 'bucketName', value=bucket.bucket_name, description='The name of the bucket created')
def __init__(self, scope: Construct, id: str, name: str, saml_metadata_url: str = None, saml_metadata_document: str = None, ssm_parameter_name: str = None) -> None: """Create an IAM SAML Identity Provider Args: scope (Construct): [description] id (str): [description] name (str): IAM idp Name idp_url (str, optional): [description]. Defaults to None. saml_metadata_document (str, optional): [description]. Defaults to None. """ # Load SSO SAML metadata if saml_metadata_url: resp = requests.get(url=saml_metadata_url) saml_metadata_document = resp.text if not saml_metadata_document: raise AttributeError( "Need saml_metadata_url or saml_metadata_document") super().__init__( scope, id, name=name, metadata_document=aws_iam.SamlMetadataDocument.from_xml( saml_metadata_document)) self.ssm_parameter_name = ssm_parameter_name CfnOutput(self.stack, f"{self.node.id}-arn", value=self.saml_provider_arn) if self.ssm_parameter_name: aws_ssm.StringParameter(self.stack, f"{self.node.id}-ssm", string_value=self.saml_provider_arn, parameter_name=self.ssm_parameter_name) CfnOutput(self.stack, f"{self.node.id}-ssm-name", value=self.ssm_parameter_name)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) innerSfnPassState = sfn.Pass(self, 'PassState'); innerSfn = sfn.StateMachine(self, 'InnerStepFunction', definition = innerSfnPassState, timeout=Duration.minutes(60) ) task1 = tasks.StepFunctionsStartExecution(self, "StepFunction1", state_machine=innerSfn, integration_pattern=sfn.IntegrationPattern.RUN_JOB, input=sfn.TaskInput.from_object({ "input.$": "$.Output.input" }), output_path="$", result_selector = { "Output.$": "$.Output" } ) task2 = tasks.StepFunctionsStartExecution(self, "StepFunction2", state_machine=innerSfn, integration_pattern=sfn.IntegrationPattern.RUN_JOB, input=sfn.TaskInput.from_object({ "input.$": "$.Output.input" }), output_path="$", result_selector = { "Output.$": "$.Output" } ) task3 = tasks.StepFunctionsStartExecution(self, "StepFunction3", state_machine=innerSfn, integration_pattern=sfn.IntegrationPattern.RUN_JOB, input=sfn.TaskInput.from_object({ "input.$": "$.Output.input" }), output_path="$", result_selector = { "Output.$": "$.Output" } ) outer_sfn = sfn.StateMachine(self, "OuterStepFunction", definition=task1.next(task2).next(task3), timeout=Duration.minutes(60) ) CfnOutput(self, "StepFunctionArn", value = outer_sfn.state_machine_arn, export_name = 'OuterStepFunctionArn', description = 'Outer Step Function arn')
def __init__(self, scope: Construct, stack_name: str, component_id: str, **kwargs): super().__init__(scope=scope, id=component_id, **kwargs) self.stack_name = stack_name self.component_id = component_id # Greengrassコンポーネントの名前。Recipeと合わせておく必要があります self.greengrass_component_name = "com.example.ggmlcomponent" self.create_deploy_pipeline() CfnOutput( self, id="ComponentCodeRepositoryURI", export_name="ComponentCodeRepositoryURI", value=self._component_source_repository.repository_clone_url_grc) CfnOutput(self, id="ComponentBaseImageRepositoryURI", export_name="ComponentBaseImageRepositoryURI", value=self._component_base_ecr.repository_uri)
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: super().__init__(scope, construct_id, **kwargs) phoneNumber = CfnParameter(self, "phoneNumber", type="String", description="Recipient phone number") tenDLC = CfnParameter(self, "tenDLC", type="String", description="10DLC origination number") # We create a log group so it will be gracefully cleaned up on a destroy event. By default # logs never expire and won't be removed. lambdaLogGroup = logs.LogGroup( self, 'SMSPublisherFunctionLogGroup', log_group_name='/aws/lambda/SMSPublisherFunction', removal_policy=RemovalPolicy.DESTROY, retention=logs.RetentionDays.FIVE_DAYS, ) SMSPublisherFunction = aws_lambda.Function( self, 'SMSPublisherFunction', code=aws_lambda.Code.from_asset('src'), function_name='SMSPublisherFunction', handler='app.handler', runtime=aws_lambda.Runtime.NODEJS_12_X, timeout=Duration.seconds(3), memory_size=128, environment={ 'phoneNumber': phoneNumber.value_as_string, 'tenDLC': tenDLC.value_as_string }, initial_policy=[ iam.PolicyStatement(actions=['sns:Publish'], effect=iam.Effect.DENY, resources=['arn:aws:sns:*:*:*']), iam.PolicyStatement(actions=['sns:Publish'], effect=iam.Effect.ALLOW, resources=['*']) ], ) # Make sure the log group is created prior to the function so CDK doesn't create a new one SMSPublisherFunction.node.add_dependency(lambdaLogGroup) CfnOutput(self, 'SMSPublisherFunctionName', description='SMSPublisherFunction function name', value=SMSPublisherFunction.function_name)
def __init__(self, app: App, id: str, props, **kwargs) -> None: super().__init__(app, id, **kwargs) # define the s3 artifact source_output = aws_codepipeline.Artifact(artifact_name='source') # define the pipeline pipeline = aws_codepipeline.Pipeline( self, "Pipeline", pipeline_name=f"{props['namespace']}", artifact_bucket=props['bucket'], stages=[ aws_codepipeline.StageProps( stage_name='Source', actions=[ aws_codepipeline_actions.S3SourceAction( bucket=props['bucket'], bucket_key='source.zip', action_name='S3Source', run_order=1, output=source_output, trigger=aws_codepipeline_actions.S3Trigger.POLL), ]), aws_codepipeline.StageProps( stage_name='Build', actions=[ aws_codepipeline_actions.CodeBuildAction( action_name='DockerBuildImages', input=source_output, project=props['cb_docker_build'], run_order=1, ) ]) ]) # give pipelinerole read write to the bucket props['bucket'].grant_read_write(pipeline.role) #pipeline param to get the pipeline_param = aws_ssm.StringParameter( self, "PipelineParam", parameter_name=f"{props['namespace']}-pipeline", string_value=pipeline.pipeline_name, description='cdk pipeline bucket') # cfn output CfnOutput(self, "PipelineOut", description="Pipeline", value=pipeline.pipeline_name)