if TYPE_CHECKING: from aws_orbit.models.context import Context, TeamContext _logger: logging.Logger = logging.getLogger("aws_orbit") class MyStack(Stack): def __init__( self, scope: Construct, id: str, context: "Context", team_context: "TeamContext", parameters: Dict[str, Any] ) -> None: super().__init__( scope=scope, id=id, stack_name=id, env=Environment(account=context.account_id, region=context.region), ) Tags.of(scope=cast(IConstruct, self)).add(key="Env", value=f"orbit-{context.name}") _logger.info(f"Plugin parameters: {parameters}") # just showing how to create resource. Do not forget to update the IAM policy or make sure the attached policy # for the team is allowing the creation and destruction of the resource. ssm_parameter: str = f"/orbit/{context.name}/{team_context.name}/hello-plugin" ssm.StringParameter( scope=self, id="param", string_value="testing plugin hello world", parameter_name=ssm_parameter ) if __name__ == "__main__": cdk_handler(stack_class=MyStack)
resources=[parameters.get("virtual_arn", "*")], ), iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ "logs:*", ], resources=[ f"arn:aws:logs:{context.region}:{context.account_id}:log-group:/orbit/emr/*", f"arn:aws:logs:{context.region}:{context.account_id}:log-group:/orbit/emr/*:log-stream:*", ], ), iam.PolicyStatement( effect=iam.Effect.ALLOW, actions=[ "emr-containers:Get*", "emr-containers:Describe*", "emr-containers:List*", "elasticmapreduce:CreatePersistentAppUI", "elasticmapreduce:DescribePersistentAppUI", "elasticmapreduce:GetPersistentAppUIPresignedURL", ], resources=["*"], ), ], )) if __name__ == "__main__": cdk_handler(stack_class=Team)
Tags.of(scope=cast(IConstruct, self)).add( key="Env", value=f"orbit-{context.name}") # Collecting required parameters team_space_props: Dict[str, Any] = { "account_id": context.account_id, "region": context.region, "partition": core.Aws.PARTITION, "env_name": context.name, "teamspace_name": team_context.name, "lake_role_name": f"orbit-{context.name}-{team_context.name}-{context.region}-role", "role_prefix": f"/{context.role_prefix}/" if context.role_prefix else "/", "vpc_id": context.networking.vpc_id, "subnet_ids": context.networking.data.nodes_subnets, "team_security_group_id": team_context.team_security_group_id, "team_kms_key_arn": team_context.team_kms_key_arn, } self._redshift_clusters = RedshiftClusters( self, id="redshift-clusters-for-teamspace", team_space_props=team_space_props, plugin_params=parameters, ) if __name__ == "__main__": cdk_handler(stack_class=RedshiftStack)