class BaseTaskDefinition:
requires_compatibilities = ["FARGATE"]
network_mode = "awsvpc"
cpu = 2048
memory = 4096
execution_role_arn = ECSRole.get_output_attr('arn')
task_role_arn = ECSRole.get_output_attr('arn')
class LambdaPolicyDocument(iam.IAMPolicyDocumentData):
statement = [{
'actions': ["sts:AssumeRole"],
'principals': {
'type': "AWS",
'identifiers': [ECSRole.get_output_attr('arn')]
}
}]
class PolicyDocumentForBaseRole(iam.IAMPolicyDocumentData):
statement = [
{
'actions': ["sts:AssumeRole"],
'principals': {
'type': "Service",
'identifiers': [
"batch.amazonaws.com",
"ecs-tasks.amazonaws.com"
]
}
},
{
'actions': ["sts:AssumeRole"],
'principals': {
'type': "AWS",
'identifiers': [ECSRole.get_output_attr('arn')]
}
}
]
class AllReadRoleLambdaPolicyAttach(iam.IAMRolePolicyAttachmentResource):
role = ECSRole.get_output_attr('name')
policy_arn = AllReadRolePolicy.get_output_attr('arn')
def get_admin_container_env_vars(self):
return [{
'name': "JAR_FILE",
'value': "pacman-api-admin.jar"
}, {
'name': "CONFIG_PASSWORD",
'value': self.CONFIG_PASSWORD
}, {
'name': "CONFIG_SERVER_URL",
'value': self.CONFIG_SERVER_URL
}, {
'name': "ES_CLUSTER_NAME",
'value': self.ES_CLUSTER_NAME
}, {
'name': "ES_HEIMDALL_HOST_NAME",
'value': self.ES_HEIMDALL_HOST_NAME
}, {
'name': "ES_HEIMDALL_PORT",
'value': self.ES_HEIMDALL_PORT
}, {
'name': "ES_HOST_NAME",
'value': self.ES_HOST_NAME
}, {
'name': "ES_PORT",
'value': self.ES_PORT
}, {
'name': "LOGGING_ES_HOST_NAME",
'value': self.LOGGING_ES_HOST_NAME
}, {
'name': "LOGGING_ES_PORT",
'value': self.LOGGING_ES_PORT
}, {
'name': "PACMAN_HOST_NAME",
'value': self.PACMAN_HOST_NAME
}, {
'name': "RDS_PASSWORD",
'value': self.RDS_PASSWORD
}, {
'name': "RDS_URL",
'value': self.RDS_URL
}, {
'name': "RDS_USERNAME",
'value': self.RDS_USERNAME
}, {
'name': "ES_UPDATE_HOST",
'value': self.ES_UPDATE_HOST
}, {
'name': "ES_UPDATE_PORT",
'value': self.ES_UPDATE_PORT
}, {
'name': "ES_UPDATE_CLUSTER_NAME",
'value': self.ES_UPDATE_CLUSTER_NAME
}, {
'name': "SECURITY_USERNAME",
'value': "admin"
}, {
'name': "SECURITY_PASSWORD",
'value': "admin@123"
}, {
'name': "ACCESS_KEY",
'value': "test_key_1"
}, {
'name': "SECRET_KEY",
'value': "test_key_2"
}, {
'name': "DOMAIN_URL",
'value': ApplicationLoadBalancer.get_api_server_url('admin')
}, {
'name': "ADMIN_SERVER",
'value': "http://localhost/pacmonitor"
}, {
'name': "ROLE_ARN",
'value': ECSRole.get_output_attr('arn')
}, {
'name':
"JOB_FUNCTION_NAME",
'value':
SubmitJobLambdaFunction.get_input_attr('function_name')
}, {
'name': "JOB_FUNCTION_ARN",
'value': SubmitJobLambdaFunction.get_output_attr('arn')
}, {
'name': "JOB_LAMBDA_REGION",
'value': AwsRegion.get_output_attr('name')
}, {
'name': "JOB_BUCKET_REGION",
'value': AwsRegion.get_output_attr('name')
}, {
'name':
"RULE_FUNCTION_NAME",
'value':
RuleEngineLambdaFunction.get_input_attr('function_name')
}, {
'name': "RULE_FUNCTION_ARN",
'value': RuleEngineLambdaFunction.get_output_attr('arn')
}, {
'name': "RULE_BUCKET_REGION",
'value': AwsRegion.get_output_attr('name')
}, {
'name': "RULE_LAMBDA_REGION",
'value': AwsRegion.get_output_attr('name')
}, {
'name': "RULE_JOB_BUCKET_NAME",
'value': BucketStorage.get_output_attr('bucket')
}]
class S3ResourcePolicyAttachToBaseRoleToECSRole(
iam.IAMRolePolicyAttachmentResource):
role = ECSRole.get_output_attr('name')
policy_arn = S3ResourcePolicy.get_output_attr('arn')