def main():
parser = argparse.ArgumentParser()
parser.add_argument('-n', '--name', default=getpass.getuser())
parser.add_argument('-p', '--password', required=True)
parser.add_argument('-u', '--user-pool-id')
parser.add_argument('-e', '--email', required=False)
args = parser.parse_args()
if args.user_pool_id is None:
args.user_pool_id = get_user_pool_id(get_stack_name())
create_user(args.name, args.password, args.user_pool_id, email=args.email)
def destroy():
"""
Asynchronously delete the stack
"""
# if 'PROJECT_DIR' environment variable is not defined, this value will be used to search for local GIT repo
if 'PROJECT_DIR' not in os.environ:
project_path: str = os.path.abspath(os.path.dirname(__file__))
os.environ['PROJECT_DIR'] = project_path
client = boto3.client("cloudformation")
stack_name = get_stack_name()
print(f"Deleting stack {stack_name}")
client.delete_stack(StackName=f"{stack_name}")
def main():
parser = argparse.ArgumentParser()
parser.add_argument('-d', '--deploy-env', default='dev')
parser.add_argument("--region", default="us-east-1")
parser.add_argument('--stack-name')
parser.add_argument('--require-approval', default='broadening')
parser.add_argument('--clean', nargs='?', const=True, help="Remove existing environment before deploying")
parser.add_argument('--synth', nargs='?', const=True, help="Synthesize cloudformation.yml before deploying")
parser.add_argument('--no-build', nargs='?', const=True, default=False, help="Skip lambda build")
parser.add_argument('--skip-deps', nargs="?", const=True, default=False, help="Skip lambda dependencies")
args = parser.parse_args()
# environment update with the .env file
init_local_dotenv()
if not args.no_build:
print("Building the lambda package...")
do_build(consume_dependencies=not args.skip_deps)
if args.clean:
print("cdk destroy...")
rc = os.system(f"cdk destroy")
if rc != 0:
print(f"cdk destroy failed with return code: {rc}")
exit(1)
if args.synth:
print("cdk synth...")
Path("cdk.out").mkdir(parents=True, exist_ok=True)
rc = os.system(f"cdk synth --no-staging > .build{os.path.sep}template.yml")
if rc:
print(f"cdk synth failed with return code: {rc}")
exit(1)
print("cdk deploy...")
rc = os.system(f"cdk deploy --require-approval {args.require_approval}")
if rc:
print(f"cdk deploy failed with return code: {rc}")
exit(1)
user_pool_id = users.get_user_pool_id(get_stack_name())
password = os.environ.get('DEFAULT_USER_PASSWORD', default='Password123')
email = os.environ.get('USER_EMAIL')
users.create_user(getpass.getuser(), password, user_pool_id, email=email)
#!/usr/bin/env python3
# pylint: disable=invalid-name,ungrouped-imports
import os
from aws_cdk import core
from boto3 import client, session
from jobli_service_cdk.service_stack.jobli_construct import get_stack_name
from jobli_service_cdk.service_stack.jobli_stack import JobliStack
from jobli_service_cdk.service_stack.constants import BASE_NAME
account = client('sts').get_caller_identity()['Account']
region = session.Session().region_name
app = core.App()
jobli_stack = JobliStack(
app, get_stack_name(),
env=core.Environment(account=os.environ.get("AWS_DEFAULT_ACCOUNT", account), region=os.environ.get("AWS_DEFAULT_REGION", region)))
app.synth()
def __init__(self, scope: core.Construct, id: str) -> None:
super().__init__(scope, id)
client_id = os.getenv('GOOGLE_CLIENT_ID')
client_secret = os.getenv('GOOGLE_CLIENT_SECRET')
if client_id is None or client_secret is None:
print('Missing GOOGLE_CLIENT_ID or/and GOOGLE_CLIENT_SECRET environment varibles, please add them to .env file')
exit(1)
google_client_id = CfnParameter(scope, 'GoogleClientId', no_echo=True, default=client_id)
google_client_secret = CfnParameter(scope, 'GoogleClientSecret', no_echo=True, default=client_secret)
self.user_pool = UserPool(self, "UsersPool", sign_in_aliases=aws_cognito.SignInAliases(username=True), custom_attributes={"user_type": StringAttribute(max_len=256, mutable=True)})
cfn_user_pool: CfnUserPool = self.user_pool.node.default_child
cfn_user_pool.policies = CfnUserPool.PoliciesProperty(
password_policy=CfnUserPool.PasswordPolicyProperty(minimum_length=8, require_lowercase=False, require_numbers=False,
require_symbols=False, require_uppercase=False))
self.user_pool.add_domain("JobliUserPoolDomain", cognito_domain=CognitoDomainOptions(domain_prefix=get_stack_name().lower()))
user_pool_output = core.CfnOutput(self, id="JobliUserPoolID", value=self.user_pool.user_pool_id)
user_pool_output.override_logical_id("JobliUserPoolID")
user_pool_arn_output = core.CfnOutput(self, id="JobliUserPoolArn", value=self.user_pool.user_pool_arn)
user_pool_arn_output.override_logical_id("JobliUserPoolArn")
self.user_pool_identity_provider = UserPoolIdentityProviderGoogle(self, "JobliGoogleIdentityProvider",
client_id=google_client_id.value_as_string,
client_secret=google_client_secret.value_as_string,
scopes=['profile', 'email', 'openid', 'phone'], user_pool=self.user_pool,
attribute_mapping=AttributeMapping(email=ProviderAttribute.GOOGLE_EMAIL))
self.user_pool_client = UserPoolClient(
self,
"PoolClient",
user_pool=self.user_pool,
auth_flows=AuthFlow(admin_user_password=True, user_password=True),
o_auth=OAuthSettings(callback_urls=['jobli://', 'exp://127.0.0.1:19000/--/', 'http://localhost:19006/'],
flows=OAuthFlows(authorization_code_grant=True, implicit_code_grant=True),
scopes=[OAuthScope.PHONE, OAuthScope.EMAIL, OAuthScope.OPENID, OAuthScope.COGNITO_ADMIN, OAuthScope.PROFILE]),
supported_identity_providers=[UserPoolClientIdentityProvider.GOOGLE]
)
self.user_pool_client.node.add_dependency(self.user_pool_identity_provider)
auth_client_output = core.CfnOutput(self, id="AuthClientID", value=self.user_pool_client.user_pool_client_id)
auth_client_output.override_logical_id("AuthClientID")