private void CreateDatabases() { if (CdkOptions == null || CdkOptions.Databases?.Any() != true) { return; } foreach (var databaseOption in CdkOptions.Databases) { GetDatabaseResources(databaseOption, out var databasePort, out var vpc, out var securityGroup, out var subnetGroup, out var deletionProtection, out var enchancedMonitoringInterval, out var passwordSecret, out var parameterGroup); IDatabaseInstance database; switch (databaseOption.DatabaseType?.ToLower()) { case "sqlserver": var sqlServerTranslation = TranslateSqlServerVersion(databaseOption.DatabaseEngineVersion); var secGroup = LocateSecurityGroup(databaseOption.SecurityGroupId, $"SG ith id {databaseOption.SecurityGroupId} not found in the JSON."); database = AwsCdkHandler.AddDatabase(sqlServerTranslation, databaseOption.DatabaseName, databaseOption.DatabaseName, databaseOption.UserName, databaseOption.Password, databaseOption.StorageType, databaseOption.InstanceType, databaseOption.InstanceSize, vpc, secGroup, databaseOption.SecurityGroupId, storageEncrypted: true, allocatedStorageGb: databaseOption.AllocatedStorageGb, licenseOption: databaseOption.LicenseOption, edition: databaseOption.Edition, autoMinorVersionUpgrade: databaseOption.AutoMinorVersionUpgrade, backupRetentionDays: databaseOption.BackupRetentionPeriod, deletionProtection: databaseOption.DeletionProtection); break; default: StackResources.DynamicSecrets.Add(databaseOption.Secrets[DatabaseOptionConsts.PasswordAttributeName], passwordSecret); database = AwsCdkHandler.AddDatabase(MysqlEngineVersion.VER_8_0, databaseOption.DatabaseName, databaseOption.DatabaseName, databasePort, databaseOption.UserName, passwordSecret, StorageType.GP2, InstanceClass.BURSTABLE3, InstanceSize.MEDIUM, vpc, securityGroup, subnetGroup, deletionProtection: deletionProtection, logTypes: databaseOption.LogTypes, storageEncrypted: databaseOption.StorageEncrypted, enableIamAuthentication: databaseOption.EnableIamAuthentication, enhancedMonitoringInterval: enchancedMonitoringInterval, multiAZEnabled: databaseOption.MultiAvailabilityZoneEnabled ?? true, autoMinorVersionUpgrade: databaseOption.AutoMinorVersionUpgrade ?? false, parameterGroup: parameterGroup); break; } StackResources.Databases.Add(databaseOption.Id, database); } }
private void CreateAsgCapacityProviders() { if (CdkOptions == null || CdkOptions.CapacityProviders?.Any() != true) { return; } foreach (var capacityProvider in CdkOptions.CapacityProviders) { ValidateCapacityProvider(capacityProvider); } Cluster cluster = default; foreach (var providerOptions in CdkOptions.CapacityProviders) { var autoScalingGroup = LocateAutoScalingGroup(providerOptions.AutoScalingGroupId, "ASG assigned to capacity provider does not exist"); if (cluster == null || cluster.Node.Id != providerOptions.Id) { cluster = LocateEcsCluster(providerOptions.ClusterId, "Cluster assigned to capacity provider does not exist") as Cluster; } var provider = AwsCdkHandler.CreateAsgCapacityProvider(providerOptions.Id, providerOptions.Name, providerOptions.TargetCapacityPercent, providerOptions.EnableScaleInTerminationProtection, autoScalingGroup); AwsCdkHandler.AddAsgCapacityProviderToCluster(provider, cluster); StackResources.AsgCapacityProviders.Add(providerOptions.Id, provider); } }
private void CreateOrLocateS3Buckets() { if (CdkOptions == null || CdkOptions.S3Buckets?.Any() != true) { return; } foreach (var bucket in CdkOptions.S3Buckets) { List <ILifecycleRule> expiredDocumentsLifeCycleRules = null; if (bucket.ExpireDocumentRules?.Any() == true) { expiredDocumentsLifeCycleRules = bucket.ExpireDocumentRules.ConvertAll(x => AwsCdkHandler.CreateLifecycleRule(x.RuleName, x.Expiration, x.TagName, x.TagValue, bucket.Versioned, x.PreviousVersionsExpirationDays)); } if (bucket.LocateInsteadOfCreate) { var currentBucket = AwsCdkHandler.LocateBucketByName(bucket.Id, bucket.BucketName); AwsCdkHandler.AddLifeCycleRuleToExistingBucket(ref currentBucket, expiredDocumentsLifeCycleRules); StackResources.Buckets.Add(bucket.Id, currentBucket); } else { if (bucket.ExpirationDays.HasValue) { StackResources.Buckets.Add(bucket.Id, AwsCdkHandler.AddS3Bucket(bucket.BucketName, lifecycleRules: expiredDocumentsLifeCycleRules, versioned: bucket.Versioned, expirationDays: bucket.ExpirationDays.Value, enforceSSL: bucket.EnforceSSL, blockPublicAccess: bucket.BlockPublicAccess ?? true)); } else { StackResources.Buckets.Add(bucket.Id, AwsCdkHandler.AddS3Bucket(bucket.BucketName, lifecycleRules: expiredDocumentsLifeCycleRules, versioned: bucket.Versioned, enforceSSL: bucket.EnforceSSL, blockPublicAccess: bucket.BlockPublicAccess ?? true)); } } } }
private ISecret SetDatabasePassword(DatabaseOptions databaseOption) { ISecret passwordSecret; if (string.IsNullOrWhiteSpace(databaseOption.Password)) { if (databaseOption.Secrets.ContainsKey(DatabaseOptionConsts.PasswordAttributeName)) { if (!StackResources.Lambdas.TryGetValue(databaseOption.RotationLambdaId, out var rotationLambda)) { throw new ArgumentException($"The database {databaseOption.Id} lambda id {databaseOption.RotationLambdaId} was not found"); } var rotationPeriod = databaseOption.PasswordRotationDaysPeriod.HasValue ? Duration.Days(databaseOption.PasswordRotationDaysPeriod.Value) : null; passwordSecret = AwsCdkHandler.AddSecret(databaseOption.Secrets[DatabaseOptionConsts.PasswordAttributeName], rotationPeriod: rotationPeriod, rotationLambda: rotationLambda); } else { throw new ArgumentException($"The database {databaseOption.DatabaseName} has no secret to store the password"); } } else { passwordSecret = null; } return(passwordSecret); }
static void Main(string[] args) { if (args != null && args.Any()) { AwsAccount = args.Length >= 1 ? args[0] : System.Environment.GetEnvironmentVariable("CDK_DEFAULT_ACCOUNT"); AwsRegion = args.Length == 2 ? args[1] : System.Environment.GetEnvironmentVariable("CDK_DEFAULT_REGION"); } //Create infra as code application (AWS framework) var app = new App(); //Create the infrastructure provision handler (devon4Net Framework) var provisionStack = new AwsCdkHandler(app, "Devon4NetCloudStackDemo", "Devon4NetCdkDemo20201201", "development", new StackProps { Env = CreateEnv(AwsAccount, AwsRegion) }); //Provision the infrastructure //Create S3 bucket provisionStack.AddS3Bucket("Devon4NetBucket", 1); //Locate existing VPC var vpc = provisionStack.LocateVpc("vpc-12345", "vpc-c274babb"); //Create single database instance sample //provisionStack.AddDatabase(MysqlEngineVersion.VER_8_0_21, "MyDbInstance", "MyDbInstanceName", "defaultUserName", "aws_database_secret", StorageType.GP2, InstanceClass.BURSTABLE2, InstanceSize.MICRO, vpc, "sg-0042c46d08771873e", "sg-0042c46d08771873e"); //Create cluster database instance sample provisionStack.AddDatabase(AuroraMysqlEngineVersion.VER_5_7_12, "MyDbInstance", "MyClusterId", "MyClusterInstanceId", "Devon4NetClusterDemo20201201", 3306, 1, "defaultUserName", "aws_database_secret", vpc, InstanceClass.BURSTABLE2, InstanceSize.SMALL, "sg-0042c46d08771873e", "sg-0042c46d08771873e", string.Empty, null, true, SubnetType.PUBLIC); //Execute provisioning (AWS) app.Synth(); }
private void CreateEcsClusters() { if (CdkOptions == null || CdkOptions.EcsClusters?.Any() != true) { return; } foreach (var cluster in CdkOptions.EcsClusters) { ValidateClusterOptions(cluster); } foreach (var cluster in CdkOptions.EcsClusters) { var vpc = StackResources.Vpcs.FirstOrDefault(v => v.Key == cluster.VpcId).Value; var ec2Cluster = AwsCdkHandler.CreateEC2Cluster(cluster.Id, cluster.ClusterName, vpc); StackResources.EcsClusters.Add(cluster.Id, ec2Cluster); if (cluster.AutoScalingGroupIDs != null) { foreach (var asgId in cluster.AutoScalingGroupIDs) { var asg = LocateAutoScalingGroup(asgId, "Could not found the autoScalingGroupneeded for the cluster"); AwsCdkHandler.AddAutoScalingGroupToCluster(asgId, asg as AutoScalingGroup, ec2Cluster as Cluster); } } } }
private void CreateLogGroups() { if (CdkOptions == null || CdkOptions.LogGroups?.Any() != true) { return; } foreach (var logGroupOption in CdkOptions.LogGroups) { GetLogGroupResouces(logGroupOption, out var lambdaFunctionName, out var retentionTime); var logGroup = AwsCdkHandler.CreateLogGroup($"{lambdaFunctionName}-log-group", lambdaFunctionName, retentionTime); StackResources.LogGroups.Add(logGroupOption.Id, logGroup); if (logGroupOption.SubscribedLambdaIds?.Any() == true) { foreach (var subscribedLambdaId in logGroupOption.SubscribedLambdaIds) { var lambdaFunction = LocateLambda(subscribedLambdaId, $"The lambda function id {logGroupOption.FunctionId} in the log group {logGroupOption.Id} was not found", $"The lambda function id in the log group {logGroupOption.Id} cannot be empty"); AwsCdkHandler.AddLogGroupTriggerToLambda($"{subscribedLambdaId}LogTrigger", lambdaFunction, logGroup); } } } }
private void CreateLambdas() { if (CdkOptions == null || CdkOptions.Lambdas?.Any() != true) { return; } foreach (var lambda in CdkOptions.Lambdas) { CheckLambdaParams(lambda); GetLambdaResources(lambda, out var role, out var securityGroup, out var vpc, out var subnets, out var bucket, out var environmentVariables); var runtime = new Runtime(lambda.Runtime); IFunctionProps lambdaProperties; if (bucket == null) { lambdaProperties = AwsCdkHandler.CreateLambdaProperties(lambda.SourceCode.CodeZipFilePath, lambda.FunctionHandler, role, runtime, lambda.FunctionName, vpc, securityGroup, subnets, environmentVariables: environmentVariables); } else { lambdaProperties = AwsCdkHandler.CreateLambdaProperties(bucket, lambda.SourceCode.CodeBucket.FilePath, lambda.FunctionHandler, role, runtime, lambda.FunctionName, vpc, securityGroup, subnets, environmentVariables: environmentVariables); } var lambdaFunction = AwsCdkHandler.AddLambda(lambda.FunctionName, lambdaProperties); StackResources.Lambdas.Add(lambda.Id, lambdaFunction); } }
private void CreateSecurityGroups() { if (CdkOptions == null || CdkOptions.SecurityGroups?.Any() != true) { return; } foreach (var securityGroupOption in CdkOptions.SecurityGroups) { if (securityGroupOption.LocateInsteadOfCreate) { var securityGroup = AwsCdkHandler.LocateSecurityGroupById(securityGroupOption.SecurityGroupId, securityGroupOption.SecurityGroupId); StackResources.SecurityGroups.Add(securityGroupOption.Id, securityGroup); } else { var vpcResource = StackResources.Vpcs.FirstOrDefault(v => v.Key == securityGroupOption.VpcId); var vpc = vpcResource.Value ?? AwsCdkHandler.LocateVpc(securityGroupOption.VpcId, $"The Vpc id {securityGroupOption.VpcId} of the security group {securityGroupOption.SecurityGroupName} was not found"); var securityGroup = AwsCdkHandler.AddSecurityGroup(securityGroupOption.SecurityGroupName, securityGroupOption.SecurityGroupName, vpc, securityGroupOption.AllowAllOutbound, securityGroupOption.DisableInlineRules); AddSecurityGroupRules(securityGroupOption, securityGroup, SecurityGroupRuleType.IngressRule); AddSecurityGroupRules(securityGroupOption, securityGroup, SecurityGroupRuleType.EgressRule); StackResources.SecurityGroups.Add(securityGroupOption.Id, securityGroup); } } }
private IRole CreateNewRole(RoleOptions roleOption) { IRole role; if (roleOption.AwsPolicies?.Any() == true || roleOption.CustomPolicies?.Any() == true || roleOption.InlinePolicies?.Any() == true) { var awsPolicies = roleOption.AwsPolicies?.Select(x => AwsCdkHandler.LocateAwsManagedPolicyByName(x)).ToList(); var customPolicies = roleOption.CustomPolicies?.Select(x => AwsCdkHandler.LocateManagedPolicyByName(x)).ToList(); var inlinePolicies = roleOption.InlinePolicies?.ToDictionary(policyId => policyId, policyId => LocatePolicyDocument(policyId, $"The PolicyDocument {policyId} of the role {roleOption.Name} was not found")); var policies = new List <IManagedPolicy>(); if (awsPolicies?.Any() == true) { policies.AddRange(awsPolicies); } if (customPolicies?.Any() == true) { policies.AddRange(customPolicies); } role = AwsCdkHandler.AddRole(roleOption.Name, AwsCdkHandler.CreateRoleProperties(roleOption.Name, roleOption.AssumedBy.ToArray(), policies.ToArray(), inlinePolicies)); } else if (roleOption.AwsActions?.Any() == true) { role = AwsCdkHandler.AddRole(roleOption.Name, AwsCdkHandler.CreateRoleProperties(roleOption.Name, roleOption.AssumedBy.ToArray(), roleOption.Name, roleOption.AwsActions.ToArray(), new string[] { "*" })); } else { throw new ArgumentException($"The role {roleOption.Id} must have either a list of AwsPolicies, a list of CustomPolicies or a list of AwsActions"); } return(role); }
private void CreateEcsTaskDefinitions() { if (CdkOptions == null || CdkOptions.EcsTaskDefinitions?.Any() != true) { return; } StackResources.EcsTaskDefinitions = new Dictionary <string, TaskDefinition>(); foreach (var taskDefinitionOpt in CdkOptions.EcsTaskDefinitions) { TaskDefinition taskDefinition = null; if (!string.IsNullOrWhiteSpace(taskDefinitionOpt.RoleId)) { var locatedRole = LocateRole(taskDefinitionOpt.RoleId, $"Could not find role with ID {taskDefinitionOpt.RoleId}"); taskDefinition = AwsCdkHandler.CreateEc2TaskDefinition(taskDefinitionOpt.Id, taskDefinitionOpt.Family, taskDefinitionOpt.Volumes, locatedRole); } else { taskDefinition = AwsCdkHandler.CreateEc2TaskDefinition(taskDefinitionOpt.Id, taskDefinitionOpt.Family, taskDefinitionOpt.Volumes); } StackResources.EcsTaskDefinitions.Add(taskDefinitionOpt.Id, taskDefinition); } }
public void CreateNetworkLoadBalancers() { if (CdkOptions.NetworkLoadBalancers == null || CdkOptions.NetworkLoadBalancers?.Any() != true) { return; } foreach (var networkLoadBalancerOptions in CdkOptions.NetworkLoadBalancers) { if (networkLoadBalancerOptions.Subnets?.Any() == false && networkLoadBalancerOptions.SubnetMappings?.Any() == false) { throw new ArgumentException($"Subnets or SubnetMappings are missing in NetworkLoadBalancer {networkLoadBalancerOptions.Id}, define one of them."); } if (networkLoadBalancerOptions.Subnets?.Any() == true && networkLoadBalancerOptions.SubnetMappings?.Any() == true) { throw new ArgumentException($"Subnets and SubnetMappings are incompatible in NetworkLoadBalancer {networkLoadBalancerOptions.Id}, define only one of them."); } var vpc = LocateVpc(networkLoadBalancerOptions.VpcId, $"The VPC name {networkLoadBalancerOptions.VpcId} in Network Load Balancer {networkLoadBalancerOptions.LoadBalancerName} does not exist"); INetworkLoadBalancer networkLoadBalancer = default; if (networkLoadBalancerOptions.Subnets?.Any() == true) { var subnets = networkLoadBalancerOptions.Subnets.Select(x => LocateSubnet(x, $"The Subnet name {x} in Network Load Balancer {networkLoadBalancerOptions.LoadBalancerName} does not exist")).ToArray(); networkLoadBalancer = AwsCdkHandler.CreateNetworkLoadBalancer(networkLoadBalancerOptions.Id, networkLoadBalancerOptions.CrossZoneEnabled, networkLoadBalancerOptions.DeletionProtection, networkLoadBalancerOptions.InternetFacing, networkLoadBalancerOptions.LoadBalancerName, vpc, subnets); } else { var subnetMappingProperties = networkLoadBalancerOptions.SubnetMappings.Select(x => CreateSubnetMappingProperty(x.AllocationId, x.IPv6Address, x.PrivateIPv4Address, x.SubnetId)).ToArray(); networkLoadBalancer = AwsCdkHandler.CreateNetworkLoadBalancer(networkLoadBalancerOptions.Id, networkLoadBalancerOptions.CrossZoneEnabled, networkLoadBalancerOptions.DeletionProtection, networkLoadBalancerOptions.InternetFacing, networkLoadBalancerOptions.LoadBalancerName, vpc, subnetMappingProperties: subnetMappingProperties); } networkLoadBalancerOptions.Listeners.ForEach(x => AssignListenerToNetworkLoadBalancer(networkLoadBalancer, x)); StackResources.NetworkLoadBalancers.Add(networkLoadBalancerOptions.Id, networkLoadBalancer); } }
private void AddPayPerRequestDynamoDBInstance(Options.Resources.DynamoDBOptions dynamoDBOption) { // Pay per request option does not allow to define Write/Read capacity CheckRequestInstanceParams(dynamoDBOption); StackResources.DynamoDBs.Add(dynamoDBOption.Id, AwsCdkHandler.AddDynamoDBPayPerRequest(dynamoDBOption.Id, dynamoDBOption.TableName, dynamoDBOption.PartitionKeyName, dynamoDBOption.PartitionKeyType, dynamoDBOption.BillingMode, dynamoDBOption.ContributorInsights, dynamoDBOption.PointInTimeRecovery, dynamoDBOption.RemovalPolicy, dynamoDBOption.SortKeyName, dynamoDBOption.SortKeyType, dynamoDBOption.TimeToLiveAttribute)); }
private void GetEcsDeployActionResources(PipelineActionEcsDeployOptions actionEcsDeployOptions, IDictionary <string, Artifact_> artifacts, out IBaseService service, out Artifact_ artifact, out IRole role) { service = AwsCdkHandler.LocateEcsServiceByAttrs(actionEcsDeployOptions.Name, new Ec2ServiceAttributes { Cluster = LocateEcsCluster(actionEcsDeployOptions.ClusterId, $"The cluster with {actionEcsDeployOptions.ClusterId} name does not exists", $"The EcsService with {actionEcsDeployOptions.ClusterId} must hace a cluster"), ServiceName = actionEcsDeployOptions.ServiceName }); // Locate artifact if (string.IsNullOrWhiteSpace(actionEcsDeployOptions.InputArtifact)) { throw new ArgumentException($"There is no input artifact in the pipeline action {actionEcsDeployOptions.Name}"); } else { if (!artifacts.TryGetValue(actionEcsDeployOptions.InputArtifact, out artifact)) { throw new ArgumentException($"The artifact {actionEcsDeployOptions.InputArtifact} of the pipeline action {actionEcsDeployOptions.Name} was not found"); } } // Locate role role = LocateRole(actionEcsDeployOptions.Role, $"The role {actionEcsDeployOptions.Role} of the pipeline action {actionEcsDeployOptions.Name} was not found"); }
private void CreateContainerDefinition(EcsTaskDefinitionOptions definitionOptions, TaskDefinition taskDefinition) { foreach (var containerDef in definitionOptions.Containers) { var ecr = StackResources.EcrRepositories.FirstOrDefault(ecr => ecr.Key == containerDef.RepositoryId); if (ecr.Key == null || ecr.Value == null) { throw new ArgumentException("Please add a ECR definition option properly set up on your json configuration. No task definition could not be added."); } var portMapping = new List <PortMapping>(); if (containerDef.TCPPortMapping?.Any() == true) { foreach (var ports in containerDef.TCPPortMapping) { portMapping.Add(new PortMapping { ContainerPort = ports.ContainerPort, HostPort = ports.HostPort, Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP }); } } var containerDefinitionProps = new ContainerDefinitionProps { TaskDefinition = taskDefinition, Image = ContainerImage.FromEcrRepository(ecr.Value, containerDef.ImageTag), MemoryLimitMiB = containerDef.MemoryLimitMiB, Cpu = containerDef.CpuUnits, StartTimeout = Duration.Minutes(containerDef.StartTimeOutMinutes), PortMappings = portMapping.ToArray(), Environment = containerDef.EnvironmentVariables, DnsServers = containerDef.DnsServers?.ToArray() }; var container = AwsCdkHandler.CreateContainerDefinitionByProps(containerDef.Id, containerDefinitionProps); if (definitionOptions.MountPoints?.Any() == true) { var mountPoints = new List <MountPoint>(); foreach (var mountPointOption in definitionOptions.MountPoints) { mountPoints.Add(new MountPoint { SourceVolume = mountPointOption.SourceVolume, ContainerPath = mountPointOption.ContainerPath }); } container.AddMountPoints(mountPoints.ToArray()); } } }
private void AddSecret(DatabaseOptions databaseOption, IDatabaseInstance database, KeyValuePair <string, string> databaseSecretKeyValuePair) { var databasePropertyValue = GetDatabaseProperty(databaseOption, database, databaseSecretKeyValuePair.Key); if (string.IsNullOrWhiteSpace(databasePropertyValue)) { return; } var secret = AwsCdkHandler.CreateSecret(databaseSecretKeyValuePair.Value, databasePropertyValue); StackResources.Secrets.Add(databaseSecretKeyValuePair.Value, secret); }
private void CreatePipelines() { if (CdkOptions == null || CdkOptions.Pipelines?.Any() != true) { return; } foreach (var pipelineOption in CdkOptions.Pipelines) { GetPipelineResources(pipelineOption, out var bucket, out var role); var pipeline = AwsCdkHandler.CreatePipeline(pipelineOption.Name, pipelineOption.Name, bucket, role); StackResources.Artifacts = new Dictionary <string, Artifact_>(); foreach (var stageOption in pipelineOption.Stages) { var stage = AwsCdkHandler.CreateStageInPipeline(pipeline, stageOption.Name); foreach (var actionOption in stageOption.Actions) { switch (actionOption.Type) { case PipelineActionType.s3Source: var s3Arguments = actionOption.ArgumentsS3; CreateS3Action(stage, StackResources.Artifacts, s3Arguments); break; case PipelineActionType.codebuild: var codeBuildArguments = actionOption.ArgumentsCodeBuild; CreateCodeBuildAction(stage, StackResources.Artifacts, codeBuildArguments); break; case PipelineActionType.cloudformation: var cloudFormationArguments = actionOption.ArgumentsCloudFormation; CreateCloudFormationAction(stage, StackResources.Artifacts, cloudFormationArguments); break; case PipelineActionType.ecrsource: var ecrRepositoryArguments = actionOption.ArgumentsEcrRepository; CreateEcrAction(stage, StackResources.Artifacts, ecrRepositoryArguments); break; case PipelineActionType.ecsdeploy: var ecsDeployArguments = actionOption.ArgumentsEcsDeploy; CreateEcsDeployAction(stage, StackResources.Artifacts, ecsDeployArguments); break; } } } StackResources.Pipelines.Add(pipelineOption.Id, pipeline); } }
private void ManageMethods(List <Options.Resources.Method> methods, Amazon.CDK.AWS.APIGateway.Resource apiResource) { if (methods == null || methods.Count == 0) { return; } foreach (var method in methods) { GetLambdaForMethod(method.ApiLambdaName, out var apiLambdaFunction); AwsCdkHandler.AddApiGatewayResourceMethod(apiResource, method, apiLambdaFunction); } }
private void CreateSnsTopics() { if (CdkOptions == null || CdkOptions.SnsTopics?.Any() != true) { return; } StackResources.SnsTopics = new Dictionary <string, ITopic>(); foreach (var topicConfig in CdkOptions.SnsTopics) { var topic = AwsCdkHandler.CreateSNSTopic(topicConfig.Id, topicConfig.Name, topicConfig.DisplayName, topicConfig.Fifo, topicConfig.ContentBasedDeduplication); StackResources.SnsTopics.Add(topicConfig.Id, topic); } }
private void LocateSubnetGroups() { if (CdkOptions == null || CdkOptions.Subnets?.Any() != true) { return; } foreach (var subnetGroup in from subnetConfiguration in CdkOptions.Subnets where subnetConfiguration.SubnetGroups != null && subnetConfiguration.SubnetGroups?.Any() == true from subnetGroup in subnetConfiguration.SubnetGroups select subnetGroup) { StackResources.SubnetGroups.Add(subnetGroup.Id, AwsCdkHandler.LocateSubnetGroupByName(subnetGroup.Id, subnetGroup.SubnetGroupName)); } }
private void CreateSecrets() { GenerateDatabaseSecrets(); if (CdkOptions == null || CdkOptions.Secrets?.Any() != true) { return; } foreach (var secret in CdkOptions.Secrets) { StackResources.Secrets.Add(secret.Id, AwsCdkHandler.CreateSecret(secret.Key, secret.Value)); } }
private void CreatePolicyDocuments() { if (CdkOptions == null || CdkOptions.PolicyDocuments?.Any() != true) { return; } StackResources.PolicyDocuments = new Dictionary <string, PolicyDocument>(); foreach (var inlinePolicy in CdkOptions.PolicyDocuments) { var statements = inlinePolicy.PolicyStatements.Select(x => AwsCdkHandler.CreatePolicyStatement(x.Action.ToArray(), x.Resource.ToArray(), x.Effect)).ToArray(); StackResources.PolicyDocuments.Add(inlinePolicy.Id, AwsCdkHandler.CreatePolicyDocument(statements)); } }
private void LocateSubnets() { if (CdkOptions == null || CdkOptions.Subnets?.Any() != true) { return; } foreach (var subnetItem in from subnetConfiguration in CdkOptions.Subnets where subnetConfiguration.Subnets != null && subnetConfiguration.Subnets?.Any() == true from subnetItem in subnetConfiguration.Subnets select subnetItem) { StackResources.Subnets.Add(subnetItem.Id, AwsCdkHandler.LocateSubnetById(subnetItem.Id, subnetItem.AwsSubnetId)); } }
public void CreateNetworkTargetGroup() { if (CdkOptions == null || CdkOptions.NetworkTargetGroups?.Any() != true) { return; } foreach (var targetGroup in CdkOptions.NetworkTargetGroups) { ValidateNetworkTargetGroupOptions(targetGroup); var vpc = LocateVpc(targetGroup.VpcId, "The VPC you are locating does not exist"); StackResources.NetworkTargetGroups.Add(targetGroup.Id, AwsCdkHandler.AddNetworkTargetGroup(targetGroup.Id, targetGroup.Name, targetGroup.Port, vpc, targetGroup.HealthCheckCount)); } }
private void CreateS3Events() { if (CdkOptions?.Lambdas?.Any() == true && CdkOptions?.S3Buckets?.Any() == true) { foreach (var bucketOption in CdkOptions.S3Buckets.Where(x => x.Events != null)) { var bucket = LocateBucket(bucketOption.Id, $"The bucket id {bucketOption.Id} in S3 events does not exist") as Bucket; foreach (var s3Event in bucketOption.Events) { GetS3EventResouces(s3Event, out var eventType, out var lambda); var lambdaDestination = AwsCdkHandler.CreateLambdaDestination(lambda); AwsCdkHandler.AddEventNotificationToS3Bucket(bucket, eventType, lambdaDestination); } } } }
private void CreateSnsEmailSubscriptions() { if (CdkOptions == null || CdkOptions.SnsEmailSubscriptions?.Any() != true) { return; } foreach (var subscriptionConfig in CdkOptions.SnsEmailSubscriptions) { var emailSubscription = AwsCdkHandler.CreateEmailSubscription(subscriptionConfig.Email, subscriptionConfig.Json); foreach (var topic in subscriptionConfig.TopicIds) { var topicLocated = LocateSnsTopic(topic, $"Could not find topic with id {subscriptionConfig.TopicIds}"); AwsCdkHandler.SubscribeToTopic(topicLocated, emailSubscription); } } }
public void CreateDmsReplicationInstances() { if (CdkOptions == null || CdkOptions.DatabaseMiagrationService.DmsReplicationInstances?.Any() != true) { return; } StackResources.DmsReplicationInstances = new Dictionary <string, CfnReplicationInstance>(); foreach (var replicationInstanceOption in CdkOptions.DatabaseMiagrationService.DmsReplicationInstances) { GetDmsReplicationInstancesResources(replicationInstanceOption, out var vpcSecurityGroupsIds, out var subnetGroupName, out var publiclyAccessible); var dmsReplicationInstance = AwsCdkHandler.CreateDmsReplicationInstance(replicationInstanceOption.Id, replicationInstanceOption.Name, replicationInstanceOption.ReplicationInstanceClass, subnetGroupName, vpcSecurityGroupIds: vpcSecurityGroupsIds, publiclyAccessible: publiclyAccessible); StackResources.DmsReplicationInstances.Add(replicationInstanceOption.Id, dmsReplicationInstance); } }
public void CreateDmsReplicationSubnetGroups() { if (CdkOptions == null || CdkOptions.DatabaseMiagrationService.DmsReplicationSubnetGroups?.Any() != true) { return; } StackResources.DmsReplicationSubnetGroups = new Dictionary <string, CfnReplicationSubnetGroup>(); foreach (var replicationSubnetGroupOption in CdkOptions.DatabaseMiagrationService.DmsReplicationSubnetGroups) { GetDmsReplicationSubnetGroupsResources(replicationSubnetGroupOption, out var vpcSubnetIds); var dmsReplicationSubnetGroup = AwsCdkHandler.CreateDmsReplicationSubnetGroup(replicationSubnetGroupOption.Id, replicationSubnetGroupOption.Name, replicationSubnetGroupOption.Description, vpcSubnetIds); StackResources.DmsReplicationSubnetGroups.Add(replicationSubnetGroupOption.Id, dmsReplicationSubnetGroup); } }
private void CreateCodeBuildProjects() { if (CdkOptions == null || CdkOptions.CodeBuildProjects?.Any() != true) { return; } foreach (var codeBuildOption in CdkOptions.CodeBuildProjects) { GetCodeBuildProjectResources(codeBuildOption, out var role, out var enableIndependentTrigger); var dictObject = DeserializeToDictionary(File.ReadAllText(codeBuildOption.BuildSpecPath)); var codeBuildProject = AwsCdkHandler.CreateCodeBuildProject(codeBuildOption.ProjectName, codeBuildOption.ProjectName, role, dictObject, enableIndependentTrigger: enableIndependentTrigger); StackResources.CodeBuildProjects.Add(codeBuildOption.Id, codeBuildProject); } }
private void CreateRules() { if (CdkOptions == null || CdkOptions.LambdaRules?.Any() != true) { return; } foreach (var lambdaRule in CdkOptions.LambdaRules) { GetLambdaRuleResources(lambdaRule, out var lambdaFunction, out var bucketNames); var s3Pattern = lambdaRule.S3 == null ? null : AwsCdkHandler.CreateEventBridgeS3Pattern(lambdaRule.S3.Operations, bucketNames); var ruleProps = AwsCdkHandler.CreateEventBridgeRuleProps(lambdaRule.Name, new IRuleTarget[] { new LambdaFunction(lambdaFunction) }, eventPattern: s3Pattern, triggerHour: lambdaRule.TriggerHour, triggerMinute: lambdaRule.TriggerMinute, description: lambdaRule.Description, enabled: true, eventBus: null); var rule = AwsCdkHandler.CreateEventBridgeRule(lambdaRule.Name, ruleProps); StackResources.LambdaRules.Add(lambdaRule.Id, rule); } }