feat(aws-lambda-elasticachmemcached): New Construct (#675)

* Interface Design

* Initial implementation push

* lint issue

* cfn_nag on test resources

* cfn_nag suppression

* Add Python and Java min deployment

* Results of self-review

* Reponse to Code Review

source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/.eslintignore

@@ -0,0 +1,5 @@
+lib/*.js
+test/*.js
+*.d.ts
+coverage
+test/lambda/index.js

source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/.gitignore

@@ -0,0 +1,15 @@
+lib/*.js
+test/*.js
+*.js.map
+*.d.ts
+node_modules
+*.generated.ts
+dist
+.jsii
+
+.LAST_BUILD
+.nyc_output
+coverage
+.nycrc
+.LAST_PACKAGE
+*.snk

source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/.npmignore

@@ -0,0 +1,21 @@
+# Exclude typescript source and config
+*.ts
+tsconfig.json
+coverage
+.nyc_output
+*.tgz
+*.snk
+*.tsbuildinfo
+
+# Include javascript files and typescript declarations
+!*.js
+!*.d.ts
+
+# Exclude jsii outdir
+dist
+
+# Include .jsii
+!.jsii
+
+# Include .jsii
+!.jsii

source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/README.md

@@ -0,0 +1,120 @@
+# aws-lambda-elasticachememcached module
+<!--BEGIN STABILITY BANNER-->
+
+---
+
+![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge)
+
+---
+<!--END STABILITY BANNER-->
+
+| **Reference Documentation**:| <span style="font-weight: normal">https://docs.aws.amazon.com/solutions/latest/constructs/</span>|
+|:-------------|:-------------|
+<div style="height:8px"></div>
+
+| **Language**     | **Package**        |
+|:-------------|-----------------|
+|![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python|`aws_solutions_constructs.aws_lambda_elasticachememcached`|
+|![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript|`@aws-solutions-constructs/aws-lambda-elasticachememcached`|
+|![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.lambdaelasticachememcached`|
+
+This AWS Solutions Construct implements an AWS Lambda function connected to an Amazon Elasticache Memcached cluster.
+
+Here is a minimal deployable pattern definition :
+
+Typescript
+``` typescript
+import { Construct } from 'constructs';
+import { Stack, StackProps } from 'aws-cdk-lib';
+import { LambdaToElasticachememcached } from '@aws-solutions-constructs/aws-lambda-elasticachememcached';
+import * as lambda from 'aws-cdk-lib/aws-lambda';
+
+new LambdaToElasticachememcached(this, 'LambdaToElasticachememcachedPattern', {
+    lambdaFunctionProps: {
+        runtime: lambda.Runtime.NODEJS_14_X,
+        handler: 'index.handler',
+        code: lambda.Code.fromAsset(`lambda`)
+    }
+});
+```
+
+Python
+```python
+from aws_solutions_constructs.aws_lambda_elasticachememcached import LambdaToElasticachememcached
+from aws_cdk import (
+    aws_lambda as _lambda,
+    Stack
+)
+from constructs import Construct
+
+LambdaToElasticachememcached(self, 'LambdaToCachePattern',
+        lambda_function_props=_lambda.FunctionProps(
+            code=_lambda.Code.from_asset('lambda'),
+            runtime=_lambda.Runtime.PYTHON_3_9,
+            handler='index.handler'
+        )
+        )
+```
+
+Java
+``` java
+import software.constructs.Construct;
+
+import software.amazon.awscdk.Stack;
+import software.amazon.awscdk.StackProps;
+import software.amazon.awscdk.services.lambda.*;
+import software.amazon.awscdk.services.lambda.Runtime;
+import software.amazon.awsconstructs.services.lambdaelasticachememcached.*;
+
+new LambdaToElasticachememcached(this, "LambdaToCachePattern", new LambdaToElasticachememcachedProps.Builder()
+        .lambdaFunctionProps(new FunctionProps.Builder()
+                .runtime(Runtime.NODEJS_14_X)
+                .code(Code.fromAsset("lambda"))
+                .handler("index.handler")
+                .build())
+        .build());
+```
+
+## Pattern Construct Props
+
+| **Name**     | **Type**        | **Description** |
+|:-------------|:----------------|-----------------|
+|existingLambdaObj?|[`lambda.Function`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-lambda.Function.html)|Existing instance of Lambda Function object, providing both this and `lambdaFunctionProps` will cause an error.|
+|lambdaFunctionProps?|[`lambda.FunctionProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-lambda.FunctionProps.html)|Optional user provided props to override the default props for the Lambda function.|
+|existingVpc?|[`ec2.IVpc`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html)|An optional, existing VPC into which this pattern should be deployed. When deployed in a VPC, the Lambda function will use ENIs in the VPC to access network resources and an Interface Endpoint will be created in the VPC for Amazon SQS. If an existing VPC is provided, the `deployVpc` property cannot be `true`. This uses `ec2.IVpc` to allow clients to supply VPCs that exist outside the stack using the [`ec2.Vpc.fromLookup()`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.Vpc.html#static-fromwbrlookupscope-id-options) method.|
+|vpcProps?|[`ec2.VpcProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.VpcProps.html)|Optional user provided properties to override the default properties for the new VPC. `subnetConfiguration` is set by the pattern, so any values for those properties supplied here will be overrriden. |
+| cacheEndpointEnvironmentVariableName?| string | Lambda function environment variable name for the cache Endpoint. Defaults to CACHE_ENDPOINT |
+| cacheProps? | [`cache.CfnCacheClusterProps`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_elasticache.CfnCacheClusterProps.html) | Optional user provided props to override the default props for the Elasticache Cluster. Providing both this and `existingCache` will cause an error. |
+| existingCache? | [`cache.CfnCacheCluster`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_elasticache.CfnCacheCluster.html#attrconfigurationendpointport) | Existing instance of Elasticache Cluster object, providing both this and `cacheProps` will cause an error. If you provide this, you must provide the associated VPC in existingVpc. |
+
+## Pattern Properties
+
+| **Name**     | **Type**        | **Description** |
+|:-------------|:----------------|-----------------|
+|lambdaFunction|[`lambda.Function`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-lambda.Function.html)|Returns an instance of the Lambda function used by the pattern.|
+|vpc |[`ec2.IVpc`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.IVpc.html)|Returns an interface on the VPC used by the pattern. This may be a VPC created by the pattern or the VPC supplied to the pattern constructor.|
+| cache | [`cache.CfnCacheCluster`](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_elasticache.CfnCacheCluster.html#attrconfigurationendpointport) | The Elasticache Memcached cluster used by the construct. |
+
+## Default settings
+
+Out of the box implementation of the Construct without any override will set the following defaults:
+
+### AWS Lambda Function
+* Configure limited privilege access IAM role for Lambda function
+* Enable reusing connections with Keep-Alive for NodeJs Lambda function
+* Enable X-Ray Tracing
+* Attached to self referencing security group to grant access to cache
+* Set Environment Variables
+  * (default) CACHE_ENDPOINT
+  * AWS_NODEJS_CONNECTION_REUSE_ENABLED (for Node 10.x and higher functions)
+
+### Amazon Elasticache Memcached Cluster
+* Creates multi node, cross-az cluster by default
+  * 2 cache nodes, type: cache.t3.medium
+* Self referencing security group attached to cluster endpoint
+
+## Architecture
+![Architecture Diagram](architecture.png)
+
+***
+&copy; Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.

source/patterns/@aws-solutions-constructs/aws-lambda-elasticachememcached/lib/index.ts

@@ -0,0 +1,157 @@
+/**
+ *  Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+// Imports
+import * as lambda from "@aws-cdk/aws-lambda";
+import * as ec2 from "@aws-cdk/aws-ec2";
+import * as cache from "@aws-cdk/aws-elasticache";
+import * as defaults from "../../core";
+import { Construct } from "@aws-cdk/core";
+import { obtainMemcachedCluster, getCachePort, CreateSelfReferencingSecurityGroup } from "../../core";
+
+const defaultEnvironmentVariableName = "CACHE_ENDPOINT";
+
+/**
+ * @summary The properties for the LambdaToElasticachememcached class.
+ */
+export interface LambdaToElasticachememcachedProps {
+  /**
+   * Existing instance of Lambda Function object, providing both this and `lambdaFunctionProps` will cause an error.
+   *
+   * @default - None
+   */
+  readonly existingLambdaObj?: lambda.Function;
+  /**
+   * Optional user provided props to override the default props for the Lambda function.
+   *
+   * @default - Default properties are used.
+   */
+  readonly lambdaFunctionProps?: lambda.FunctionProps;
+  /**
+   * An existing VPC for the construct to use (construct will NOT create a new VPC in this case)
+   *
+   * @default - none
+   */
+  readonly existingVpc?: ec2.IVpc;
+  /**
+   * Properties to override default properties if deployVpc is true
+   *
+   * @default - DefaultIsolatedVpcProps() in vpc-defaults.ts
+   */
+  readonly vpcProps?: ec2.VpcProps;
+  /**
+   * Optional Name for the Elasticache Endpoint environment variable
+   *
+   * @default - CACHE_ENDPOINT
+   */
+  readonly cacheEndpointEnvironmentVariableName?: string;
+  /**
+   * Optional user provided props to override the default props for the Elasticache cache.
+   * Providing both this and `existingCache` will cause an error.  If you provide this,
+   * you must provide the associated VPC in existingVpc.
+   *
+   * @default - Default properties are used (core/lib/elasticacahe-defaults.ts)
+   */
+  readonly cacheProps?: cache.CfnCacheClusterProps | any;
+  /**
+   * Existing instance of Elasticache Cluster object, providing both this and `cacheProps` will cause an error.
+   *
+   * @default - none
+   */
+  readonly existingCache?: cache.CfnCacheCluster;
+}
+
+/**
+ * @summary The LambdaToElasticachememcached class.
+ */
+export class LambdaToElasticachememcached extends Construct {
+  public readonly lambdaFunction: lambda.Function;
+  public readonly vpc: ec2.IVpc;
+  public readonly cache: cache.CfnCacheCluster;
+
+  /**
+   * @summary Constructs a new instance of the LambdaToElasticachememcached class.
+   * @param {cdk.App} scope - represents the scope for all the resources.
+   * @param {string} id - this is a a scope-unique id.
+   * @param {LambdaToElasticachememcachedProps} props - user provided props for the construct.
+   * @access public
+   */
+  constructor(
+    scope: Construct,
+    id: string,
+    props: LambdaToElasticachememcachedProps
+  ) {
+    super(scope, id);
+    defaults.CheckProps(props);
+
+    if ((props.existingCache || props.existingLambdaObj) && (!props.existingVpc)) {
+      throw Error('If providing an existing Cache or Lambda Function, you must also supply the associated existingVpc');
+    }
+
+    if (
+      props.cacheProps &&
+      props.cacheProps.engine &&
+      props.cacheProps.engine !== "memcached"
+    ) {
+      throw Error("This construct can only launch memcached clusters");
+    }
+    if (props.cacheProps && props.existingCache) {
+      throw Error("Cannot specify existingCache and cacheProps");
+    }
+
+    const cachePort = getCachePort(props.cacheProps, props.existingCache);
+
+    this.vpc = defaults.buildVpc(scope, {
+      defaultVpcProps: defaults.DefaultIsolatedVpcProps(),
+      existingVpc: props.existingVpc,
+      userVpcProps: props.vpcProps,
+    });
+
+    const lambdaToCacheSecurityGroup = CreateSelfReferencingSecurityGroup(this, id, this.vpc, cachePort);
+
+    this.cache = obtainMemcachedCluster(this, id, {
+      cacheSecurityGroupId : lambdaToCacheSecurityGroup.securityGroupId,
+      cacheProps: props.cacheProps,
+      existingCache: props.existingCache,
+      vpc: this.vpc,
+      cachePort,
+    });
+
+    // Add the self-referencing security group to the Lambda function props
+    const lambdaFunctionProps: lambda.FunctionProps = defaults.consolidateProps(
+      {},
+      props.lambdaFunctionProps,
+      { securityGroups: [lambdaToCacheSecurityGroup] },
+      true
+    );
+
+    // Setup the Lambda function
+    this.lambdaFunction = defaults.buildLambdaFunction(this, {
+      existingLambdaObj: props.existingLambdaObj,
+      lambdaFunctionProps,
+      vpc: this.vpc,
+    });
+
+    AddLambdaEnvironmentVariable(
+      this.lambdaFunction,
+      `${this.cache.attrConfigurationEndpointAddress}:${this.cache.attrConfigurationEndpointPort}`,
+      defaultEnvironmentVariableName,
+      props.cacheEndpointEnvironmentVariableName
+    );
+  }
+}
+
+function AddLambdaEnvironmentVariable(targetFunction: lambda.Function, value: string, defaultName: string, clientName?: string) {
+  const variableName = clientName || defaultName;
+  targetFunction.addEnvironment(variableName, value);
+}