created aws-fargate-ssmstringparameter construct

source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/.eslintignore

@@ -0,0 +1,4 @@
+lib/*.js
+test/*.js
+*.d.ts
+coverage

source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/.gitignore

@@ -0,0 +1,15 @@
+lib/*.js
+test/*.js
+*.js.map
+*.d.ts
+node_modules
+*.generated.ts
+dist
+.jsii
+
+.LAST_BUILD
+.nyc_output
+coverage
+.nycrc
+.LAST_PACKAGE
+*.snk

source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/.npmignore

@@ -0,0 +1,21 @@
+# Exclude typescript source and config
+*.ts
+tsconfig.json
+coverage
+.nyc_output
+*.tgz
+*.snk
+*.tsbuildinfo
+
+# Include javascript files and typescript declarations
+!*.js
+!*.d.ts
+
+# Exclude jsii outdir
+dist
+
+# Include .jsii
+!.jsii
+
+# Include .jsii
+!.jsii

source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/README.md

@@ -45,7 +45,8 @@ Python
 ``` python
 from aws_solutions_constructs.aws_fargate_ssmstringparameter import FargateToSsmstringparameter, FargateToSsmstringparameterProps
 from aws_cdk import (
-    Stack
+    Stack,
+    aws_ssm as ssm
 )
 from constructs import Construct
 
@@ -62,6 +63,7 @@ import software.constructs.Construct;
 
 import software.amazon.awscdk.Stack;
 import software.amazon.awscdk.StackProps;
+import software.amazon.awscdk.services.ssm.*;
 import software.amazon.awsconstructs.services.fargatessmstringparameter.*;
 
 new FargateToSsmstringparameter(this, "test-construct", new FargateToSsmstringparameterProps.Builder()

source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/lib/index.ts

@@ -0,0 +1,199 @@
+/**
+ *  Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+ *  with the License. A copy of the License is located at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+ *  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+ *  and limitations under the License.
+ */
+
+import * as ec2 from "@aws-cdk/aws-ec2";
+import * as ssm from "@aws-cdk/aws-ssm";
+// Note: To ensure CDKv2 compatibility, keep the import statement for Construct separate
+import { Construct } from "@aws-cdk/core";
+import * as defaults from "@aws-solutions-constructs/core";
+import * as ecs from "@aws-cdk/aws-ecs";
+
+export interface FargateToSsmstringparameterProps {
+  /**
+   * Whether the construct is deploying a private or public API. This has implications for the VPC deployed
+   * by this construct.
+   *
+   * @default - none
+   */
+  readonly publicApi: boolean;
+  /**
+   * Optional custom properties for a VPC the construct will create. This VPC will
+   * be used by the new Fargate service the construct creates (that's
+   * why targetGroupProps can't include a VPC). Providing
+   * both this and existingVpc is an error. An SSM Interface
+   * endpoint will be included in this VPC.
+   *
+   * @default - none
+   */
+  readonly vpcProps?: ec2.VpcProps;
+  /**
+   * An existing VPC in which to deploy the construct. Providing both this and
+   * vpcProps is an error. If the client provides an existing Fargate service,
+   * this value must be the VPC where the service is running. An SSM Interface
+   * endpoint will be added to this VPC.
+   *
+   * @default - none
+   */
+  readonly existingVpc?: ec2.IVpc;
+  /**
+   * Optional properties to create a new ECS cluster
+   */
+  readonly clusterProps?: ecs.ClusterProps;
+  /**
+   * The arn of an ECR Repository containing the image to use
+   * to generate the containers
+   *
+   * format:
+   *   arn:aws:ecr:[region]:[account number]:repository/[Repository Name]
+   */
+  readonly ecrRepositoryArn?: string;
+  /**
+   * The version of the image to use from the repository
+   *
+   * @default - 'latest'
+   */
+  readonly ecrImageVersion?: string;
+  /*
+   * Optional props to define the container created for the Fargate Service
+   *
+   * defaults - fargate-defaults.ts
+   */
+  readonly containerDefinitionProps?: ecs.ContainerDefinitionProps | any;
+  /*
+   * Optional props to define the Fargate Task Definition for this construct
+   *
+   * defaults - fargate-defaults.ts
+   */
+  readonly fargateTaskDefinitionProps?: ecs.FargateTaskDefinitionProps | any;
+  /**
+   * Optional values to override default Fargate Task definition properties
+   * (fargate-defaults.ts). The construct will default to launching the service
+   * is the most isolated subnets available (precedence: Isolated, Private and
+   * Public). Override those and other defaults here.
+   *
+   * defaults - fargate-defaults.ts
+   */
+  readonly fargateServiceProps?: ecs.FargateServiceProps | any;
+  /**
+   * A Fargate Service already instantiated (probably by another Solutions Construct). If
+   * this is specified, then no props defining a new service can be provided, including:
+   * existingImageObject, ecrImageVersion, containerDefintionProps, fargateTaskDefinitionProps,
+   * ecrRepositoryArn, fargateServiceProps, clusterProps, existingClusterInterface. If this value
+   * is provided, then existingContainerDefinitionObject must be provided as well.
+   *
+   * @default - none
+   */
+  readonly existingFargateServiceObject?: ecs.FargateService;
+  /*
+   * A container definition already instantiated as part of a Fargate service. This must
+   * be the container in the existingFargateServiceObject.
+   *
+   * @default - None
+   */
+  readonly existingContainerDefinitionObject?: ecs.ContainerDefinition;
+  /**
+   * Optional user provided props to override the default props for SSM String Parameter.
+   *
+   * @default - Default props are used
+   */
+  readonly stringParameterProps?: ssm.StringParameterProps;
+  /**
+   * Optional user provided props to override the default props for SSM String Parameter.
+   *
+   * @default - None
+   */
+  readonly existingStringParameterObj?: ssm.StringParameter;
+  /**
+   * Optional SSM String parameter permissions to grant to the Fargate service. One of the following may be specified: "Read", "ReadWrite".
+   *
+   * @default - 'ReadWrite'
+   */
+  readonly stringParameterPermissions?: string
+  /**
+   * Optional Name for the SSM parameter name environment variable set for the container.
+   *
+   * @default - None
+   */
+  readonly stringParameterEnvironmentVariableName?: string;
+}
+
+export class FargateToSsmstringparameter extends Construct {
+  public readonly vpc: ec2.IVpc;
+  public readonly service: ecs.FargateService;
+  public readonly container: ecs.ContainerDefinition;
+  public readonly stringParameter: ssm.StringParameter;
+
+  constructor(scope: Construct, id: string, props: FargateToSsmstringparameterProps) {
+    super(scope, id);
+    defaults.CheckProps(props);
+    defaults.CheckFargateProps(props);
+
+    // Other permissions for constructs are accepted as arrays, turning stringParameterPermissions into
+    // an array to use the same validation function.
+    if (props.stringParameterPermissions) {
+      const allowedPermissions = ['READ', 'READWRITE'];
+      defaults.CheckListValues(allowedPermissions, [props.stringParameterPermissions.toUpperCase()], 'stringParameterPermissions');
+    }
+
+    this.vpc = defaults.buildVpc(scope, {
+      existingVpc: props.existingVpc,
+      defaultVpcProps: props.publicApi ? defaults.DefaultPublicPrivateVpcProps() : defaults.DefaultIsolatedVpcProps(),
+      userVpcProps: props.vpcProps,
+      constructVpcProps: { enableDnsHostnames: true, enableDnsSupport: true }
+    });
+
+    defaults.AddAwsServiceEndpoint(scope, this.vpc, defaults.ServiceEndpointTypes.SSM);
+
+    if (props.existingFargateServiceObject) {
+      this.service = props.existingFargateServiceObject;
+      // CheckFargateProps confirms that the container is provided
+      this.container = props.existingContainerDefinitionObject!;
+    } else {
+      [this.service, this.container] = defaults.CreateFargateService(
+        scope,
+        id,
+        this.vpc,
+        props.clusterProps,
+        props.ecrRepositoryArn,
+        props.ecrImageVersion,
+        props.fargateTaskDefinitionProps,
+        props.containerDefinitionProps,
+        props.fargateServiceProps
+      );
+    }
+
+    // Setup the SSM String parameter
+    if (props.existingStringParameterObj) {
+      this.stringParameter = props.existingStringParameterObj;
+    } else {
+      if (!props.stringParameterProps) {
+        throw new Error("existingStringParameterObj or stringParameterProps needs to be provided.");
+      }
+      this.stringParameter = defaults.buildSsmStringParameter(this, 'stringParameter', props.stringParameterProps);
+    }
+
+    // Add the requested or default string parameter permissions
+    this.stringParameter.grantRead(this.service.taskDefinition.taskRole);
+    if (props.stringParameterPermissions) {
+      const _permissions = props.stringParameterPermissions.toUpperCase();
+
+      if (_permissions === 'READWRITE') {
+        this.stringParameter.grantWrite(this.service.taskDefinition.taskRole);
+      }
+    }
+
+    // Add environment variables
+    const stringParameterEnvironmentVariableName = props.stringParameterEnvironmentVariableName || 'SSM_STRING_PARAMETER_NAME';
+    this.container.addEnvironment(stringParameterEnvironmentVariableName, this.stringParameter.parameterName);
+  }
+}

source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/package.json

@@ -0,0 +1,105 @@
+{
+  "name": "@aws-solutions-constructs/aws-fargate-ssmstringparameter",
+  "version": "1.149.0",
+  "description": "CDK Constructs for AWS Fargate to AWS SSM Parameter Store Integration",
+  "main": "lib/index.js",
+  "types": "lib/index.d.ts",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/awslabs/aws-solutions-constructs.git",
+    "directory": "source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter"
+  },
+  "author": {
+    "name": "Amazon Web Services",
+    "url": "https://aws.amazon.com",
+    "organization": true
+  },
+  "license": "Apache-2.0",
+  "scripts": {
+    "build": "tsc -b .",
+    "lint": "eslint -c ../eslintrc.yml --ext=.js,.ts . && tslint --project .",
+    "lint-fix": "eslint -c ../eslintrc.yml --ext=.js,.ts --fix .",
+    "test": "jest --coverage",
+    "clean": "tsc -b --clean",
+    "watch": "tsc -b -w",
+    "integ": "cdk-integ",
+    "integ-no-clean": "cdk-integ --no-clean",
+    "integ-assert": "cdk-integ-assert",
+    "jsii": "jsii",
+    "jsii-pacmak": "jsii-pacmak",
+    "build+lint+test": "npm run jsii && npm run lint && npm test && npm run integ-assert",
+    "snapshot-update": "npm run jsii && npm test -- -u && npm run integ-assert"
+  },
+  "jsii": {
+    "outdir": "dist",
+    "targets": {
+      "java": {
+        "package": "software.amazon.awsconstructs.services.fargatessmstringparameter",
+        "maven": {
+          "groupId": "software.amazon.awsconstructs",
+          "artifactId": "fargatessmstringparameter"
+        }
+      },
+      "dotnet": {
+        "namespace": "Amazon.SolutionsConstructs.AWS.FargateSsmStringParameter",
+        "packageId": "Amazon.SolutionsConstructs.AWS.FargateSsmStringParameter",
+        "signAssembly": true,
+        "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png"
+      },
+      "python": {
+        "distName": "aws-solutions-constructs.aws-fargate-ssmstringparameter",
+        "module": "aws_solutions_constructs.aws_fargate_ssmstringparameter"
+      }
+    }
+  },
+  "dependencies": {
+    "@aws-cdk/core": "1.149.0",
+    "@aws-cdk/aws-ec2": "1.149.0",
+    "@aws-cdk/aws-ssm": "1.149.0",
+    "@aws-cdk/aws-ecs": "1.149.0",
+    "@aws-solutions-constructs/core": "1.149.0",
+    "constructs": "^3.2.0"
+  },
+  "devDependencies": {
+    "@aws-cdk/assert": "1.149.0",
+    "@aws-cdk/core": "1.149.0",
+    "@aws-cdk/aws-ec2": "1.149.0",
+    "@aws-cdk/aws-ssm": "1.149.0",
+    "@aws-cdk/aws-ecs": "1.149.0",
+    "@types/jest": "^26.0.22",
+    "@aws-solutions-constructs/core": "1.149.0",
+    "@types/node": "^10.3.0",
+    "constructs": "3.2.0"
+  },
+  "jest": {
+    "moduleFileExtensions": [
+      "js"
+    ],
+    "coverageReporters": [
+      "text",
+      [
+        "lcov",
+        {
+          "projectRoot": "../../../../"
+        }
+      ]
+    ]
+  },
+  "peerDependencies": {
+    "@aws-cdk/core": "1.149.0",
+    "@aws-cdk/aws-ec2": "1.149.0",
+    "@aws-cdk/aws-ssm": "1.149.0",
+    "@aws-cdk/aws-ecs": "1.149.0",
+    "@aws-solutions-constructs/core": "1.149.0",
+    "constructs": "^3.2.0"
+  },
+  "keywords": [
+    "aws",
+    "cdk",
+    "awscdk",
+    "AWS Solutions Constructs",
+    "Amazon Systems Manager",
+    "Amazon SSM String Parameter",
+    "AWS Fargate"
+  ]
+}