-
Notifications
You must be signed in to change notification settings - Fork 246
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
created aws-fargate-ssmstringparameter construct
- Loading branch information
1 parent
cab2518
commit 1c4f018
Showing
11 changed files
with
3,606 additions
and
1 deletion.
There are no files selected for viewing
4 changes: 4 additions & 0 deletions
4
source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/.eslintignore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
lib/*.js | ||
test/*.js | ||
*.d.ts | ||
coverage |
15 changes: 15 additions & 0 deletions
15
source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/.gitignore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
lib/*.js | ||
test/*.js | ||
*.js.map | ||
*.d.ts | ||
node_modules | ||
*.generated.ts | ||
dist | ||
.jsii | ||
|
||
.LAST_BUILD | ||
.nyc_output | ||
coverage | ||
.nycrc | ||
.LAST_PACKAGE | ||
*.snk |
21 changes: 21 additions & 0 deletions
21
source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/.npmignore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Exclude typescript source and config | ||
*.ts | ||
tsconfig.json | ||
coverage | ||
.nyc_output | ||
*.tgz | ||
*.snk | ||
*.tsbuildinfo | ||
|
||
# Include javascript files and typescript declarations | ||
!*.js | ||
!*.d.ts | ||
|
||
# Exclude jsii outdir | ||
dist | ||
|
||
# Include .jsii | ||
!.jsii | ||
|
||
# Include .jsii | ||
!.jsii |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
199 changes: 199 additions & 0 deletions
199
source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/lib/index.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,199 @@ | ||
/** | ||
* Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance | ||
* with the License. A copy of the License is located at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES | ||
* OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions | ||
* and limitations under the License. | ||
*/ | ||
|
||
import * as ec2 from "@aws-cdk/aws-ec2"; | ||
import * as ssm from "@aws-cdk/aws-ssm"; | ||
// Note: To ensure CDKv2 compatibility, keep the import statement for Construct separate | ||
import { Construct } from "@aws-cdk/core"; | ||
import * as defaults from "@aws-solutions-constructs/core"; | ||
import * as ecs from "@aws-cdk/aws-ecs"; | ||
|
||
export interface FargateToSsmstringparameterProps { | ||
/** | ||
* Whether the construct is deploying a private or public API. This has implications for the VPC deployed | ||
* by this construct. | ||
* | ||
* @default - none | ||
*/ | ||
readonly publicApi: boolean; | ||
/** | ||
* Optional custom properties for a VPC the construct will create. This VPC will | ||
* be used by the new Fargate service the construct creates (that's | ||
* why targetGroupProps can't include a VPC). Providing | ||
* both this and existingVpc is an error. An SSM Interface | ||
* endpoint will be included in this VPC. | ||
* | ||
* @default - none | ||
*/ | ||
readonly vpcProps?: ec2.VpcProps; | ||
/** | ||
* An existing VPC in which to deploy the construct. Providing both this and | ||
* vpcProps is an error. If the client provides an existing Fargate service, | ||
* this value must be the VPC where the service is running. An SSM Interface | ||
* endpoint will be added to this VPC. | ||
* | ||
* @default - none | ||
*/ | ||
readonly existingVpc?: ec2.IVpc; | ||
/** | ||
* Optional properties to create a new ECS cluster | ||
*/ | ||
readonly clusterProps?: ecs.ClusterProps; | ||
/** | ||
* The arn of an ECR Repository containing the image to use | ||
* to generate the containers | ||
* | ||
* format: | ||
* arn:aws:ecr:[region]:[account number]:repository/[Repository Name] | ||
*/ | ||
readonly ecrRepositoryArn?: string; | ||
/** | ||
* The version of the image to use from the repository | ||
* | ||
* @default - 'latest' | ||
*/ | ||
readonly ecrImageVersion?: string; | ||
/* | ||
* Optional props to define the container created for the Fargate Service | ||
* | ||
* defaults - fargate-defaults.ts | ||
*/ | ||
readonly containerDefinitionProps?: ecs.ContainerDefinitionProps | any; | ||
/* | ||
* Optional props to define the Fargate Task Definition for this construct | ||
* | ||
* defaults - fargate-defaults.ts | ||
*/ | ||
readonly fargateTaskDefinitionProps?: ecs.FargateTaskDefinitionProps | any; | ||
/** | ||
* Optional values to override default Fargate Task definition properties | ||
* (fargate-defaults.ts). The construct will default to launching the service | ||
* is the most isolated subnets available (precedence: Isolated, Private and | ||
* Public). Override those and other defaults here. | ||
* | ||
* defaults - fargate-defaults.ts | ||
*/ | ||
readonly fargateServiceProps?: ecs.FargateServiceProps | any; | ||
/** | ||
* A Fargate Service already instantiated (probably by another Solutions Construct). If | ||
* this is specified, then no props defining a new service can be provided, including: | ||
* existingImageObject, ecrImageVersion, containerDefintionProps, fargateTaskDefinitionProps, | ||
* ecrRepositoryArn, fargateServiceProps, clusterProps, existingClusterInterface. If this value | ||
* is provided, then existingContainerDefinitionObject must be provided as well. | ||
* | ||
* @default - none | ||
*/ | ||
readonly existingFargateServiceObject?: ecs.FargateService; | ||
/* | ||
* A container definition already instantiated as part of a Fargate service. This must | ||
* be the container in the existingFargateServiceObject. | ||
* | ||
* @default - None | ||
*/ | ||
readonly existingContainerDefinitionObject?: ecs.ContainerDefinition; | ||
/** | ||
* Optional user provided props to override the default props for SSM String Parameter. | ||
* | ||
* @default - Default props are used | ||
*/ | ||
readonly stringParameterProps?: ssm.StringParameterProps; | ||
/** | ||
* Optional user provided props to override the default props for SSM String Parameter. | ||
* | ||
* @default - None | ||
*/ | ||
readonly existingStringParameterObj?: ssm.StringParameter; | ||
/** | ||
* Optional SSM String parameter permissions to grant to the Fargate service. One of the following may be specified: "Read", "ReadWrite". | ||
* | ||
* @default - 'ReadWrite' | ||
*/ | ||
readonly stringParameterPermissions?: string | ||
/** | ||
* Optional Name for the SSM parameter name environment variable set for the container. | ||
* | ||
* @default - None | ||
*/ | ||
readonly stringParameterEnvironmentVariableName?: string; | ||
} | ||
|
||
export class FargateToSsmstringparameter extends Construct { | ||
public readonly vpc: ec2.IVpc; | ||
public readonly service: ecs.FargateService; | ||
public readonly container: ecs.ContainerDefinition; | ||
public readonly stringParameter: ssm.StringParameter; | ||
|
||
constructor(scope: Construct, id: string, props: FargateToSsmstringparameterProps) { | ||
super(scope, id); | ||
defaults.CheckProps(props); | ||
defaults.CheckFargateProps(props); | ||
|
||
// Other permissions for constructs are accepted as arrays, turning stringParameterPermissions into | ||
// an array to use the same validation function. | ||
if (props.stringParameterPermissions) { | ||
const allowedPermissions = ['READ', 'READWRITE']; | ||
defaults.CheckListValues(allowedPermissions, [props.stringParameterPermissions.toUpperCase()], 'stringParameterPermissions'); | ||
} | ||
|
||
this.vpc = defaults.buildVpc(scope, { | ||
existingVpc: props.existingVpc, | ||
defaultVpcProps: props.publicApi ? defaults.DefaultPublicPrivateVpcProps() : defaults.DefaultIsolatedVpcProps(), | ||
userVpcProps: props.vpcProps, | ||
constructVpcProps: { enableDnsHostnames: true, enableDnsSupport: true } | ||
}); | ||
|
||
defaults.AddAwsServiceEndpoint(scope, this.vpc, defaults.ServiceEndpointTypes.SSM); | ||
|
||
if (props.existingFargateServiceObject) { | ||
this.service = props.existingFargateServiceObject; | ||
// CheckFargateProps confirms that the container is provided | ||
this.container = props.existingContainerDefinitionObject!; | ||
} else { | ||
[this.service, this.container] = defaults.CreateFargateService( | ||
scope, | ||
id, | ||
this.vpc, | ||
props.clusterProps, | ||
props.ecrRepositoryArn, | ||
props.ecrImageVersion, | ||
props.fargateTaskDefinitionProps, | ||
props.containerDefinitionProps, | ||
props.fargateServiceProps | ||
); | ||
} | ||
|
||
// Setup the SSM String parameter | ||
if (props.existingStringParameterObj) { | ||
this.stringParameter = props.existingStringParameterObj; | ||
} else { | ||
if (!props.stringParameterProps) { | ||
throw new Error("existingStringParameterObj or stringParameterProps needs to be provided."); | ||
} | ||
this.stringParameter = defaults.buildSsmStringParameter(this, 'stringParameter', props.stringParameterProps); | ||
} | ||
|
||
// Add the requested or default string parameter permissions | ||
this.stringParameter.grantRead(this.service.taskDefinition.taskRole); | ||
if (props.stringParameterPermissions) { | ||
const _permissions = props.stringParameterPermissions.toUpperCase(); | ||
|
||
if (_permissions === 'READWRITE') { | ||
this.stringParameter.grantWrite(this.service.taskDefinition.taskRole); | ||
} | ||
} | ||
|
||
// Add environment variables | ||
const stringParameterEnvironmentVariableName = props.stringParameterEnvironmentVariableName || 'SSM_STRING_PARAMETER_NAME'; | ||
this.container.addEnvironment(stringParameterEnvironmentVariableName, this.stringParameter.parameterName); | ||
} | ||
} |
105 changes: 105 additions & 0 deletions
105
source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter/package.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
{ | ||
"name": "@aws-solutions-constructs/aws-fargate-ssmstringparameter", | ||
"version": "1.149.0", | ||
"description": "CDK Constructs for AWS Fargate to AWS SSM Parameter Store Integration", | ||
"main": "lib/index.js", | ||
"types": "lib/index.d.ts", | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/awslabs/aws-solutions-constructs.git", | ||
"directory": "source/patterns/@aws-solutions-constructs/aws-fargate-ssmstringparameter" | ||
}, | ||
"author": { | ||
"name": "Amazon Web Services", | ||
"url": "https://aws.amazon.com", | ||
"organization": true | ||
}, | ||
"license": "Apache-2.0", | ||
"scripts": { | ||
"build": "tsc -b .", | ||
"lint": "eslint -c ../eslintrc.yml --ext=.js,.ts . && tslint --project .", | ||
"lint-fix": "eslint -c ../eslintrc.yml --ext=.js,.ts --fix .", | ||
"test": "jest --coverage", | ||
"clean": "tsc -b --clean", | ||
"watch": "tsc -b -w", | ||
"integ": "cdk-integ", | ||
"integ-no-clean": "cdk-integ --no-clean", | ||
"integ-assert": "cdk-integ-assert", | ||
"jsii": "jsii", | ||
"jsii-pacmak": "jsii-pacmak", | ||
"build+lint+test": "npm run jsii && npm run lint && npm test && npm run integ-assert", | ||
"snapshot-update": "npm run jsii && npm test -- -u && npm run integ-assert" | ||
}, | ||
"jsii": { | ||
"outdir": "dist", | ||
"targets": { | ||
"java": { | ||
"package": "software.amazon.awsconstructs.services.fargatessmstringparameter", | ||
"maven": { | ||
"groupId": "software.amazon.awsconstructs", | ||
"artifactId": "fargatessmstringparameter" | ||
} | ||
}, | ||
"dotnet": { | ||
"namespace": "Amazon.SolutionsConstructs.AWS.FargateSsmStringParameter", | ||
"packageId": "Amazon.SolutionsConstructs.AWS.FargateSsmStringParameter", | ||
"signAssembly": true, | ||
"iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" | ||
}, | ||
"python": { | ||
"distName": "aws-solutions-constructs.aws-fargate-ssmstringparameter", | ||
"module": "aws_solutions_constructs.aws_fargate_ssmstringparameter" | ||
} | ||
} | ||
}, | ||
"dependencies": { | ||
"@aws-cdk/core": "1.149.0", | ||
"@aws-cdk/aws-ec2": "1.149.0", | ||
"@aws-cdk/aws-ssm": "1.149.0", | ||
"@aws-cdk/aws-ecs": "1.149.0", | ||
"@aws-solutions-constructs/core": "1.149.0", | ||
"constructs": "^3.2.0" | ||
}, | ||
"devDependencies": { | ||
"@aws-cdk/assert": "1.149.0", | ||
"@aws-cdk/core": "1.149.0", | ||
"@aws-cdk/aws-ec2": "1.149.0", | ||
"@aws-cdk/aws-ssm": "1.149.0", | ||
"@aws-cdk/aws-ecs": "1.149.0", | ||
"@types/jest": "^26.0.22", | ||
"@aws-solutions-constructs/core": "1.149.0", | ||
"@types/node": "^10.3.0", | ||
"constructs": "3.2.0" | ||
}, | ||
"jest": { | ||
"moduleFileExtensions": [ | ||
"js" | ||
], | ||
"coverageReporters": [ | ||
"text", | ||
[ | ||
"lcov", | ||
{ | ||
"projectRoot": "../../../../" | ||
} | ||
] | ||
] | ||
}, | ||
"peerDependencies": { | ||
"@aws-cdk/core": "1.149.0", | ||
"@aws-cdk/aws-ec2": "1.149.0", | ||
"@aws-cdk/aws-ssm": "1.149.0", | ||
"@aws-cdk/aws-ecs": "1.149.0", | ||
"@aws-solutions-constructs/core": "1.149.0", | ||
"constructs": "^3.2.0" | ||
}, | ||
"keywords": [ | ||
"aws", | ||
"cdk", | ||
"awscdk", | ||
"AWS Solutions Constructs", | ||
"Amazon Systems Manager", | ||
"Amazon SSM String Parameter", | ||
"AWS Fargate" | ||
] | ||
} |
Oops, something went wrong.