@gradientedge/cdk-utils 7.9.0 → 7.10.0

package/dist/src/lib/construct/site-with-ecs-backend/main.js

@@ -24,9 +24,11 @@ var __importStar = (this && this.__importStar) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SiteWithEcsBackend = void 0;
+const cdk = __importStar(require("aws-cdk-lib"));
 const cloudfront = __importStar(require("aws-cdk-lib/aws-cloudfront"));
 const origins = __importStar(require("aws-cdk-lib/aws-cloudfront-origins"));
 const ecs = __importStar(require("aws-cdk-lib/aws-ecs"));
+const ecsPatterns = __importStar(require("aws-cdk-lib/aws-ecs-patterns"));
 const iam = __importStar(require("aws-cdk-lib/aws-iam"));
 const common_1 = require("../../common");
 /**
@@ -219,22 +221,47 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
      * @protected
      */
     createEcsService() {
-        const fargateService = this.ecsManager.createLoadBalancedFargateService(this.id, this, {
-            ...this.props.siteTask,
-            ...{
-                domainName: this.siteInternalDomainName,
-                domainZone: this.siteHostedZone,
-                healthCheck: this.props.siteHealthCheck,
-                taskImageOptions: {
-                    ...this.props.siteTask.taskImageOptions,
-                    environment: this.siteEcsEnvironment,
-                    executionRole: this.siteEcsRole,
-                    taskRole: this.siteEcsRole,
-                    image: this.siteEcsContainerImage,
-                    secrets: this.siteSecrets,
-                },
+        const fargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, `${this.id}-ecs-service`, {
+            cluster: this.siteEcsCluster,
+            desiredCount: this.props.siteTask.desiredCount,
+            enableECSManagedTags: true,
+            serviceName: `${this.id}-${this.props.stage}`,
+            cpu: this.props.siteTask.cpu,
+            loadBalancerName: `${this.id}-${this.props.stage}`,
+            domainName: this.siteInternalDomainName,
+            domainZone: this.siteHostedZone,
+            listenerPort: this.props.siteTask.listenerPort,
+            memoryLimitMiB: this.props.siteTask.memoryLimitMiB,
+            healthCheckGracePeriod: cdk.Duration.seconds(60),
+            assignPublicIp: true,
+            taskImageOptions: {
+                enableLogging: true,
+                logDriver: ecs.LogDriver.awsLogs({
+                    logGroup: this.siteEcsLogGroup,
+                    streamPrefix: `${this.id}-${this.props.stage}/ecs`,
+                }),
+                image: this.siteEcsContainerImage,
+                executionRole: this.siteEcsRole,
+                taskRole: this.siteEcsRole,
+                containerPort: this.props.siteTask.taskImageOptions?.containerPort,
+                environment: this.siteEcsEnvironment,
+                secrets: this.siteSecrets,
             },
-        }, this.siteEcsCluster, this.siteEcsLogGroup);
+        });
+        if (this.props.siteHealthCheck) {
+            fargateService.targetGroup.configureHealthCheck({
+                enabled: this.props.siteHealthCheck.enabled ?? true,
+                path: this.props.siteHealthCheck.path ?? '/',
+                port: this.props.siteHealthCheck.port,
+                interval: cdk.Duration.seconds(this.props.siteHealthCheck.intervalInSecs),
+                timeout: cdk.Duration.seconds(this.props.siteHealthCheck.timeoutInSecs),
+                healthyThresholdCount: this.props.siteHealthCheck.healthyThresholdCount,
+                unhealthyThresholdCount: this.props.siteHealthCheck.unhealthyThresholdCount,
+                healthyGrpcCodes: this.props.siteHealthCheck.healthyGrpcCodes,
+                healthyHttpCodes: this.props.siteHealthCheck.healthyHttpCodes,
+                protocol: this.props.siteHealthCheck.protocol,
+            });
+        }
         this.siteEcsService = fargateService.service;
         this.siteEcsTaskDefinition = fargateService.taskDefinition;
         this.siteEcsListener = fargateService.listener;

package/dist/src/lib/manager/aws/lambda-manager.d.ts

@@ -66,4 +66,19 @@ export declare class LambdaManager {
      * @param {string?} mountPath
      */
     createEdgeFunction(id: string, scope: common.CommonConstruct, props: types.LambdaEdgeProps, layers: lambda.ILayerVersion[], code: lambda.AssetCode, environment?: any, vpc?: ec2.IVpc, securityGroups?: ec2.ISecurityGroup[], accessPoint?: efs.IAccessPoint, mountPath?: string): cdk.aws_cloudfront.experimental.EdgeFunction;
+    /**
+     * @summary Method to create a lambda function (nodejs) with docker image
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.LambdaProps} props
+     * @param {iam.Role | iam.CfnRole} role
+     * @param {lambda.DockerImageCode} code
+     * @param {Map<string, string>?} environment
+     * @param {ec2.IVpc?} vpc
+     * @param {ec2.ISecurityGroup[]?} securityGroups
+     * @param {efs.IAccessPoint?} accessPoint
+     * @param {string?} mountPath
+     * @param {ec2.SubnetSelection?} vpcSubnets
+     */
+    createLambdaDockerFunction(id: string, scope: common.CommonConstruct, props: types.LambdaProps, role: iam.Role | iam.CfnRole, code: lambda.DockerImageCode, environment?: any, vpc?: ec2.IVpc, securityGroups?: ec2.ISecurityGroup[], accessPoint?: efs.IAccessPoint, mountPath?: string, vpcSubnets?: ec2.SubnetSelection): cdk.aws_lambda.DockerImageFunction;
 }

package/dist/src/lib/manager/aws/lambda-manager.js

@@ -142,5 +142,59 @@ class LambdaManager {
     createEdgeFunction(id, scope, props, layers, code, environment, vpc, securityGroups, accessPoint, mountPath) {
         return new cloudfront_manager_1.CloudFrontManager().createEdgeFunction(id, scope, props, layers, code, environment, vpc, securityGroups, accessPoint, mountPath);
     }
+    /**
+     * @summary Method to create a lambda function (nodejs) with docker image
+     * @param {string} id scoped id of the resource
+     * @param {common.CommonConstruct} scope scope in which this resource is defined
+     * @param {types.LambdaProps} props
+     * @param {iam.Role | iam.CfnRole} role
+     * @param {lambda.DockerImageCode} code
+     * @param {Map<string, string>?} environment
+     * @param {ec2.IVpc?} vpc
+     * @param {ec2.ISecurityGroup[]?} securityGroups
+     * @param {efs.IAccessPoint?} accessPoint
+     * @param {string?} mountPath
+     * @param {ec2.SubnetSelection?} vpcSubnets
+     */
+    createLambdaDockerFunction(id, scope, props, role, code, environment, vpc, securityGroups, accessPoint, mountPath, vpcSubnets) {
+        if (!props)
+            throw `Lambda props undefined for ${id}`;
+        const functionName = `${props.functionName}-${scope.props.stage}`;
+        let deadLetterQueue;
+        if (props.deadLetterQueueEnabled && props.dlq) {
+            const redriveQueue = scope.sqsManager.createRedriveQueueForLambda(`${id}-rdq`, scope, props);
+            deadLetterQueue = scope.sqsManager.createDeadLetterQueueForLambda(`${id}-dlq`, scope, props, redriveQueue);
+        }
+        const lambdaFunction = new lambda.DockerImageFunction(scope, `${id}`, {
+            ...props,
+            ...{
+                allowPublicSubnet: !!vpc,
+                functionName: functionName,
+                runtime: LambdaManager.NODEJS_RUNTIME,
+                code: code,
+                deadLetterQueue: deadLetterQueue,
+                architecture: props.architecture ?? lambda.Architecture.ARM_64,
+                environment: {
+                    REGION: scope.props.region,
+                    LAST_MODIFIED_TS: new Date().toISOString(),
+                    STAGE: scope.props.stage,
+                    ...environment,
+                },
+                filesystem: accessPoint
+                    ? lambda.FileSystem.fromEfsAccessPoint(accessPoint, mountPath || '/mnt/msg')
+                    : undefined,
+                reservedConcurrentExecutions: props.reservedConcurrentExecutions,
+                role: role instanceof iam.Role ? role : undefined,
+                securityGroups: securityGroups,
+                timeout: props.timeoutInSecs ? cdk.Duration.seconds(props.timeoutInSecs) : cdk.Duration.minutes(1),
+                vpc: vpc,
+                vpcSubnets: vpcSubnets,
+                tracing: props.tracing,
+            },
+        });
+        utils.createCfnOutput(`${id}-lambdaArn`, scope, lambdaFunction.functionArn);
+        utils.createCfnOutput(`${id}-lambdaName`, scope, lambdaFunction.functionName);
+        return lambdaFunction;
+    }
 }
 exports.LambdaManager = LambdaManager;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gradientedge/cdk-utils",
-  "version": "7.9.0",
+  "version": "7.10.0",
   "description": "Utilities for AWS CDK provisioning",
   "main": "dist/index.js",
   "engines": {

package/src/lib/construct/site-with-ecs-backend/main.ts

@@ -1,8 +1,10 @@
+import * as cdk from 'aws-cdk-lib'
 import * as certificateManager from 'aws-cdk-lib/aws-certificatemanager'
 import * as cloudfront from 'aws-cdk-lib/aws-cloudfront'
 import * as origins from 'aws-cdk-lib/aws-cloudfront-origins'
 import * as ec2 from 'aws-cdk-lib/aws-ec2'
 import * as ecs from 'aws-cdk-lib/aws-ecs'
+import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns'
 import * as elb from 'aws-cdk-lib/aws-elasticloadbalancingv2'
 import * as iam from 'aws-cdk-lib/aws-iam'
 import * as logs from 'aws-cdk-lib/aws-logs'
@@ -241,28 +243,48 @@ export class SiteWithEcsBackend extends CommonConstruct {
    * @protected
    */
   protected createEcsService() {
-    const fargateService = this.ecsManager.createLoadBalancedFargateService(
-      this.id,
-      this,
-      {
-        ...this.props.siteTask,
-        ...{
-          domainName: this.siteInternalDomainName,
-          domainZone: this.siteHostedZone,
-          healthCheck: this.props.siteHealthCheck,
-          taskImageOptions: {
-            ...this.props.siteTask.taskImageOptions,
-            environment: this.siteEcsEnvironment,
-            executionRole: this.siteEcsRole,
-            taskRole: this.siteEcsRole,
-            image: this.siteEcsContainerImage,
-            secrets: this.siteSecrets,
-          },
-        },
+    const fargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, `${this.id}-ecs-service`, {
+      cluster: this.siteEcsCluster,
+      desiredCount: this.props.siteTask.desiredCount,
+      enableECSManagedTags: true,
+      serviceName: `${this.id}-${this.props.stage}`,
+      cpu: this.props.siteTask.cpu,
+      loadBalancerName: `${this.id}-${this.props.stage}`,
+      domainName: this.siteInternalDomainName,
+      domainZone: this.siteHostedZone,
+      listenerPort: this.props.siteTask.listenerPort,
+      memoryLimitMiB: this.props.siteTask.memoryLimitMiB,
+      healthCheckGracePeriod: cdk.Duration.seconds(60),
+      assignPublicIp: true,
+      taskImageOptions: {
+        enableLogging: true,
+        logDriver: ecs.LogDriver.awsLogs({
+          logGroup: this.siteEcsLogGroup,
+          streamPrefix: `${this.id}-${this.props.stage}/ecs`,
+        }),
+        image: this.siteEcsContainerImage,
+        executionRole: this.siteEcsRole,
+        taskRole: this.siteEcsRole,
+        containerPort: this.props.siteTask.taskImageOptions?.containerPort,
+        environment: this.siteEcsEnvironment,
+        secrets: this.siteSecrets,
       },
-      this.siteEcsCluster,
-      this.siteEcsLogGroup
-    )
+    })
+
+    if (this.props.siteHealthCheck) {
+      fargateService.targetGroup.configureHealthCheck({
+        enabled: this.props.siteHealthCheck.enabled ?? true,
+        path: this.props.siteHealthCheck.path ?? '/',
+        port: this.props.siteHealthCheck.port,
+        interval: cdk.Duration.seconds(this.props.siteHealthCheck.intervalInSecs),
+        timeout: cdk.Duration.seconds(this.props.siteHealthCheck.timeoutInSecs),
+        healthyThresholdCount: this.props.siteHealthCheck.healthyThresholdCount,
+        unhealthyThresholdCount: this.props.siteHealthCheck.unhealthyThresholdCount,
+        healthyGrpcCodes: this.props.siteHealthCheck.healthyGrpcCodes,
+        healthyHttpCodes: this.props.siteHealthCheck.healthyHttpCodes,
+        protocol: this.props.siteHealthCheck.protocol,
+      })
+    }
 
     this.siteEcsService = fargateService.service
     this.siteEcsTaskDefinition = fargateService.taskDefinition

package/src/lib/manager/aws/lambda-manager.ts

@@ -166,4 +166,75 @@ export class LambdaManager {
       mountPath
     )
   }
+
+  /**
+   * @summary Method to create a lambda function (nodejs) with docker image
+   * @param {string} id scoped id of the resource
+   * @param {common.CommonConstruct} scope scope in which this resource is defined
+   * @param {types.LambdaProps} props
+   * @param {iam.Role | iam.CfnRole} role
+   * @param {lambda.DockerImageCode} code
+   * @param {Map<string, string>?} environment
+   * @param {ec2.IVpc?} vpc
+   * @param {ec2.ISecurityGroup[]?} securityGroups
+   * @param {efs.IAccessPoint?} accessPoint
+   * @param {string?} mountPath
+   * @param {ec2.SubnetSelection?} vpcSubnets
+   */
+  public createLambdaDockerFunction(
+    id: string,
+    scope: common.CommonConstruct,
+    props: types.LambdaProps,
+    role: iam.Role | iam.CfnRole,
+    code: lambda.DockerImageCode,
+    environment?: any,
+    vpc?: ec2.IVpc,
+    securityGroups?: ec2.ISecurityGroup[],
+    accessPoint?: efs.IAccessPoint,
+    mountPath?: string,
+    vpcSubnets?: ec2.SubnetSelection
+  ) {
+    if (!props) throw `Lambda props undefined for ${id}`
+
+    const functionName = `${props.functionName}-${scope.props.stage}`
+
+    let deadLetterQueue
+    if (props.deadLetterQueueEnabled && props.dlq) {
+      const redriveQueue = scope.sqsManager.createRedriveQueueForLambda(`${id}-rdq`, scope, props)
+      deadLetterQueue = scope.sqsManager.createDeadLetterQueueForLambda(`${id}-dlq`, scope, props, redriveQueue)
+    }
+
+    const lambdaFunction = new lambda.DockerImageFunction(scope, `${id}`, {
+      ...props,
+      ...{
+        allowPublicSubnet: !!vpc,
+        functionName: functionName,
+        runtime: LambdaManager.NODEJS_RUNTIME,
+        code: code,
+        deadLetterQueue: deadLetterQueue,
+        architecture: props.architecture ?? lambda.Architecture.ARM_64,
+        environment: {
+          REGION: scope.props.region,
+          LAST_MODIFIED_TS: new Date().toISOString(),
+          STAGE: scope.props.stage,
+          ...environment,
+        },
+        filesystem: accessPoint
+          ? lambda.FileSystem.fromEfsAccessPoint(accessPoint, mountPath || '/mnt/msg')
+          : undefined,
+        reservedConcurrentExecutions: props.reservedConcurrentExecutions,
+        role: role instanceof iam.Role ? role : undefined,
+        securityGroups: securityGroups,
+        timeout: props.timeoutInSecs ? cdk.Duration.seconds(props.timeoutInSecs) : cdk.Duration.minutes(1),
+        vpc: vpc,
+        vpcSubnets: vpcSubnets,
+        tracing: props.tracing,
+      },
+    })
+
+    utils.createCfnOutput(`${id}-lambdaArn`, scope, lambdaFunction.functionArn)
+    utils.createCfnOutput(`${id}-lambdaName`, scope, lambdaFunction.functionName)
+
+    return lambdaFunction
+  }
 }