@gradientedge/cdk-utils 8.39.0 → 8.40.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/app/api-destined-function/node_modules/.bin/mkdirp +4 -4
- package/app/api-destined-function/node_modules/.bin/rimraf +4 -4
- package/app/api-destined-function/package.json +2 -2
- package/dist/src/lib/common/construct.d.ts +1 -0
- package/dist/src/lib/common/construct.js +2 -0
- package/dist/src/lib/construct/site-with-ecs-backend/main.d.ts +2 -0
- package/dist/src/lib/construct/site-with-ecs-backend/main.js +18 -0
- package/dist/src/lib/manager/aws/efs-manager.d.ts +46 -0
- package/dist/src/lib/manager/aws/efs-manager.js +103 -0
- package/dist/src/lib/manager/aws/index.d.ts +1 -0
- package/dist/src/lib/manager/aws/index.js +1 -0
- package/dist/src/lib/types/aws/index.d.ts +19 -0
- package/package.json +13 -13
- package/src/lib/common/construct.ts +3 -0
- package/src/lib/construct/site-with-ecs-backend/main.ts +28 -0
- package/src/lib/manager/aws/efs-manager.ts +93 -0
- package/src/lib/manager/aws/index.ts +1 -0
- package/src/lib/types/aws/index.ts +20 -0
|
@@ -6,12 +6,12 @@ case `uname` in
|
|
|
6
6
|
esac
|
|
7
7
|
|
|
8
8
|
if [ -z "$NODE_PATH" ]; then
|
|
9
|
-
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.
|
|
9
|
+
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/cjs/src/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/cjs/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/node_modules"
|
|
10
10
|
else
|
|
11
|
-
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.
|
|
11
|
+
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/cjs/src/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/cjs/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/mkdirp@2.1.6/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/node_modules:$NODE_PATH"
|
|
12
12
|
fi
|
|
13
13
|
if [ -x "$basedir/node" ]; then
|
|
14
|
-
exec "$basedir/node" "$basedir/../../../../node_modules/.pnpm/mkdirp@2.1.
|
|
14
|
+
exec "$basedir/node" "$basedir/../../../../node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/cjs/src/bin.js" "$@"
|
|
15
15
|
else
|
|
16
|
-
exec node "$basedir/../../../../node_modules/.pnpm/mkdirp@2.1.
|
|
16
|
+
exec node "$basedir/../../../../node_modules/.pnpm/mkdirp@2.1.6/node_modules/mkdirp/dist/cjs/src/bin.js" "$@"
|
|
17
17
|
fi
|
|
@@ -6,12 +6,12 @@ case `uname` in
|
|
|
6
6
|
esac
|
|
7
7
|
|
|
8
8
|
if [ -z "$NODE_PATH" ]; then
|
|
9
|
-
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.
|
|
9
|
+
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/cjs/src/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/cjs/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/node_modules"
|
|
10
10
|
else
|
|
11
|
-
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.
|
|
11
|
+
export NODE_PATH="/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/cjs/src/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/cjs/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/rimraf@4.4.1/node_modules:/home/runner/work/cdk-utils/cdk-utils/node_modules/.pnpm/node_modules:$NODE_PATH"
|
|
12
12
|
fi
|
|
13
13
|
if [ -x "$basedir/node" ]; then
|
|
14
|
-
exec "$basedir/node" "$basedir/../../../../node_modules/.pnpm/rimraf@4.4.
|
|
14
|
+
exec "$basedir/node" "$basedir/../../../../node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/cjs/src/bin.js" "$@"
|
|
15
15
|
else
|
|
16
|
-
exec node "$basedir/../../../../node_modules/.pnpm/rimraf@4.4.
|
|
16
|
+
exec node "$basedir/../../../../node_modules/.pnpm/rimraf@4.4.1/node_modules/rimraf/dist/cjs/src/bin.js" "$@"
|
|
17
17
|
fi
|
|
@@ -30,6 +30,7 @@ export declare class CommonConstruct extends Construct {
|
|
|
30
30
|
dynamodbManager: aws.DynamodbManager;
|
|
31
31
|
ecrManager: aws.EcrManager;
|
|
32
32
|
ecsManager: aws.EcsManager;
|
|
33
|
+
efsManager: aws.EfsManager;
|
|
33
34
|
eksManager: aws.EksManager;
|
|
34
35
|
elasticacheManager: aws.ElastiCacheManager;
|
|
35
36
|
eventManager: aws.EventManager;
|
|
@@ -55,6 +55,7 @@ class CommonConstruct extends constructs_1.Construct {
|
|
|
55
55
|
dynamodbManager;
|
|
56
56
|
ecrManager;
|
|
57
57
|
ecsManager;
|
|
58
|
+
efsManager;
|
|
58
59
|
eksManager;
|
|
59
60
|
elasticacheManager;
|
|
60
61
|
eventManager;
|
|
@@ -86,6 +87,7 @@ class CommonConstruct extends constructs_1.Construct {
|
|
|
86
87
|
this.dynamodbManager = new aws.DynamodbManager();
|
|
87
88
|
this.ecrManager = new aws.EcrManager();
|
|
88
89
|
this.ecsManager = new aws.EcsManager();
|
|
90
|
+
this.efsManager = new aws.EfsManager();
|
|
89
91
|
this.eksManager = new aws.EksManager();
|
|
90
92
|
this.elasticacheManager = new aws.ElastiCacheManager();
|
|
91
93
|
this.eventManager = new aws.EventManager();
|
|
@@ -8,6 +8,7 @@ import * as iam from 'aws-cdk-lib/aws-iam';
|
|
|
8
8
|
import * as logs from 'aws-cdk-lib/aws-logs';
|
|
9
9
|
import * as route53 from 'aws-cdk-lib/aws-route53';
|
|
10
10
|
import * as s3 from 'aws-cdk-lib/aws-s3';
|
|
11
|
+
import * as efs from 'aws-cdk-lib/aws-efs';
|
|
11
12
|
import { Construct } from 'constructs';
|
|
12
13
|
import { CommonConstruct } from '../../common';
|
|
13
14
|
import { SiteWithEcsBackendProps } from '../../types';
|
|
@@ -51,6 +52,7 @@ export declare class SiteWithEcsBackend extends CommonConstruct {
|
|
|
51
52
|
siteEcsListener: elb.ApplicationListener;
|
|
52
53
|
siteEcsLoadBalancer: elb.ApplicationLoadBalancer;
|
|
53
54
|
siteEcsTargetGroup: elb.ApplicationTargetGroup;
|
|
55
|
+
siteFileSystem: efs.FileSystem;
|
|
54
56
|
siteLogBucket: s3.IBucket;
|
|
55
57
|
siteOrigin: origins.HttpOrigin;
|
|
56
58
|
siteDistribution: cloudfront.Distribution;
|
|
@@ -71,6 +71,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
71
71
|
siteEcsListener;
|
|
72
72
|
siteEcsLoadBalancer;
|
|
73
73
|
siteEcsTargetGroup;
|
|
74
|
+
siteFileSystem;
|
|
74
75
|
siteLogBucket;
|
|
75
76
|
siteOrigin;
|
|
76
77
|
siteDistribution;
|
|
@@ -270,6 +271,23 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
270
271
|
this.siteEcsLoadBalancer = fargateService.loadBalancer;
|
|
271
272
|
this.siteEcsTargetGroup = fargateService.targetGroup;
|
|
272
273
|
fargateService.loadBalancer.logAccessLogs(this.siteLogBucket, 'alb');
|
|
274
|
+
/* if enabled, add efs with access point and mount */
|
|
275
|
+
if (this.props.siteFileSystem) {
|
|
276
|
+
this.siteFileSystem = this.efsManager.createFileSystem(`${this.id}-fs`, this, this.props.siteFileSystem, this.siteVpc, this.props.siteFileSystemAccessPoints);
|
|
277
|
+
/* allow access to EFS from Fargate ECS service */
|
|
278
|
+
this.siteFileSystem.connections.allowDefaultPortFrom(this.siteEcsService.connections);
|
|
279
|
+
/* add the efs volume to ecs task definition */
|
|
280
|
+
this.siteEcsTaskDefinition.addVolume({
|
|
281
|
+
name: `${this.id}-fs`,
|
|
282
|
+
efsVolumeConfiguration: {
|
|
283
|
+
fileSystemId: this.siteFileSystem.fileSystemId,
|
|
284
|
+
rootDirectory: this.props.siteFileSystem.rootDirectory,
|
|
285
|
+
transitEncryption: this.props.siteFileSystem.transitEncryption,
|
|
286
|
+
transitEncryptionPort: this.props.siteFileSystem.transitEncryptionPort,
|
|
287
|
+
authorizationConfig: this.props.siteFileSystem.authorizationConfig,
|
|
288
|
+
},
|
|
289
|
+
});
|
|
290
|
+
}
|
|
273
291
|
this.addCfnOutput(`${this.id}-loadBalancerArn`, this.siteEcsLoadBalancer.loadBalancerArn ?? '');
|
|
274
292
|
this.addCfnOutput(`${this.id}-loadBalancerName`, this.siteEcsLoadBalancer.loadBalancerName ?? '');
|
|
275
293
|
this.addCfnOutput(`${this.id}-loadBalancerFullName`, this.siteEcsLoadBalancer.loadBalancerFullName ?? '');
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
import * as common from '../../common';
|
|
2
|
+
import * as types from '../../types/aws';
|
|
3
|
+
import * as ec2 from 'aws-cdk-lib/aws-ec2';
|
|
4
|
+
import * as efs from 'aws-cdk-lib/aws-efs';
|
|
5
|
+
export declare const DEFAULT_CREATE_ACL: {
|
|
6
|
+
ownerUid: string;
|
|
7
|
+
ownerGid: string;
|
|
8
|
+
permissions: string;
|
|
9
|
+
};
|
|
10
|
+
export declare const DEFAULT_POSIX_USER: {
|
|
11
|
+
uid: string;
|
|
12
|
+
gid: string;
|
|
13
|
+
};
|
|
14
|
+
/**
|
|
15
|
+
* @stability stable
|
|
16
|
+
* @category cdk-utils.efs-manager
|
|
17
|
+
* @subcategory Construct
|
|
18
|
+
* @classdesc Provides operations on AWS Elastic File System.
|
|
19
|
+
* - A new instance of this class is injected into {@link common.CommonConstruct} constructor.
|
|
20
|
+
* - If a custom construct extends {@link common.CommonConstruct}, an instance is available within the context.
|
|
21
|
+
* @example
|
|
22
|
+
* import * as common from '@gradientedge/cdk-utils'
|
|
23
|
+
*
|
|
24
|
+
* class CustomConstruct extends common.common.CommonConstruct {
|
|
25
|
+
* constructor(parent: cdk.Construct, id: string, props: common.CommonStackProps) {
|
|
26
|
+
* super(parent, id, props)
|
|
27
|
+
* this.props = props
|
|
28
|
+
* this.efsManager.createFileSystem('MyFileSystem', this, fileSystemProps, vpc)
|
|
29
|
+
* }
|
|
30
|
+
* }
|
|
31
|
+
*
|
|
32
|
+
* @see [CDK EFS Module]{@link https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_efs-readme.html}
|
|
33
|
+
*/
|
|
34
|
+
export declare class EfsManager {
|
|
35
|
+
/**
|
|
36
|
+
* @summary Method to create an efs file system
|
|
37
|
+
* @param {string} id scoped id of the resource
|
|
38
|
+
* @param {common.CommonConstruct} scope scope in which this resource is defined
|
|
39
|
+
* @param {types.EfsFileSystemProps} props the file system props
|
|
40
|
+
* @param {ec2.IVpc} vpc the vpc to use for the file system
|
|
41
|
+
* @param {types.EfsAccessPointOptions[]} accessPointOptions optional access point configuration options for the file system
|
|
42
|
+
* @param {ec2.ISecurityGroup} securityGroup optional security groups to configure for the file system
|
|
43
|
+
* @param {ec2.SubnetSelection} vpcSubnets optional subnets to configure for the file system
|
|
44
|
+
*/
|
|
45
|
+
createFileSystem(id: string, scope: common.CommonConstruct, props: types.EfsFileSystemProps, vpc: ec2.IVpc, accessPointOptions?: types.EfsAccessPointOptions[], securityGroup?: ec2.ISecurityGroup, vpcSubnets?: ec2.SubnetSelection): efs.FileSystem;
|
|
46
|
+
}
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
25
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
26
|
+
exports.EfsManager = exports.DEFAULT_POSIX_USER = exports.DEFAULT_CREATE_ACL = void 0;
|
|
27
|
+
const efs = __importStar(require("aws-cdk-lib/aws-efs"));
|
|
28
|
+
const cdk = __importStar(require("aws-cdk-lib"));
|
|
29
|
+
const utils = __importStar(require("../../utils"));
|
|
30
|
+
exports.DEFAULT_CREATE_ACL = {
|
|
31
|
+
ownerUid: '1000',
|
|
32
|
+
ownerGid: '1000',
|
|
33
|
+
permissions: '755',
|
|
34
|
+
};
|
|
35
|
+
exports.DEFAULT_POSIX_USER = {
|
|
36
|
+
uid: '1000',
|
|
37
|
+
gid: '1000',
|
|
38
|
+
};
|
|
39
|
+
/**
|
|
40
|
+
* @stability stable
|
|
41
|
+
* @category cdk-utils.efs-manager
|
|
42
|
+
* @subcategory Construct
|
|
43
|
+
* @classdesc Provides operations on AWS Elastic File System.
|
|
44
|
+
* - A new instance of this class is injected into {@link common.CommonConstruct} constructor.
|
|
45
|
+
* - If a custom construct extends {@link common.CommonConstruct}, an instance is available within the context.
|
|
46
|
+
* @example
|
|
47
|
+
* import * as common from '@gradientedge/cdk-utils'
|
|
48
|
+
*
|
|
49
|
+
* class CustomConstruct extends common.common.CommonConstruct {
|
|
50
|
+
* constructor(parent: cdk.Construct, id: string, props: common.CommonStackProps) {
|
|
51
|
+
* super(parent, id, props)
|
|
52
|
+
* this.props = props
|
|
53
|
+
* this.efsManager.createFileSystem('MyFileSystem', this, fileSystemProps, vpc)
|
|
54
|
+
* }
|
|
55
|
+
* }
|
|
56
|
+
*
|
|
57
|
+
* @see [CDK EFS Module]{@link https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_efs-readme.html}
|
|
58
|
+
*/
|
|
59
|
+
class EfsManager {
|
|
60
|
+
/**
|
|
61
|
+
* @summary Method to create an efs file system
|
|
62
|
+
* @param {string} id scoped id of the resource
|
|
63
|
+
* @param {common.CommonConstruct} scope scope in which this resource is defined
|
|
64
|
+
* @param {types.EfsFileSystemProps} props the file system props
|
|
65
|
+
* @param {ec2.IVpc} vpc the vpc to use for the file system
|
|
66
|
+
* @param {types.EfsAccessPointOptions[]} accessPointOptions optional access point configuration options for the file system
|
|
67
|
+
* @param {ec2.ISecurityGroup} securityGroup optional security groups to configure for the file system
|
|
68
|
+
* @param {ec2.SubnetSelection} vpcSubnets optional subnets to configure for the file system
|
|
69
|
+
*/
|
|
70
|
+
createFileSystem(id, scope, props, vpc, accessPointOptions, securityGroup, vpcSubnets) {
|
|
71
|
+
if (!props)
|
|
72
|
+
throw `EFS props undefined for ${id}`;
|
|
73
|
+
const fileSystem = new efs.FileSystem(scope, `${id}`, {
|
|
74
|
+
...props,
|
|
75
|
+
vpc,
|
|
76
|
+
securityGroup,
|
|
77
|
+
vpcSubnets,
|
|
78
|
+
fileSystemName: props.fileSystemName ? `${props.fileSystemName}-${scope.props.stage}` : undefined,
|
|
79
|
+
lifecyclePolicy: props.lifecyclePolicy ?? efs.LifecyclePolicy.AFTER_7_DAYS,
|
|
80
|
+
performanceMode: props.performanceMode ?? efs.PerformanceMode.GENERAL_PURPOSE,
|
|
81
|
+
outOfInfrequentAccessPolicy: props.outOfInfrequentAccessPolicy ?? efs.OutOfInfrequentAccessPolicy.AFTER_1_ACCESS,
|
|
82
|
+
removalPolicy: props.removalPolicy ?? cdk.RemovalPolicy.DESTROY,
|
|
83
|
+
});
|
|
84
|
+
utils.createCfnOutput(`${id}-fileSystemArn`, scope, fileSystem.fileSystemArn);
|
|
85
|
+
utils.createCfnOutput(`${id}-fileSystemId`, scope, fileSystem.fileSystemId);
|
|
86
|
+
/* provision access points if specified */
|
|
87
|
+
if (accessPointOptions && accessPointOptions.length > 0) {
|
|
88
|
+
for (const [index, accessPointOption] of accessPointOptions.entries()) {
|
|
89
|
+
if (!accessPointOption.path)
|
|
90
|
+
throw `Undefined access point path for option: [${accessPointOption}], id: [${id}]`;
|
|
91
|
+
const accessPoint = fileSystem.addAccessPoint(`${id}-ap-${index}`, {
|
|
92
|
+
path: accessPointOption.path,
|
|
93
|
+
createAcl: accessPointOption.createAcl ?? exports.DEFAULT_CREATE_ACL,
|
|
94
|
+
posixUser: accessPointOption.posixUser ?? exports.DEFAULT_POSIX_USER,
|
|
95
|
+
});
|
|
96
|
+
utils.createCfnOutput(`${id}-accessPointArn-${index}`, scope, accessPoint.accessPointArn);
|
|
97
|
+
utils.createCfnOutput(`${id}-accessPointId-${index}`, scope, accessPoint.accessPointId);
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
return fileSystem;
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
exports.EfsManager = EfsManager;
|
|
@@ -8,6 +8,7 @@ export * from './codebuild-manager';
|
|
|
8
8
|
export * from './dynamodb-manager';
|
|
9
9
|
export * from './ecr-manager';
|
|
10
10
|
export * from './ecs-manager';
|
|
11
|
+
export * from './efs-manager';
|
|
11
12
|
export * from './eks-manager';
|
|
12
13
|
export * from './elasticache-manager';
|
|
13
14
|
export * from './event-manager';
|
|
@@ -24,6 +24,7 @@ __exportStar(require("./codebuild-manager"), exports);
|
|
|
24
24
|
__exportStar(require("./dynamodb-manager"), exports);
|
|
25
25
|
__exportStar(require("./ecr-manager"), exports);
|
|
26
26
|
__exportStar(require("./ecs-manager"), exports);
|
|
27
|
+
__exportStar(require("./efs-manager"), exports);
|
|
27
28
|
__exportStar(require("./eks-manager"), exports);
|
|
28
29
|
__exportStar(require("./elasticache-manager"), exports);
|
|
29
30
|
__exportStar(require("./event-manager"), exports);
|
|
@@ -12,6 +12,7 @@ import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns';
|
|
|
12
12
|
import * as eks from 'aws-cdk-lib/aws-eks';
|
|
13
13
|
import * as elasticache from 'aws-cdk-lib/aws-elasticache';
|
|
14
14
|
import * as elb from 'aws-cdk-lib/aws-elasticloadbalancingv2';
|
|
15
|
+
import * as efs from 'aws-cdk-lib/aws-efs';
|
|
15
16
|
import * as events from 'aws-cdk-lib/aws-events';
|
|
16
17
|
import * as iam from 'aws-cdk-lib/aws-iam';
|
|
17
18
|
import * as kms from 'aws-cdk-lib/aws-kms';
|
|
@@ -75,6 +76,8 @@ export interface SiteWithEcsBackendProps extends CommonStackProps {
|
|
|
75
76
|
siteSubDomain: string;
|
|
76
77
|
siteTask: EcsApplicationLoadBalancedFargateServiceProps;
|
|
77
78
|
siteVpc: ec2.VpcProps;
|
|
79
|
+
siteFileSystem?: EfsFileSystemProps;
|
|
80
|
+
siteFileSystemAccessPoints?: EfsAccessPointOptions[];
|
|
78
81
|
useExistingHostedZone: boolean;
|
|
79
82
|
nodeEnv: string;
|
|
80
83
|
logLevel: string;
|
|
@@ -589,6 +592,22 @@ export interface LogQueryWidgetProps extends watch.LogQueryWidgetProps {
|
|
|
589
592
|
positionX: number;
|
|
590
593
|
positionY: number;
|
|
591
594
|
}
|
|
595
|
+
/**
|
|
596
|
+
* @category cdk-utils.efs-manager
|
|
597
|
+
* @subcategory Properties
|
|
598
|
+
*/
|
|
599
|
+
export interface EfsFileSystemProps extends efs.FileSystemProps {
|
|
600
|
+
rootDirectory?: string;
|
|
601
|
+
transitEncryption?: string;
|
|
602
|
+
transitEncryptionPort?: number;
|
|
603
|
+
authorizationConfig?: ecs.AuthorizationConfig;
|
|
604
|
+
}
|
|
605
|
+
/**
|
|
606
|
+
* @category cdk-utils.efs-manager
|
|
607
|
+
* @subcategory Properties
|
|
608
|
+
*/
|
|
609
|
+
export interface EfsAccessPointOptions extends efs.AccessPointOptions {
|
|
610
|
+
}
|
|
592
611
|
/**
|
|
593
612
|
* @category cdk-utils.ecs-manager
|
|
594
613
|
* @subcategory Properties
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gradientedge/cdk-utils",
|
|
3
|
-
"version": "8.
|
|
3
|
+
"version": "8.40.0",
|
|
4
4
|
"description": "Utilities for AWS CDK provisioning",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"engines": {
|
|
@@ -45,12 +45,12 @@
|
|
|
45
45
|
}
|
|
46
46
|
},
|
|
47
47
|
"dependencies": {
|
|
48
|
-
"@types/lodash": "^4.14.
|
|
49
|
-
"@types/node": "^18.15.
|
|
48
|
+
"@types/lodash": "^4.14.192",
|
|
49
|
+
"@types/node": "^18.15.11",
|
|
50
50
|
"app-root-path": "^3.1.0",
|
|
51
|
-
"aws-cdk-lib": "^2.
|
|
52
|
-
"@aws-sdk/client-secrets-manager": "^3.
|
|
53
|
-
"constructs": "^10.1.
|
|
51
|
+
"aws-cdk-lib": "^2.72.0",
|
|
52
|
+
"@aws-sdk/client-secrets-manager": "^3.301.0",
|
|
53
|
+
"constructs": "^10.1.296",
|
|
54
54
|
"lodash": "^4.17.21",
|
|
55
55
|
"moment": "^2.29.4",
|
|
56
56
|
"nconf": "^0.12.0",
|
|
@@ -60,15 +60,15 @@
|
|
|
60
60
|
"devDependencies": {
|
|
61
61
|
"@babel/plugin-proposal-class-properties": "^7.18.6",
|
|
62
62
|
"@types/jest": "^29.5.0",
|
|
63
|
-
"@typescript-eslint/eslint-plugin": "^5.
|
|
64
|
-
"@typescript-eslint/parser": "^5.
|
|
65
|
-
"aws-cdk": "^2.
|
|
63
|
+
"@typescript-eslint/eslint-plugin": "^5.57.0",
|
|
64
|
+
"@typescript-eslint/parser": "^5.57.0",
|
|
65
|
+
"aws-cdk": "^2.72.0",
|
|
66
66
|
"babel-eslint": "^10.1.0",
|
|
67
67
|
"better-docs": "^2.7.2",
|
|
68
68
|
"codecov": "^3.8.3",
|
|
69
69
|
"commitizen": "^4.3.0",
|
|
70
70
|
"dotenv": "^16.0.3",
|
|
71
|
-
"eslint": "^8.
|
|
71
|
+
"eslint": "^8.37.0",
|
|
72
72
|
"eslint-config-prettier": "^8.8.0",
|
|
73
73
|
"eslint-plugin-import": "^2.27.5",
|
|
74
74
|
"husky": "^8.0.3",
|
|
@@ -78,10 +78,10 @@
|
|
|
78
78
|
"jsdoc": "^4.0.2",
|
|
79
79
|
"jsdoc-babel": "^0.5.0",
|
|
80
80
|
"jsdoc-mermaid": "^1.0.0",
|
|
81
|
-
"prettier": "^2.8.
|
|
81
|
+
"prettier": "^2.8.7",
|
|
82
82
|
"prettier-plugin-organize-imports": "^3.2.2",
|
|
83
|
-
"rimraf": "^4.4.
|
|
84
|
-
"semantic-release": "^
|
|
83
|
+
"rimraf": "^4.4.1",
|
|
84
|
+
"semantic-release": "^21.0.0",
|
|
85
85
|
"taffydb": "^2.7.3",
|
|
86
86
|
"ts-jest": "^29.0.5",
|
|
87
87
|
"ts-node": "^10.9.1",
|
|
@@ -3,6 +3,7 @@ import { Construct } from 'constructs'
|
|
|
3
3
|
import * as aws from '../manager/aws'
|
|
4
4
|
import * as types from '../types'
|
|
5
5
|
import * as utils from '../utils'
|
|
6
|
+
import { EfsManager } from '../manager/aws/efs-manager'
|
|
6
7
|
|
|
7
8
|
/**
|
|
8
9
|
* @stability stable
|
|
@@ -32,6 +33,7 @@ export class CommonConstruct extends Construct {
|
|
|
32
33
|
dynamodbManager: aws.DynamodbManager
|
|
33
34
|
ecrManager: aws.EcrManager
|
|
34
35
|
ecsManager: aws.EcsManager
|
|
36
|
+
efsManager: aws.EfsManager
|
|
35
37
|
eksManager: aws.EksManager
|
|
36
38
|
elasticacheManager: aws.ElastiCacheManager
|
|
37
39
|
eventManager: aws.EventManager
|
|
@@ -65,6 +67,7 @@ export class CommonConstruct extends Construct {
|
|
|
65
67
|
this.dynamodbManager = new aws.DynamodbManager()
|
|
66
68
|
this.ecrManager = new aws.EcrManager()
|
|
67
69
|
this.ecsManager = new aws.EcsManager()
|
|
70
|
+
this.efsManager = new aws.EfsManager()
|
|
68
71
|
this.eksManager = new aws.EksManager()
|
|
69
72
|
this.elasticacheManager = new aws.ElastiCacheManager()
|
|
70
73
|
this.eventManager = new aws.EventManager()
|
|
@@ -10,6 +10,7 @@ import * as iam from 'aws-cdk-lib/aws-iam'
|
|
|
10
10
|
import * as logs from 'aws-cdk-lib/aws-logs'
|
|
11
11
|
import * as route53 from 'aws-cdk-lib/aws-route53'
|
|
12
12
|
import * as s3 from 'aws-cdk-lib/aws-s3'
|
|
13
|
+
import * as efs from 'aws-cdk-lib/aws-efs'
|
|
13
14
|
import { Construct } from 'constructs'
|
|
14
15
|
import { CommonConstruct } from '../../common'
|
|
15
16
|
import { SiteWithEcsBackendProps } from '../../types'
|
|
@@ -55,6 +56,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
55
56
|
siteEcsListener: elb.ApplicationListener
|
|
56
57
|
siteEcsLoadBalancer: elb.ApplicationLoadBalancer
|
|
57
58
|
siteEcsTargetGroup: elb.ApplicationTargetGroup
|
|
59
|
+
siteFileSystem: efs.FileSystem
|
|
58
60
|
siteLogBucket: s3.IBucket
|
|
59
61
|
siteOrigin: origins.HttpOrigin
|
|
60
62
|
siteDistribution: cloudfront.Distribution
|
|
@@ -296,6 +298,32 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
296
298
|
|
|
297
299
|
fargateService.loadBalancer.logAccessLogs(this.siteLogBucket, 'alb')
|
|
298
300
|
|
|
301
|
+
/* if enabled, add efs with access point and mount */
|
|
302
|
+
if (this.props.siteFileSystem) {
|
|
303
|
+
this.siteFileSystem = this.efsManager.createFileSystem(
|
|
304
|
+
`${this.id}-fs`,
|
|
305
|
+
this,
|
|
306
|
+
this.props.siteFileSystem,
|
|
307
|
+
this.siteVpc,
|
|
308
|
+
this.props.siteFileSystemAccessPoints
|
|
309
|
+
)
|
|
310
|
+
|
|
311
|
+
/* allow access to EFS from Fargate ECS service */
|
|
312
|
+
this.siteFileSystem.connections.allowDefaultPortFrom(this.siteEcsService.connections)
|
|
313
|
+
|
|
314
|
+
/* add the efs volume to ecs task definition */
|
|
315
|
+
this.siteEcsTaskDefinition.addVolume({
|
|
316
|
+
name: `${this.id}-fs`,
|
|
317
|
+
efsVolumeConfiguration: {
|
|
318
|
+
fileSystemId: this.siteFileSystem.fileSystemId,
|
|
319
|
+
rootDirectory: this.props.siteFileSystem.rootDirectory,
|
|
320
|
+
transitEncryption: this.props.siteFileSystem.transitEncryption,
|
|
321
|
+
transitEncryptionPort: this.props.siteFileSystem.transitEncryptionPort,
|
|
322
|
+
authorizationConfig: this.props.siteFileSystem.authorizationConfig,
|
|
323
|
+
},
|
|
324
|
+
})
|
|
325
|
+
}
|
|
326
|
+
|
|
299
327
|
this.addCfnOutput(`${this.id}-loadBalancerArn`, this.siteEcsLoadBalancer.loadBalancerArn ?? '')
|
|
300
328
|
this.addCfnOutput(`${this.id}-loadBalancerName`, this.siteEcsLoadBalancer.loadBalancerName ?? '')
|
|
301
329
|
this.addCfnOutput(`${this.id}-loadBalancerFullName`, this.siteEcsLoadBalancer.loadBalancerFullName ?? '')
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
import * as common from '../../common'
|
|
2
|
+
import * as types from '../../types/aws'
|
|
3
|
+
import * as ec2 from 'aws-cdk-lib/aws-ec2'
|
|
4
|
+
import * as efs from 'aws-cdk-lib/aws-efs'
|
|
5
|
+
import * as cdk from 'aws-cdk-lib'
|
|
6
|
+
import * as utils from '../../utils'
|
|
7
|
+
|
|
8
|
+
export const DEFAULT_CREATE_ACL = {
|
|
9
|
+
ownerUid: '1000',
|
|
10
|
+
ownerGid: '1000',
|
|
11
|
+
permissions: '755',
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
export const DEFAULT_POSIX_USER = {
|
|
15
|
+
uid: '1000',
|
|
16
|
+
gid: '1000',
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
/**
|
|
20
|
+
* @stability stable
|
|
21
|
+
* @category cdk-utils.efs-manager
|
|
22
|
+
* @subcategory Construct
|
|
23
|
+
* @classdesc Provides operations on AWS Elastic File System.
|
|
24
|
+
* - A new instance of this class is injected into {@link common.CommonConstruct} constructor.
|
|
25
|
+
* - If a custom construct extends {@link common.CommonConstruct}, an instance is available within the context.
|
|
26
|
+
* @example
|
|
27
|
+
* import * as common from '@gradientedge/cdk-utils'
|
|
28
|
+
*
|
|
29
|
+
* class CustomConstruct extends common.common.CommonConstruct {
|
|
30
|
+
* constructor(parent: cdk.Construct, id: string, props: common.CommonStackProps) {
|
|
31
|
+
* super(parent, id, props)
|
|
32
|
+
* this.props = props
|
|
33
|
+
* this.efsManager.createFileSystem('MyFileSystem', this, fileSystemProps, vpc)
|
|
34
|
+
* }
|
|
35
|
+
* }
|
|
36
|
+
*
|
|
37
|
+
* @see [CDK EFS Module]{@link https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_efs-readme.html}
|
|
38
|
+
*/
|
|
39
|
+
export class EfsManager {
|
|
40
|
+
/**
|
|
41
|
+
* @summary Method to create an efs file system
|
|
42
|
+
* @param {string} id scoped id of the resource
|
|
43
|
+
* @param {common.CommonConstruct} scope scope in which this resource is defined
|
|
44
|
+
* @param {types.EfsFileSystemProps} props the file system props
|
|
45
|
+
* @param {ec2.IVpc} vpc the vpc to use for the file system
|
|
46
|
+
* @param {types.EfsAccessPointOptions[]} accessPointOptions optional access point configuration options for the file system
|
|
47
|
+
* @param {ec2.ISecurityGroup} securityGroup optional security groups to configure for the file system
|
|
48
|
+
* @param {ec2.SubnetSelection} vpcSubnets optional subnets to configure for the file system
|
|
49
|
+
*/
|
|
50
|
+
public createFileSystem(
|
|
51
|
+
id: string,
|
|
52
|
+
scope: common.CommonConstruct,
|
|
53
|
+
props: types.EfsFileSystemProps,
|
|
54
|
+
vpc: ec2.IVpc,
|
|
55
|
+
accessPointOptions?: types.EfsAccessPointOptions[],
|
|
56
|
+
securityGroup?: ec2.ISecurityGroup,
|
|
57
|
+
vpcSubnets?: ec2.SubnetSelection
|
|
58
|
+
) {
|
|
59
|
+
if (!props) throw `EFS props undefined for ${id}`
|
|
60
|
+
|
|
61
|
+
const fileSystem = new efs.FileSystem(scope, `${id}`, {
|
|
62
|
+
...props,
|
|
63
|
+
vpc,
|
|
64
|
+
securityGroup,
|
|
65
|
+
vpcSubnets,
|
|
66
|
+
fileSystemName: props.fileSystemName ? `${props.fileSystemName}-${scope.props.stage}` : undefined,
|
|
67
|
+
lifecyclePolicy: props.lifecyclePolicy ?? efs.LifecyclePolicy.AFTER_7_DAYS,
|
|
68
|
+
performanceMode: props.performanceMode ?? efs.PerformanceMode.GENERAL_PURPOSE,
|
|
69
|
+
outOfInfrequentAccessPolicy: props.outOfInfrequentAccessPolicy ?? efs.OutOfInfrequentAccessPolicy.AFTER_1_ACCESS,
|
|
70
|
+
removalPolicy: props.removalPolicy ?? cdk.RemovalPolicy.DESTROY,
|
|
71
|
+
})
|
|
72
|
+
|
|
73
|
+
utils.createCfnOutput(`${id}-fileSystemArn`, scope, fileSystem.fileSystemArn)
|
|
74
|
+
utils.createCfnOutput(`${id}-fileSystemId`, scope, fileSystem.fileSystemId)
|
|
75
|
+
|
|
76
|
+
/* provision access points if specified */
|
|
77
|
+
if (accessPointOptions && accessPointOptions.length > 0) {
|
|
78
|
+
for (const [index, accessPointOption] of accessPointOptions.entries()) {
|
|
79
|
+
if (!accessPointOption.path) throw `Undefined access point path for option: [${accessPointOption}], id: [${id}]`
|
|
80
|
+
const accessPoint = fileSystem.addAccessPoint(`${id}-ap-${index}`, {
|
|
81
|
+
path: accessPointOption.path,
|
|
82
|
+
createAcl: accessPointOption.createAcl ?? DEFAULT_CREATE_ACL,
|
|
83
|
+
posixUser: accessPointOption.posixUser ?? DEFAULT_POSIX_USER,
|
|
84
|
+
})
|
|
85
|
+
|
|
86
|
+
utils.createCfnOutput(`${id}-accessPointArn-${index}`, scope, accessPoint.accessPointArn)
|
|
87
|
+
utils.createCfnOutput(`${id}-accessPointId-${index}`, scope, accessPoint.accessPointId)
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
return fileSystem
|
|
92
|
+
}
|
|
93
|
+
}
|
|
@@ -8,6 +8,7 @@ export * from './codebuild-manager'
|
|
|
8
8
|
export * from './dynamodb-manager'
|
|
9
9
|
export * from './ecr-manager'
|
|
10
10
|
export * from './ecs-manager'
|
|
11
|
+
export * from './efs-manager'
|
|
11
12
|
export * from './eks-manager'
|
|
12
13
|
export * from './elasticache-manager'
|
|
13
14
|
export * from './event-manager'
|
|
@@ -12,6 +12,7 @@ import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns'
|
|
|
12
12
|
import * as eks from 'aws-cdk-lib/aws-eks'
|
|
13
13
|
import * as elasticache from 'aws-cdk-lib/aws-elasticache'
|
|
14
14
|
import * as elb from 'aws-cdk-lib/aws-elasticloadbalancingv2'
|
|
15
|
+
import * as efs from 'aws-cdk-lib/aws-efs'
|
|
15
16
|
import * as events from 'aws-cdk-lib/aws-events'
|
|
16
17
|
import * as iam from 'aws-cdk-lib/aws-iam'
|
|
17
18
|
import * as kms from 'aws-cdk-lib/aws-kms'
|
|
@@ -78,6 +79,8 @@ export interface SiteWithEcsBackendProps extends CommonStackProps {
|
|
|
78
79
|
siteSubDomain: string
|
|
79
80
|
siteTask: EcsApplicationLoadBalancedFargateServiceProps
|
|
80
81
|
siteVpc: ec2.VpcProps
|
|
82
|
+
siteFileSystem?: EfsFileSystemProps
|
|
83
|
+
siteFileSystemAccessPoints?: EfsAccessPointOptions[]
|
|
81
84
|
useExistingHostedZone: boolean
|
|
82
85
|
nodeEnv: string
|
|
83
86
|
logLevel: string
|
|
@@ -625,6 +628,23 @@ export interface LogQueryWidgetProps extends watch.LogQueryWidgetProps {
|
|
|
625
628
|
positionY: number
|
|
626
629
|
}
|
|
627
630
|
|
|
631
|
+
/**
|
|
632
|
+
* @category cdk-utils.efs-manager
|
|
633
|
+
* @subcategory Properties
|
|
634
|
+
*/
|
|
635
|
+
export interface EfsFileSystemProps extends efs.FileSystemProps {
|
|
636
|
+
rootDirectory?: string
|
|
637
|
+
transitEncryption?: string
|
|
638
|
+
transitEncryptionPort?: number
|
|
639
|
+
authorizationConfig?: ecs.AuthorizationConfig
|
|
640
|
+
}
|
|
641
|
+
|
|
642
|
+
/**
|
|
643
|
+
* @category cdk-utils.efs-manager
|
|
644
|
+
* @subcategory Properties
|
|
645
|
+
*/
|
|
646
|
+
export interface EfsAccessPointOptions extends efs.AccessPointOptions {}
|
|
647
|
+
|
|
628
648
|
/**
|
|
629
649
|
* @category cdk-utils.ecs-manager
|
|
630
650
|
* @subcategory Properties
|