PyPI - cdk-factory - Versions diffs - 0.15.12__py3-none-any.whl → 0.15.14__py3-none-any.whl - Mend

cdk-factory 0.15.12py3-none-any.whl → 0.15.14py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of cdk-factory might be problematic. Click here for more details.

Files changed (7) hide show

cdk_factory/configurations/resources/rds.py CHANGED Viewed

@@ -5,12 +5,15 @@ MIT License. See Project Root for license information.
 """
 import re
-from typing import Any, Dict, List, Optional
+from typing import Any, Dict, List, Optional, Tuple, Literal
 from aws_lambda_powertools import Logger
 from cdk_factory.configurations.enhanced_base_config import EnhancedBaseConfig
 logger = Logger(service="RdsConfig")
+# Supported RDS engines
+Engine = Literal["mysql", "mariadb", "postgres", "aurora-mysql", "aurora-postgres", "sqlserver", "oracle"]
 class RdsConfig(EnhancedBaseConfig):
     """
@@ -27,6 +30,74 @@ class RdsConfig(EnhancedBaseConfig):
     def name(self) -> str:
         """RDS instance name"""
         return self.__config.get("name", "database")
+    @property
+    def identifier(self) -> str:
+        """RDS DB instance identifier (sanitized)"""
+        raw_id = self.__config.get("identifier", self.name)
+        return self._sanitize_instance_identifier(raw_id)
+    def _sanitize_instance_identifier(self, identifier: str) -> str:
+        """
+        Sanitize DB instance identifier to meet RDS requirements:
+        - 1-63 chars, lowercase letters/digits/hyphen
+        - Must start with letter, can't end with hyphen, no consecutive hyphens
+        """
+        if not identifier:
+            raise ValueError("Instance identifier cannot be empty")
+        sanitized, notes = self._sanitize_instance_identifier_impl(identifier)
+        if notes:
+            logger.info(f"Sanitized instance identifier from '{identifier}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_instance_identifier_impl(self, identifier: str) -> Tuple[str, List[str]]:
+        """
+        DB instance identifier rules (all engines):
+        - 1-63 chars, lowercase letters/digits/hyphen
+        - Must start with letter
+        - Can't end with hyphen
+        - No consecutive hyphens (--)
+        """
+        notes: List[str] = []
+        s = identifier.lower()
+        # Keep only lowercase letters, digits, hyphen
+        s_clean = re.sub(r"[^a-z0-9-]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters (only a-z, 0-9, '-' allowed)")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Instance identifier '{identifier}' contains no valid characters")
+        # Must start with letter
+        if not re.match(r"^[a-z]", s):
+            s = f"db{s}"
+            notes.append("prefixed with 'db' to start with a letter")
+        # Collapse consecutive hyphens
+        s_collapsed = re.sub(r"-{2,}", "-", s)
+        if s_collapsed != s:
+            s = s_collapsed
+            notes.append("collapsed consecutive hyphens")
+        # Can't end with hyphen
+        if s.endswith("-"):
+            s = s.rstrip("-")
+            notes.append("removed trailing hyphen")
+        # Truncate to 63 characters
+        if len(s) > 63:
+            s = s[:63]
+            # Make sure we didn't truncate to a trailing hyphen
+            if s.endswith("-"):
+                s = s.rstrip("-")
+            notes.append("truncated to 63 characters")
+        return s, notes
     @property
     def engine(self) -> str:
@@ -109,8 +180,37 @@ class RdsConfig(EnhancedBaseConfig):
     @property
     def cloudwatch_logs_exports(self) -> List[str]:
-        """Log types to export to CloudWatch"""
-        return self.__config.get("cloudwatch_logs_exports", ["postgresql"])
+        """
+        Log types to export to CloudWatch (engine-specific).
+        Returns configured log types or engine-specific defaults.
+        """
+        # If explicitly configured, use that
+        if "cloudwatch_logs_exports" in self.__config:
+            return self.__config["cloudwatch_logs_exports"]
+        # Otherwise, return engine-specific defaults
+        engine = self.engine.lower()
+        # MySQL / MariaDB
+        if engine in ("mysql", "mariadb", "aurora-mysql"):
+            return ["error", "general", "slowquery"]
+        # PostgreSQL
+        elif engine in ("postgres", "postgresql", "aurora-postgres", "aurora-postgresql"):
+            return ["postgresql"]
+        # SQL Server
+        elif engine in ("sqlserver", "sqlserver-ee", "sqlserver-se", "sqlserver-ex", "sqlserver-web"):
+            return ["error", "agent"]
+        # Oracle
+        elif engine in ("oracle", "oracle-ee", "oracle-se2", "oracle-se1"):
+            return ["alert", "audit", "trace"]
+        # Default to empty list for unknown engines (safer than guessing)
+        else:
+            logger.warning(f"Unknown engine '{engine}', disabling CloudWatch logs exports by default")
+            return []
     @property
     def removal_policy(self) -> str:
@@ -155,10 +255,8 @@ class RdsConfig(EnhancedBaseConfig):
     def _sanitize_database_name(self, name: str) -> str:
         """
-        Sanitize database name to meet RDS requirements:
-        - Must begin with a letter (a-z, A-Z)
-        - Can contain alphanumeric characters and underscores
-        - Max 64 characters
+        Sanitize database name to meet RDS requirements (engine-specific).
+        Implements rules from RDS documentation for each engine type.
         Args:
             name: Raw database name from config
@@ -167,41 +265,89 @@ class RdsConfig(EnhancedBaseConfig):
             Sanitized database name
         Raises:
-            ValueError: If name starts with a number or is empty after sanitization
+            ValueError: If name cannot be sanitized to meet requirements
         """
         if not name:
             raise ValueError("Database name cannot be empty")
-        # Replace hyphens with underscores, remove other invalid chars
-        sanitized = name.replace('-', '_')
-        sanitized = re.sub(r'[^a-zA-Z0-9_]', '', sanitized)
+        engine = self.engine.lower()
+        sanitized, notes = self._sanitize_db_name_impl(engine, name)
-        if not sanitized:
-            raise ValueError(f"Database name '{name}' contains no valid characters")
+        if notes:
+            logger.info(f"Sanitized database name from '{name}' to '{sanitized}': {', '.join(notes)}")
-        # Check if it starts with a number
-        if sanitized[0].isdigit():
-            raise ValueError(
-                f"Database name '{name}' (sanitized to '{sanitized}') cannot start with a number. "
-                f"Please ensure the database name begins with a letter."
-            )
+        return sanitized
+    def _sanitize_db_name_impl(self, engine: str, name: str) -> Tuple[str, List[str]]:
+        """
+        Engine-specific database name sanitization.
+        Based on AWS RDS naming requirements:
+        - MySQL/MariaDB: 1-64 chars, start with letter, letters/digits/underscore
+        - PostgreSQL: 1-63 chars, start with letter, letters/digits/underscore
+        - SQL Server: 1-128 chars, start with letter, letters/digits/underscore
+        - Oracle: 1-8 chars (SID), alphanumeric only, start with letter
+        """
+        notes: List[str] = []
-        # Truncate to 64 characters if needed
-        if len(sanitized) > 64:
-            sanitized = sanitized[:64]
+        # Determine engine-specific limits
+        if engine in ("mysql", "mariadb", "aurora-mysql"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 64
+        elif engine in ("postgres", "postgresql", "aurora-postgres", "aurora-postgresql"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 63
+        elif engine in ("sqlserver", "sqlserver-ee", "sqlserver-se", "sqlserver-ex", "sqlserver-web"):
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 128
+        elif engine in ("oracle", "oracle-ee", "oracle-se2", "oracle-se1"):
+            allowed_chars = r"A-Za-z0-9"  # No underscore for Oracle SID
+            max_len = 8
+        else:
+            # Default to conservative rules
+            allowed_chars = r"A-Za-z0-9_"
+            max_len = 64
+            notes.append(f"unknown engine '{engine}', using default MySQL rules")
-        # Log if sanitization changed the name
-        if sanitized != name:
-            logger.info(f"Sanitized database name from '{name}' to '{sanitized}'")
+        # Replace hyphens with underscores (except Oracle which doesn't allow underscores)
+        s = name
+        if "oracle" not in engine:
+            s = s.replace("-", "_")
+            if "_" in name and "-" in name:
+                notes.append("replaced hyphens with underscores")
-        return sanitized
+        # Strip disallowed characters
+        s_clean = re.sub(f"[^{allowed_chars}]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters")
+        s = s_clean
+        if not s:
+            raise ValueError(f"Database name '{name}' contains no valid characters after sanitization")
+        # Must start with a letter
+        if not re.match(r"^[A-Za-z]", s):
+            s = f"db{s}"
+            notes.append("prefixed with 'db' to start with a letter")
+        # Truncate to max length
+        if len(s) > max_len:
+            s = s[:max_len]
+            notes.append(f"truncated to {max_len} characters")
+        # SQL Server: can't start with 'rdsadmin'
+        if "sqlserver" in engine and s.lower().startswith("rdsadmin"):
+            s = f"db_{s}"
+            notes.append("prefixed to avoid 'rdsadmin' (SQL Server restriction)")
+        return s, notes
     def _sanitize_username(self, username: str) -> str:
         """
-        Sanitize username to meet RDS requirements:
+        Sanitize master username to meet RDS requirements:
         - Must begin with a letter (a-z, A-Z)
         - Can contain alphanumeric characters and underscores
-        - Max 16 characters for MySQL
+        - Max 16 characters (AWS RDS master username limit)
+        - Cannot be a reserved word
         Args:
             username: Raw username from config
@@ -215,26 +361,51 @@ class RdsConfig(EnhancedBaseConfig):
         if not username:
             raise ValueError("Username cannot be empty")
+        sanitized, notes = self._sanitize_master_username_impl(username)
+        if notes:
+            logger.info(f"Sanitized username from '{username}' to '{sanitized}': {', '.join(notes)}")
+        return sanitized
+    def _sanitize_master_username_impl(self, username: str) -> Tuple[str, List[str]]:
+        """
+        Sanitize master username according to AWS RDS rules:
+        - 1-16 characters
+        - Start with a letter
+        - Letters, digits, underscore only
+        - Not a reserved word
+        """
+        notes: List[str] = []
+        s = username
         # Replace hyphens with underscores, remove other invalid chars
-        sanitized = username.replace('-', '_')
-        sanitized = re.sub(r'[^a-zA-Z0-9_]', '', sanitized)
+        s = s.replace("-", "_")
+        s_clean = re.sub(r"[^A-Za-z0-9_]", "", s)
+        if s_clean != s:
+            notes.append("removed invalid characters")
+        s = s_clean
-        if not sanitized:
-            raise ValueError(f"Username '{username}' contains no valid characters")
+        if not s:
+            raise ValueError(f"Username '{username}' contains no valid characters after sanitization")
-        # Check if it starts with a number
-        if sanitized[0].isdigit():
-            raise ValueError(
-                f"Username '{username}' (sanitized to '{sanitized}') cannot start with a number. "
-                f"Please ensure the username begins with a letter."
-            )
+        # Must start with a letter
+        if not re.match(r"^[A-Za-z]", s):
+            s = f"user{s}"
+            notes.append("prefixed with 'user' to start with a letter")
-        # Truncate to 16 characters for MySQL (other engines may vary)
-        if len(sanitized) > 16:
-            sanitized = sanitized[:16]
+        # Truncate to 16 characters
+        if len(s) > 16:
+            s = s[:16]
+            notes.append("truncated to 16 characters")
-        # Log if sanitization changed the username
-        if sanitized != username:
-            logger.info(f"Sanitized username from '{username}' to '{sanitized}'")
+        # Check against common reserved words
+        reserved = {"postgres", "mysql", "root", "admin", "rdsadmin", "system", "sa", "user"}
+        if s.lower() in reserved:
+            s = f"{s}_usr"
+            # Re-truncate if needed after adding suffix
+            if len(s) > 16:
+                s = s[:16]
+            notes.append("appended '_usr' to avoid reserved username")
-        return sanitized
+        return s, notes

cdk_factory/version.py CHANGED Viewed

	@@ -1 +1 @@
1	- __version__ = "0.15.12"
1	+ __version__ = "0.15.14"

{cdk_factory-0.15.12.dist-info → cdk_factory-0.15.14.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cdk_factory
-Version: 0.15.12
+Version: 0.15.14
 Summary: CDK Factory. A QuickStarter and best practices setup for CDK projects
 Author-email: Eric Wilson <eric.wilson@geekcafe.com>
 License: MIT License

{cdk_factory-0.15.12.dist-info → cdk_factory-0.15.14.dist-info}/RECORD RENAMED Viewed

@@ -2,7 +2,7 @@ cdk_factory/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 cdk_factory/app.py,sha256=RnX0-pwdTAPAdKJK_j13Zl8anf9zYKBwboR0KA8K8xM,10346
 cdk_factory/cdk.json,sha256=SKZKhJ2PBpFH78j-F8S3VDYW-lf76--Q2I3ON-ZIQfw,3106
 cdk_factory/cli.py,sha256=FGbCTS5dYCNsfp-etshzvFlGDCjC28r6rtzYbe7KoHI,6407
-cdk_factory/version.py,sha256=uhKEhmOyw-8a1XvaAZVr11Ygw-f1noUzBbHqYnFKzHE,24
+cdk_factory/version.py,sha256=twn0Vrxaz4hLyeNEgJYUkN06H8sXuoxF6BpefwWSUTU,24
 cdk_factory/builds/README.md,sha256=9BBWd7bXpyKdMU_g2UljhQwrC9i5O_Tvkb6oPvndoZk,90
 cdk_factory/commands/command_loader.py,sha256=QbLquuP_AdxtlxlDy-2IWCQ6D-7qa58aphnDPtp_uTs,3744
 cdk_factory/configurations/base_config.py,sha256=JKjhNsy0RCUZy1s8n5D_aXXI-upR9izaLtCTfKYiV9k,9624
@@ -38,7 +38,7 @@ cdk_factory/configurations/resources/lambda_layers.py,sha256=gVeP_-LC3Eq0lkPaG_J
 cdk_factory/configurations/resources/lambda_triggers.py,sha256=MD7cdMNKEulNBhtMLIFnWJuJ5R-yyIqa0LHUgbSQerA,834
 cdk_factory/configurations/resources/load_balancer.py,sha256=idpKdvkkCM7J9J2pNjMBOY1DNaFR1tk1tFjTg76bvrY,5267
 cdk_factory/configurations/resources/monitoring.py,sha256=zsfDMa7yph33Ql8iP7lIqqLAyixh-Mesi0imtZJFdcE,2310
-cdk_factory/configurations/resources/rds.py,sha256=IQyi5UFf3LEWgkp71XHkjdedqW-PWS2UvpjXJpp7df0,8557
+cdk_factory/configurations/resources/rds.py,sha256=33I1gIbUcTRoJta3E5oYO5z8L09zyohP-0JMpZ7gP7c,15139
 cdk_factory/configurations/resources/resource_mapping.py,sha256=cwv3n63RJ6E59ErsmSTdkW4i-g8huhHtKI0ExbRhJxA,2182
 cdk_factory/configurations/resources/resource_naming.py,sha256=VE9S2cpzp11qqPL2z1sX79wXH0o1SntO2OG74nEmWC8,5508
 cdk_factory/configurations/resources/resource_types.py,sha256=1WQHyDoErb-M-tETZZzyLDtbq_jdC85-I403dM48pgE,2317
@@ -129,8 +129,8 @@ cdk_factory/utilities/lambda_function_utilities.py,sha256=S1GvBsY_q2cyUiaud3HORJ
 cdk_factory/utilities/os_execute.py,sha256=5Op0LY_8Y-pUm04y1k8MTpNrmQvcLmQHPQITEP7EuSU,1019
 cdk_factory/utils/api_gateway_utilities.py,sha256=If7Xu5s_UxmuV-kL3JkXxPLBdSVUKoLtohm0IUFoiV8,4378
 cdk_factory/workload/workload_factory.py,sha256=yDI3cRhVI5ELNDcJPLpk9UY54Uind1xQoV3spzT4z7E,6068
-cdk_factory-0.15.12.dist-info/METADATA,sha256=krTwolq-UXam3vFCtadV1i4DPAOsprJnhuNlsRWacik,2452
-cdk_factory-0.15.12.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-cdk_factory-0.15.12.dist-info/entry_points.txt,sha256=S1DPe0ORcdiwEALMN_WIo3UQrW_g4YdQCLEsc_b0Swg,53
-cdk_factory-0.15.12.dist-info/licenses/LICENSE,sha256=NOtdOeLwg2il_XBJdXUPFPX8JlV4dqTdDGAd2-khxT8,1066
-cdk_factory-0.15.12.dist-info/RECORD,,
+cdk_factory-0.15.14.dist-info/METADATA,sha256=NNJ-nWleMOzgaod0J5zr4g2icglqJte9Dc2jRWQP5Kw,2452
+cdk_factory-0.15.14.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+cdk_factory-0.15.14.dist-info/entry_points.txt,sha256=S1DPe0ORcdiwEALMN_WIo3UQrW_g4YdQCLEsc_b0Swg,53
+cdk_factory-0.15.14.dist-info/licenses/LICENSE,sha256=NOtdOeLwg2il_XBJdXUPFPX8JlV4dqTdDGAd2-khxT8,1066
+cdk_factory-0.15.14.dist-info/RECORD,,

{cdk_factory-0.15.12.dist-info → cdk_factory-0.15.14.dist-info}/WHEEL RENAMED Viewed

File without changes

{cdk_factory-0.15.12.dist-info → cdk_factory-0.15.14.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{cdk_factory-0.15.12.dist-info → cdk_factory-0.15.14.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

cdk-factory 0.15.12__py3-none-any.whl → 0.15.14__py3-none-any.whl

Potentially problematic release.

cdk-factory 0.15.12py3-none-any.whl → 0.15.14py3-none-any.whl