cdk-factory 0.18.5__tar.gz → 0.18.8__tar.gz

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: cdk_factory
-Version: 0.18.5
+Version: 0.18.8
 Summary: CDK Factory. A QuickStarter and best practices setup for CDK projects
 Author-email: Eric Wilson <eric.wilson@geekcafe.com>
 License: MIT License

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/pyproject.toml

@@ -33,7 +33,7 @@ markers = [
 [project]
 
 name = "cdk_factory"
-version = "0.18.5"
+version = "0.18.8"
 authors = [
   { name="Eric Wilson", email="eric.wilson@geekcafe.com" }
 ]

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/src/cdk_factory/interfaces/standardized_ssm_mixin.py

@@ -531,6 +531,44 @@ class StandardizedSsmMixin:
         return self._ssm_exported_values.copy()
     
     
+    def get_subnet_ids(self, config) -> List[str]:
+        """
+        Helper function to parse subnet IDs from SSM imports.
+        
+        This common pattern handles:
+        1. Comma-separated subnet ID strings from SSM
+        2. List of subnet IDs from SSM
+        3. Fallback to config attributes
+        
+        Args:
+            config: Configuration object that might have subnet_ids attribute
+            
+        Returns:
+            List of subnet IDs (empty list if not found or invalid format)
+        """
+        # Use the standardized SSM imports
+        ssm_imports = self.get_all_ssm_imports()
+        if "subnet_ids" in ssm_imports:
+            subnet_ids = ssm_imports["subnet_ids"]
+            
+            # Handle comma-separated string or list
+            if isinstance(subnet_ids, str):
+                # Split comma-separated string
+                parsed_ids = [sid.strip() for sid in subnet_ids.split(',') if sid.strip()]
+                return parsed_ids
+            elif isinstance(subnet_ids, list):
+                return subnet_ids
+            else:
+                logger.warning(f"Unexpected subnet_ids type: {type(subnet_ids)}")
+                return []
+        
+        # Fallback: Check config attributes
+        elif hasattr(config, 'subnet_ids') and config.subnet_ids:
+            return config.subnet_ids
+        
+        else:
+            logger.warning("No subnet IDs found, using default behavior")
+            return []
 
 class ValidationResult:
     """Result of configuration validation."""
@@ -614,38 +652,4 @@ class SsmStandardValidator:
         return errors
     
         
-    def parse_subnet_ids_from_ssm(self, subnet_ids_key: str = "subnet_ids") -> List[str]:
-        """
-        Helper function to parse subnet IDs from SSM imports.
-        
-        This common pattern handles:
-        1. Comma-separated subnet ID strings from SSM
-        2. List of subnet IDs from SSM
-        3. CDK Token resolution for deployment-time values
-        
-        Args:
-            subnet_ids_key: The key used for subnet IDs in SSM imports (default: "subnet_ids")
-            
-        Returns:
-            List of subnet IDs (empty list if not found or invalid format)
-        """
-        ssm_imports = self.get_all_ssm_imports()
-        
-        if subnet_ids_key not in ssm_imports:
-            logger.warning(f"No subnet IDs found in SSM imports with key: {subnet_ids_key}")
-            return []
-        
-        subnet_ids = ssm_imports[subnet_ids_key]
-        
-        # Handle comma-separated string or list
-        if isinstance(subnet_ids, str):
-            # Split comma-separated string
-            parsed_ids = [sid.strip() for sid in subnet_ids.split(',') if sid.strip()]
-            logger.info(f"Parsed {len(parsed_ids)} subnet IDs from comma-separated string")
-            return parsed_ids
-        elif isinstance(subnet_ids, list):
-            logger.info(f"Using {len(subnet_ids)} subnet IDs from list")
-            return subnet_ids
-        else:
-            logger.warning(f"Unexpected subnet_ids type: {type(subnet_ids)}")
-            return []
+    

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/src/cdk_factory/stack_library/auto_scaling/auto_scaling_stack_standardized.py

@@ -211,33 +211,12 @@ class AutoScalingStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         Get subnet IDs using standardized SSM approach.
         """
         # Primary method: Use standardized SSM imports
-        ssm_imports = self._get_ssm_imports()
-        
-        if "subnet_ids" in ssm_imports:
-            subnet_ids = ssm_imports["subnet_ids"]
-            
-            # Handle comma-separated string or list
-            if isinstance(subnet_ids, str):
-                # Split comma-separated string
-                parsed_ids = [sid.strip() for sid in subnet_ids.split(',') if sid.strip()]
-                return parsed_ids
-            elif isinstance(subnet_ids, list):
-                return subnet_ids
-            else:
-                logger.warning(f"Unexpected subnet_ids type: {type(subnet_ids)}")
-                return []
-        
-        # Fallback: Use VPC provider mixin (backward compatibility)
-        elif hasattr(self, '_get_subnets_from_provider'):
-            return self._get_subnets_from_provider()
-        
-        # Final fallback: Direct configuration
-        elif hasattr(self.asg_config, 'subnet_ids') and self.asg_config.subnet_ids:
-            return self.asg_config.subnet_ids
+        # ssm_imports = self._get_ssm_imports()
+
+        subnet_ids = self.get_subnet_ids(self.asg_config)
         
-        else:
-            logger.warning("No subnet IDs found, using default behavior")
-            return []
+        return subnet_ids
+       
 
     def _create_instance_role(self, asg_name: str) -> iam.Role:
         """Create IAM role for EC2 instances"""

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/src/cdk_factory/stack_library/load_balancer/load_balancer_stack.py

@@ -77,8 +77,18 @@ class LoadBalancerStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         )
         lb_name = deployment.build_resource_name(self.lb_config.name)
 
-        # Process SSM imports first
-        self._process_ssm_imports()
+        # Setup standardized SSM integration
+        self.setup_standardized_ssm_integration(
+            scope=self,
+            config=self.lb_config,
+            resource_type="load_balancer",
+            resource_name=self.lb_config.name,
+            deployment=deployment,
+            workload=workload
+        )
+        
+        # Process SSM imports
+        self.process_standardized_ssm_imports()
 
         self._prep_dns()
 
@@ -156,16 +166,22 @@ class LoadBalancerStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
 
         # If subnets is None, check if we have SSM-imported subnet_ids as a token
         # We need to use Fn.Split to convert the comma-separated string to an array
-        if subnets is None and "subnet_ids" in self.ssm_imported_values:
-            subnet_ids_value = self.ssm_imported_values["subnet_ids"]
-            if cdk.Token.is_unresolved(subnet_ids_value):
-                logger.info("Using Fn.Split to convert comma-separated subnet IDs token to array")
-                # Use CloudFormation escape hatch to set Subnets property with Fn.Split
-                cfn_lb = load_balancer.node.default_child
-                cfn_lb.add_property_override(
-                    "Subnets",
-                    cdk.Fn.split(",", subnet_ids_value)
-                )
+        if subnets is None:
+            subnet_ids = self.get_subnet_ids(self.lb_config)
+            if subnet_ids:
+                # For CloudFormation token resolution, we still need Fn.split
+                # but we use the helper to determine if subnet IDs are available
+                ssm_imports = self.get_all_ssm_imports()
+                if "subnet_ids" in ssm_imports:
+                    subnet_ids_value = ssm_imports["subnet_ids"]
+                    if cdk.Token.is_unresolved(subnet_ids_value):
+                        logger.info("Using Fn.Split to convert comma-separated subnet IDs token to array")
+                        # Use CloudFormation escape hatch to set Subnets property with Fn.Split
+                        cfn_lb = load_balancer.node.default_child
+                        cfn_lb.add_property_override(
+                            "Subnets",
+                            cdk.Fn.split(",", subnet_ids_value)
+                        )
 
         # Add tags
         for key, value in self.lb_config.tags.items():
@@ -261,9 +277,16 @@ class LoadBalancerStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         """Get subnets for the Load Balancer"""
         subnets = []
         
-        # Check SSM imported values first
-        if "subnet_ids" in self.ssm_imported_values:
-            subnet_ids_value = self.ssm_imported_values["subnet_ids"]
+        # Use the standardized helper function to get subnet IDs
+        subnet_ids = self.get_subnet_ids(self.lb_config)
+        
+        if not subnet_ids:
+            return None
+        
+        # Check if we have unresolved tokens from SSM
+        ssm_imports = self.get_all_ssm_imports()
+        if "subnet_ids" in ssm_imports:
+            subnet_ids_value = ssm_imports["subnet_ids"]
             
             # Check if this is a CDK token (unresolved SSM parameter)
             if cdk.Token.is_unresolved(subnet_ids_value):
@@ -272,19 +295,8 @@ class LoadBalancerStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
                 # The ALB construct will handle the token-based subnet IDs
                 logger.info("Subnet IDs are unresolved tokens, will use vpc_subnets with token resolution")
                 return None
-            elif isinstance(subnet_ids_value, str):
-                # If it's a resolved string, split it
-                subnet_ids = [s.strip() for s in subnet_ids_value.split(',')]
-            elif isinstance(subnet_ids_value, list):
-                subnet_ids = subnet_ids_value
-            else:
-                subnet_ids = [subnet_ids_value]
-        else:
-            subnet_ids = self.lb_config.subnets
-        
-        if not subnet_ids:
-            return None
             
+        # Convert subnet IDs to subnet objects
         for idx, subnet_id in enumerate(subnet_ids):
             subnets.append(
                 ec2.Subnet.from_subnet_id(self, f"Subnet-{idx}", subnet_id)
@@ -373,6 +385,11 @@ class LoadBalancerStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
                 if protocol.upper() == "HTTPS":
                     certificates = self._get_certificates()
 
+                if not certificates and protocol.upper() == "HTTPS":
+                    message = "No certificates found for HTTPS listener. Please attach a certificate or create a certificate stack."
+                    logger.warning(message)
+                    raise ValueError(message)
+
                 listener = elbv2.ApplicationListener(
                     self,
                     listener_id,
@@ -425,8 +442,9 @@ class LoadBalancerStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         certificates = []
         
         # Check SSM imported values first (takes priority)
-        if "certificate_arns" in self.ssm_imported_values:
-            cert_arns = self.ssm_imported_values["certificate_arns"]
+        ssm_imports = self.get_all_ssm_imports()
+        if "certificate_arns" in ssm_imports:
+            cert_arns = ssm_imports["certificate_arns"]
             if not isinstance(cert_arns, list):
                 cert_arns = [cert_arns]
             for cert_arn in cert_arns:

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/src/cdk_factory/stack_library/rds/rds_stack.py

@@ -69,8 +69,18 @@ class RdsStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         self.rds_config = RdsConfig(stack_config.dictionary.get("rds", {}), deployment)
         db_name = deployment.build_resource_name(self.rds_config.name)
 
-        # Process SSM imports first
-        self._process_ssm_imports()
+        # Setup standardized SSM integration
+        self.setup_standardized_ssm_integration(
+            scope=self,
+            config=self.rds_config,
+            resource_type="rds",
+            resource_name=self.rds_config.name,
+            deployment=deployment,
+            workload=workload
+        )
+        
+        # Process SSM imports
+        self.process_standardized_ssm_imports()
 
         # Get VPC and security groups
         self.security_groups = self._get_security_groups()
@@ -87,40 +97,13 @@ class RdsStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         # Export to SSM Parameter Store
         self._export_ssm_parameters(db_name)
 
-    def _process_ssm_imports(self) -> None:
-        """Process SSM imports from configuration"""
-        ssm_imports = self.rds_config.ssm_imports
-        
-        if not ssm_imports:
-            logger.debug("No SSM imports configured for RDS")
-            return
-        
-        logger.info(f"Processing {len(ssm_imports)} SSM imports for RDS")
-        
-        for param_key, param_path in ssm_imports.items():
-            try:
-                if not param_path.startswith('/'):
-                    param_path = f"/{param_path}"
-                
-                construct_id = f"ssm-import-{param_key}-{hash(param_path) % 10000}"
-                param = ssm.StringParameter.from_string_parameter_name(
-                    self, construct_id, param_path
-                )
-                
-                self.ssm_imported_values[param_key] = param.string_value
-                logger.info(f"Imported SSM parameter: {param_key} from {param_path}")
-                
-            except Exception as e:
-                logger.error(f"Failed to import SSM parameter {param_key} from {param_path}: {e}")
-                raise
-
     @property
     def vpc(self) -> ec2.IVpc:
         """Get the VPC for the RDS instance using centralized VPC provider mixin."""
-        if self._vpc:
+        if hasattr(self, '_vpc') and self._vpc:
             return self._vpc
         
-        # Use the centralized VPC resolution from VPCProviderMixin
+        # Resolve VPC using the centralized VPC provider mixin
         self._vpc = self.resolve_vpc(
             config=self.rds_config,
             deployment=self.deployment,
@@ -133,8 +116,9 @@ class RdsStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         security_groups = []
         
         # Check SSM imports first for security group ID
-        if "security_group_rds_id" in self.ssm_imported_values:
-            sg_id = self.ssm_imported_values["security_group_rds_id"]
+        ssm_imports = self.get_all_ssm_imports()
+        if "security_group_rds_id" in ssm_imports:
+            sg_id = ssm_imports["security_group_rds_id"]
             security_groups.append(
                 ec2.SecurityGroup.from_security_group_id(
                     self, "RDSSecurityGroup", sg_id
@@ -151,27 +135,60 @@ class RdsStack(IStack, VPCProviderMixin, StandardizedSsmMixin):
         
         return security_groups
 
+    def _get_subnet_selection(self) -> ec2.SubnetSelection:
+        """
+        Get subnet selection based on available subnet types in the VPC.
+        
+        RDS instances require private subnets for security, but we'll fall back
+        to available subnets if the preferred types aren't available.
+        """
+        vpc = self.vpc
+        
+        # Check for isolated subnets first (most secure for RDS)
+        if vpc.isolated_subnets:
+            logger.info("Using isolated subnets for RDS instance")
+            return ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_ISOLATED)
+        
+        # Check for private subnets next
+        elif vpc.private_subnets:
+            logger.info("Using private subnets for RDS instance")
+            return ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_WITH_EGRESS)
+        
+        # Fall back to public subnets (not recommended for production)
+        elif vpc.public_subnets:
+            logger.warning("Using public subnets for RDS instance - not recommended for production")
+            return ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC)
+        
+        else:
+            raise ValueError("No subnets available in VPC for RDS instance")
+
     def _create_db_instance(self, db_name: str) -> rds.DatabaseInstance:
         """Create a new RDS instance"""
         # Configure subnet group
         # If we have subnet IDs from SSM, create a DB subnet group explicitly
         db_subnet_group = None
-        if "subnet_ids" in self.ssm_imported_values:
-            subnet_ids_str = self.ssm_imported_values["subnet_ids"]
-            # Split the comma-separated token into a list
-            subnet_ids_list = cdk.Fn.split(",", subnet_ids_str)
-            
-            # Create DB subnet group with the token-based subnet list
-            db_subnet_group = rds.CfnDBSubnetGroup(
-                self,
-                "DBSubnetGroup",
-                db_subnet_group_description=f"Subnet group for {db_name}",
-                subnet_ids=subnet_ids_list,
-                db_subnet_group_name=f"{db_name}-subnet-group"
-            )
+        subnet_ids = self.get_subnet_ids(self.rds_config)
+        
+        if subnet_ids:
+            # For CloudFormation token resolution, we need to get the raw SSM value
+            # Use the standardized SSM imports
+            ssm_imports = self.get_all_ssm_imports()
+            if "subnet_ids" in ssm_imports:
+                subnet_ids_str = ssm_imports["subnet_ids"]
+                # Split the comma-separated token into a list for CloudFormation
+                subnet_ids_list = cdk.Fn.split(",", subnet_ids_str)
+                
+                # Create DB subnet group with the token-based subnet list
+                db_subnet_group = rds.CfnDBSubnetGroup(
+                    self,
+                    "DBSubnetGroup",
+                    db_subnet_group_description=f"Subnet group for {db_name}",
+                    subnet_ids=subnet_ids_list,
+                    db_subnet_group_name=f"{db_name}-subnet-group"
+                )
         
         # Configure subnet selection for VPC (when not using SSM imports)
-        subnets = None if db_subnet_group else ec2.SubnetSelection(subnet_type=ec2.SubnetType.PRIVATE_ISOLATED)
+        subnets = None if db_subnet_group else self._get_subnet_selection()
 
         # Configure engine
         engine_version = None

{cdk_factory-0.18.5 → cdk_factory-0.18.8}/src/cdk_factory/stack_library/websites/static_website_stack.py

@@ -225,7 +225,7 @@ class StaticWebSiteStack(IStack):
             bucket: The S3 bucket
             cloudfront_distribution: The CloudFront distribution construct
         """
-        ssm_exports = stack_config.dictionary.get("ssm_exports", {})
+        ssm_exports = stack_config.dictionary.get("ssm", {}).get("exports", {})
         
         if not ssm_exports:
             logger.debug("No SSM exports configured for this stack")

cdk_factory-0.18.8/src/cdk_factory/version.py

@@ -0,0 +1 @@
+__version__ = "0.18.8"