1 | "use strict";
|
2 | Object.defineProperty(exports, "__esModule", { value: true });
|
3 | const ResourceConstants_1 = require("./ResourceConstants");
|
4 | const dataSource_1 = require("cloudform-types/types/appSync/dataSource");
|
5 | const iam_1 = require("cloudform-types/types/iam");
|
6 | const cloudform_1 = require("cloudform");
|
7 | const RelationalDBResolverGenerator_1 = require("./RelationalDBResolverGenerator");
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 | class RelationalDBTemplateGenerator {
|
16 | constructor(context) {
|
17 | this.context = context;
|
18 | }
|
19 | |
20 |
|
21 |
|
22 |
|
23 |
|
24 |
|
25 | createTemplate(context) {
|
26 | const template = {
|
27 | AWSTemplateFormatVersion: "2010-09-09",
|
28 | Parameters: this.makeParameters(this.context.databaseName),
|
29 | Resources: {
|
30 | [ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseDataSource]: this.makeRelationalDataSource(context),
|
31 | [ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseAccessRole]: this.makeIAMDataSourceRole()
|
32 | }
|
33 | };
|
34 | return template;
|
35 | }
|
36 | |
37 |
|
38 |
|
39 |
|
40 |
|
41 |
|
42 |
|
43 | addRelationalResolvers(template, resolverFilePath) {
|
44 | let resolverGenerator = new RelationalDBResolverGenerator_1.default(this.context);
|
45 | template.Resources = Object.assign({}, template.Resources, resolverGenerator.createRelationalResolvers(resolverFilePath));
|
46 | return template;
|
47 | }
|
48 | |
49 |
|
50 |
|
51 |
|
52 |
|
53 |
|
54 | printCloudformationTemplate(template) {
|
55 | return cloudform_1.default(template);
|
56 | }
|
57 | |
58 |
|
59 |
|
60 | |
61 |
|
62 |
|
63 |
|
64 |
|
65 |
|
66 | makeParameters(databaseName) {
|
67 | return {
|
68 | [ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiName]: new cloudform_1.StringParameter({
|
69 | Description: `The name of the AppSync API generated from database ${databaseName}`,
|
70 | Default: `AppSyncSimpleTransform`
|
71 | }),
|
72 | [ResourceConstants_1.ResourceConstants.PARAMETERS.Env]: new cloudform_1.StringParameter({
|
73 | Description: 'The environment name. e.g. Dev, Test, or Production',
|
74 | Default: 'NONE'
|
75 | }),
|
76 | [ResourceConstants_1.ResourceConstants.PARAMETERS.S3DeploymentBucket]: new cloudform_1.StringParameter({
|
77 | Description: 'The S3 bucket containing all deployment assets for the project.'
|
78 | }),
|
79 | [ResourceConstants_1.ResourceConstants.PARAMETERS.S3DeploymentRootKey]: new cloudform_1.StringParameter({
|
80 | Description: 'An S3 key relative to the S3DeploymentBucket that points to the root of the deployment directory.'
|
81 | }),
|
82 | [ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiId]: new cloudform_1.StringParameter({
|
83 | Description: 'The id of the AppSync API associated with this project.'
|
84 | }),
|
85 | [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsRegion]: new cloudform_1.StringParameter({
|
86 | Description: 'The region that the RDS Cluster is located in.'
|
87 | }),
|
88 | [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsClusterIdentifier]: new cloudform_1.StringParameter({
|
89 | Description: 'The ARN identifier denoting the RDS cluster.'
|
90 | }),
|
91 | [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsSecretStoreArn]: new cloudform_1.StringParameter({
|
92 | Description: 'The ARN for the Secret containing the access for the RDS cluster.'
|
93 | }),
|
94 | [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsDatabaseName]: new cloudform_1.StringParameter({
|
95 | Description: 'The name of the database within the RDS cluster to use.'
|
96 | })
|
97 | };
|
98 | }
|
99 | |
100 |
|
101 |
|
102 | |
103 |
|
104 |
|
105 |
|
106 |
|
107 | makeIAMDataSourceRole() {
|
108 | return new iam_1.default.Role({
|
109 | RoleName: cloudform_1.Fn.Join('-', [
|
110 | 'role',
|
111 | cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiId),
|
112 | cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.Env)
|
113 | ]),
|
114 | AssumeRolePolicyDocument: {
|
115 | Version: '2012-10-17',
|
116 | Statement: [
|
117 | {
|
118 | Effect: 'Allow',
|
119 | Principal: {
|
120 | Service: 'appsync.amazonaws.com'
|
121 | },
|
122 | Action: 'sts:AssumeRole'
|
123 | }
|
124 | ]
|
125 | },
|
126 | Policies: [
|
127 | new iam_1.default.Role.Policy({
|
128 | PolicyName: 'RelationalDatabaseAccessPolicy',
|
129 | PolicyDocument: {
|
130 | Version: '2012-10-17',
|
131 | Statement: [
|
132 | {
|
133 | Effect: 'Allow',
|
134 | Action: [
|
135 | 'rds-data:ExecuteSql',
|
136 | 'rds-data:DeleteItems',
|
137 | 'rds-data:GetItems',
|
138 | 'rds-data:InsertItems',
|
139 | 'rds-data:UpdateItems'
|
140 | ],
|
141 | Resource: [
|
142 | cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsClusterIdentifier)
|
143 | ]
|
144 | },
|
145 | {
|
146 | Effect: 'Allow',
|
147 | Action: [
|
148 | 'secretsmanager:GetSecretValue'
|
149 | ],
|
150 | Resource: [
|
151 | cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsSecretStoreArn)
|
152 | ]
|
153 | }
|
154 | ]
|
155 | }
|
156 | })
|
157 | ]
|
158 | });
|
159 | }
|
160 | |
161 |
|
162 |
|
163 |
|
164 |
|
165 |
|
166 | makeRelationalDataSource(cliContext) {
|
167 | return new dataSource_1.default({
|
168 | Type: 'RELATIONAL_DATABASE',
|
169 | Name: `${this.context.databaseName}_rds_DataSource`,
|
170 | Description: `RDS Data Source Provisioned for ${this.context.databaseName}`,
|
171 | ApiId: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiId),
|
172 | ServiceRoleArn: cloudform_1.Fn.GetAtt(ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseAccessRole, 'Arn'),
|
173 | RelationalDatabaseConfig: {
|
174 | RelationalDatabaseSourceType: 'RDS_HTTP_ENDPOINT',
|
175 | RdsHttpEndpointConfig: {
|
176 | AwsRegion: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsRegion),
|
177 | DbClusterIdentifier: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsClusterIdentifier),
|
178 | DatabaseName: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsDatabaseName),
|
179 | Schema: this.context.databaseSchema,
|
180 | AwsSecretStoreArn: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsSecretStoreArn)
|
181 | }
|
182 | }
|
183 | }).dependsOn([ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseAccessRole]);
|
184 | }
|
185 | }
|
186 | exports.default = RelationalDBTemplateGenerator;
|
187 |
|
\ | No newline at end of file |