graphql-relational-schema-transformer/lib/RelationalDBTemplateGenerator.js

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
const ResourceConstants_1 = require("./ResourceConstants");
const dataSource_1 = require("cloudform-types/types/appSync/dataSource");
const iam_1 = require("cloudform-types/types/iam");
const cloudform_1 = require("cloudform");
const RelationalDBResolverGenerator_1 = require("./RelationalDBResolverGenerator");
/**
 * This is the Class responsible for generating and managing the CloudForm template
 * provided a TemplateContext object, which is generated by the RelationalDBSchemaTransformer.
 *
 * It will generate the basic CloudForm template needed for getting the AppSync API and
 * RDS DataSource provisioned. It also allows for adding the CRUDL+Q Resolvers upon need.
 */
class RelationalDBTemplateGenerator {
    constructor(context) {
        this.context = context;
    }
    /**
     * Creates and returns the basic Cloudform template needed for setting
     * up an AppSync API pointing at the RDS DataSource.
     *
     * @returns the created CloudFormation template.
     */
    createTemplate(context) {
        const template = {
            AWSTemplateFormatVersion: "2010-09-09",
            Parameters: this.makeParameters(this.context.databaseName),
            Resources: {
                [ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseDataSource]: this.makeRelationalDataSource(context),
                [ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseAccessRole]: this.makeIAMDataSourceRole()
            }
        };
        return template;
    }
    /**
     * Provided a Cloudform Template, this method adds Resolver Resources to the
     * Template.
     *
     * @param template - the Cloudform template
     * @returns the given template, updated with new resolvers.
     */
    addRelationalResolvers(template, resolverFilePath) {
        let resolverGenerator = new RelationalDBResolverGenerator_1.default(this.context);
        template.Resources = Object.assign({}, template.Resources, resolverGenerator.createRelationalResolvers(resolverFilePath));
        return template;
    }
    /**
     * Provided a Cloudform Template, this method returns the cfn json template as a string
     *
     * @param template - the Cloudform template
     * @returns the json, string form of the template given.
     */
    printCloudformationTemplate(template) {
        return cloudform_1.default(template);
    }
    /*
     * Private Helper Methods for Generating the Necessary CFN Specs for the CFN Template
     */
    /**
     * Creates any Parmaters needed for the CFN Template
     *
     * @param databaseName - the name of the database being parsed.
     * @returns the parameters for the template.
     */
    makeParameters(databaseName) {
        return {
            [ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiName]: new cloudform_1.StringParameter({
                Description: `The name of the AppSync API generated from database ${databaseName}`,
                Default: `AppSyncSimpleTransform`
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.Env]: new cloudform_1.StringParameter({
                Description: 'The environment name. e.g. Dev, Test, or Production',
                Default: 'NONE'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.S3DeploymentBucket]: new cloudform_1.StringParameter({
                Description: 'The S3 bucket containing all deployment assets for the project.'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.S3DeploymentRootKey]: new cloudform_1.StringParameter({
                Description: 'An S3 key relative to the S3DeploymentBucket that points to the root of the deployment directory.'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiId]: new cloudform_1.StringParameter({
                Description: 'The id of the AppSync API associated with this project.'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsRegion]: new cloudform_1.StringParameter({
                Description: 'The region that the RDS Cluster is located in.'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsClusterIdentifier]: new cloudform_1.StringParameter({
                Description: 'The ARN identifier denoting the RDS cluster.'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsSecretStoreArn]: new cloudform_1.StringParameter({
                Description: 'The ARN for the Secret containing the access for the RDS cluster.'
            }),
            [ResourceConstants_1.ResourceConstants.PARAMETERS.rdsDatabaseName]: new cloudform_1.StringParameter({
                Description: 'The name of the database within the RDS cluster to use.'
            })
        };
    }
    /*
     * Resources
     */
    /**
     * Creates the IAM Role CFN Spec to allow AppSync to interact with the RDS cluster
     *
     * @returns the IAM role CloudFormation resource.
     */
    makeIAMDataSourceRole() {
        return new iam_1.default.Role({
            RoleName: cloudform_1.Fn.Join('-', [
                'role',
                cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiId),
                cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.Env)
            ]),
            AssumeRolePolicyDocument: {
                Version: '2012-10-17',
                Statement: [
                    {
                        Effect: 'Allow',
                        Principal: {
                            Service: 'appsync.amazonaws.com'
                        },
                        Action: 'sts:AssumeRole'
                    }
                ]
            },
            Policies: [
                new iam_1.default.Role.Policy({
                    PolicyName: 'RelationalDatabaseAccessPolicy',
                    PolicyDocument: {
                        Version: '2012-10-17',
                        Statement: [
                            {
                                Effect: 'Allow',
                                Action: [
                                    'rds-data:ExecuteSql',
                                    'rds-data:ExecuteStatement',
                                    'rds-data:DeleteItems',
                                    'rds-data:GetItems',
                                    'rds-data:InsertItems',
                                    'rds-data:UpdateItems'
                                ],
                                Resource: [
                                    cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsClusterIdentifier)
                                ]
                            },
                            {
                                Effect: 'Allow',
                                Action: [
                                    'secretsmanager:GetSecretValue'
                                ],
                                Resource: [
                                    cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsSecretStoreArn)
                                ]
                            }
                        ]
                    }
                })
            ]
        });
    }
    /**
     * Creates the AppSync DataSource CFN Spec pointing at the provided RDS Cluster
     *
     * @param cliContext - the Amplify context, used to load environment variables.
     * @returns the data source CloudFormation resource.
     */
    makeRelationalDataSource(cliContext) {
        return new dataSource_1.default({
            Type: 'RELATIONAL_DATABASE',
            Name: `${this.context.databaseName}_rds_DataSource`,
            Description: `RDS Data Source Provisioned for ${this.context.databaseName}`,
            ApiId: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.AppSyncApiId),
            ServiceRoleArn: cloudform_1.Fn.GetAtt(ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseAccessRole, 'Arn'),
            RelationalDatabaseConfig: {
                RelationalDatabaseSourceType: 'RDS_HTTP_ENDPOINT',
                RdsHttpEndpointConfig: {
                    AwsRegion: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsRegion),
                    DbClusterIdentifier: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsClusterIdentifier),
                    DatabaseName: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsDatabaseName),
                    Schema: this.context.databaseSchema,
                    AwsSecretStoreArn: cloudform_1.Fn.Ref(ResourceConstants_1.ResourceConstants.PARAMETERS.rdsSecretStoreArn)
                }
            }
        }).dependsOn([ResourceConstants_1.ResourceConstants.RESOURCES.RelationalDatabaseAccessRole]);
    }
}
exports.default = RelationalDBTemplateGenerator;
//# sourceMappingURL=RelationalDBTemplateGenerator.js.map