Simplify tenant service GET on /tenants to return all records and

support status=onboarded or status=provisioned for filtering

Author: brtrvn

resources/saas-boost-private-api.yaml

@@ -40,9 +40,6 @@ Parameters:
   TenantServiceGetAll:
     Description: Tenant Service get all tenants Lambda ARN
     Type: String
-  TenantServiceGetProvisioned:
-    Description: Tenant Service get provisioned tenants Lambda ARN
-    Type: String
   SettingsServiceGetAll:
     Description: Settings Service get all settings Lambda ARN
     Type: String
@@ -148,12 +145,6 @@ Resources:
       RestApiId: !Ref PrivateApi
       ParentId: !Ref RootResourceId
       PathPart: 'tenants'
-  TenantServiceProvisionedResource:
-    Type: AWS::ApiGateway::Resource
-    Properties:
-      RestApiId: !Ref PrivateApi
-      ParentId: !Ref TenantServiceResource
-      PathPart: 'provisioned'
   TenantServiceByIdResource:
     Type: AWS::ApiGateway::Resource
     Properties:
@@ -264,60 +255,6 @@ Resources:
             method.response.header.Access-Control-Allow-Origin: false
             method.response.header.Access-Control-Max-Age: false
             method.response.header.X-Requested-With: false
-  TenantServiceProvisionedMethod:
-    Type: AWS::ApiGateway::Method
-    Properties:
-      RestApiId: !Ref PrivateApi
-      ResourceId: !Ref TenantServiceProvisionedResource
-      HttpMethod: GET
-      AuthorizationType: AWS_IAM
-      Integration:
-        Type: AWS_PROXY
-        IntegrationHttpMethod: POST
-        Uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${TenantServiceGetProvisioned}/invocations
-        PassthroughBehavior: WHEN_NO_MATCH
-      MethodResponses:
-        - StatusCode: '200'
-          ResponseModels: {application/json: Empty}
-          ResponseParameters:
-            method.response.header.Access-Control-Allow-Origin: false
-  TenantServiceGetProvisionedLambdaPermission:
-    Type: AWS::Lambda::Permission
-    Properties:
-      Principal: apigateway.amazonaws.com
-      Action: lambda:InvokeFunction
-      FunctionName: !Ref TenantServiceGetProvisioned
-      SourceArn: !Sub arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${PrivateApi}/*/GET/tenants/provisioned
-  TenantServiceProvisionedResourceCORS:
-    Type: AWS::ApiGateway::Method
-    Properties:
-      RestApiId: !Ref PrivateApi
-      ResourceId: !Ref TenantServiceProvisionedResource
-      HttpMethod: OPTIONS
-      AuthorizationType: NONE
-      Integration:
-        Type: MOCK
-        PassthroughBehavior: WHEN_NO_MATCH
-        IntegrationResponses:
-          - StatusCode: '200'
-            ResponseTemplates: {application/json: ''}
-            ResponseParameters:
-              method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
-              method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
-              method.response.header.Access-Control-Allow-Origin: "'*'"
-              method.response.header.Access-Control-Max-Age: "'3600'"
-              method.response.header.X-Requested-With: "'*'"
-        RequestTemplates:
-          application/json: '{"statusCode": 200}'
-      MethodResponses:
-        - StatusCode: '200'
-          ResponseModels: {application/json: Empty}
-          ResponseParameters:
-            method.response.header.Access-Control-Allow-Headers: false
-            method.response.header.Access-Control-Allow-Methods: false
-            method.response.header.Access-Control-Allow-Origin: false
-            method.response.header.Access-Control-Max-Age: false
-            method.response.header.X-Requested-With: false
   SettingsServiceResource:
     Type: AWS::ApiGateway::Resource
     Properties:

resources/saas-boost-public-api.yaml

@@ -73,9 +73,6 @@ Parameters:
   TenantServiceGetAll:
     Description: Tenant Service get all tenants Lambda ARN
     Type: String
-  TenantServiceGetProvisioned:
-    Description: Tenant Service get provisioned tenants Lambda ARN
-    Type: String
   TenantServiceById:
     Description: Tenant Service get tenant by id Lambda ARN
     Type: String
@@ -973,12 +970,6 @@ Resources:
       RestApiId: !Ref PublicApi
       ParentId: !Ref TenantServiceResource
       PathPart: '{id}'
-  TenantServiceProvisionedResource:
-    Type: AWS::ApiGateway::Resource
-    Properties:
-      RestApiId: !Ref PublicApi
-      ParentId: !Ref TenantServiceResource
-      PathPart: 'provisioned'
   TenantServiceEnableResource:
     Type: AWS::ApiGateway::Resource
     Properties:
@@ -1048,63 +1039,6 @@ Resources:
             method.response.header.Access-Control-Allow-Origin: false
             method.response.header.Access-Control-Max-Age: false
             method.response.header.X-Requested-With: false
-  TenantServiceProvisionedMethod:
-    Type: AWS::ApiGateway::Method
-    Properties:
-      RestApiId: !Ref PublicApi
-      ResourceId: !Ref TenantServiceProvisionedResource
-      HttpMethod: GET
-      AuthorizationType: COGNITO_USER_POOLS
-      AuthorizerId: !Ref CognitoAuthorizer
-      AuthorizationScopes:
-        - aws.cognito.signin.user.admin
-      Integration:
-        Type: AWS_PROXY
-        IntegrationHttpMethod: POST
-        Uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${TenantServiceGetProvisioned}/invocations
-        PassthroughBehavior: WHEN_NO_MATCH
-      MethodResponses:
-        - StatusCode: '200'
-          ResponseModels: {application/json: Empty}
-          ResponseParameters:
-            method.response.header.Access-Control-Allow-Origin: false
-  TenantServiceGetProvisionedLambdaPermission:
-    Type: AWS::Lambda::Permission
-    Properties:
-      Principal: apigateway.amazonaws.com
-      Action: lambda:InvokeFunction
-      FunctionName: !Ref TenantServiceGetProvisioned
-      SourceArn: !Sub arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${PublicApi}/*/GET/tenants/provisioned
-  TenantServiceProvisionedResourceCORS:
-    Type: AWS::ApiGateway::Method
-    Properties:
-      RestApiId: !Ref PublicApi
-      ResourceId: !Ref TenantServiceProvisionedResource
-      HttpMethod: OPTIONS
-      AuthorizationType: NONE
-      Integration:
-        Type: MOCK
-        PassthroughBehavior: WHEN_NO_MATCH
-        IntegrationResponses:
-          - StatusCode: '200'
-            ResponseTemplates: {application/json: ''}
-            ResponseParameters:
-              method.response.header.Access-Control-Allow-Headers: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
-              method.response.header.Access-Control-Allow-Methods: "'GET,OPTIONS'"
-              method.response.header.Access-Control-Allow-Origin: "'*'"
-              method.response.header.Access-Control-Max-Age: "'3600'"
-              method.response.header.X-Requested-With: "'*'"
-        RequestTemplates:
-          application/json: '{"statusCode": 200}'
-      MethodResponses:
-        - StatusCode: '200'
-          ResponseModels: {application/json: Empty}
-          ResponseParameters:
-            method.response.header.Access-Control-Allow-Headers: false
-            method.response.header.Access-Control-Allow-Methods: false
-            method.response.header.Access-Control-Allow-Origin: false
-            method.response.header.Access-Control-Max-Age: false
-            method.response.header.X-Requested-With: false
   TenantServiceGetByIdMethod:
     Type: AWS::ApiGateway::Method
     Properties:
@@ -1775,8 +1709,6 @@ Resources:
       - SettingsServiceByIdResourceCORS
       - TenantServiceGetAllMethod
       - TenantServiceResourceCORS
-      - TenantServiceProvisionedMethod
-      - TenantServiceProvisionedResourceCORS
       - TenantServiceGetByIdMethod
       - TenantServiceUpdateMethod
       - TenantServiceDeleteMethod

resources/saas-boost-svc-tenant.yaml

@@ -159,37 +159,6 @@ Resources:
           SAAS_BOOST_ENV: !Ref Environment
           SAAS_BOOST_EVENT_BUS: !Ref SaaSBoostEventBus
           TENANTS_TABLE: !Ref TenantsTable
-  TenantServiceGetProvisionedLogs:
-    Type: AWS::Logs::LogGroup
-    Properties:
-      LogGroupName: !Sub /aws/lambda/sb-${Environment}-tenants-get-provisioned
-      RetentionInDays: 30
-  TenantServiceGetProvisioned:
-    Type: AWS::Lambda::Function
-    Properties:
-      FunctionName: !Sub sb-${Environment}-tenants-get-provisioned
-      Role: !GetAtt TenantServiceExecutionRole.Arn
-      Runtime: java11
-      Timeout: 300
-      MemorySize: 1024
-      Handler: com.amazon.aws.partners.saasfactory.saasboost.TenantService::getProvisionedTenants
-      Code:
-        S3Bucket: !Ref SaaSBoostBucket
-        S3Key: !Sub ${LambdaSourceFolder}/TenantService-lambda.zip
-      Layers:
-        - !Ref SaaSBoostUtilsLayer
-      Environment:
-        Variables:
-          SAAS_BOOST_ENV: !Ref Environment
-          SAAS_BOOST_EVENT_BUS: !Ref SaaSBoostEventBus
-          TENANTS_TABLE: !Ref TenantsTable
-      Tags:
-        - Key: "Application"
-          Value: "SaaSBoost"
-        - Key: "Environment"
-          Value: !Ref Environment
-        - Key: "BoostService"
-          Value: "Tenant"
   TenantServiceUpdateLogs:
     Type: AWS::Logs::LogGroup
     Properties:
@@ -406,9 +375,6 @@ Outputs:
   TenantServiceGetAllArn:
     Description: Tenant Service get all tenants Lambda ARN
     Value: !GetAtt TenantServiceGetAll.Arn
-  TenantServiceGetProvisionedArn:
-    Description: Tenant Service get provisioned tenants Lambda ARN
-    Value: !GetAtt TenantServiceGetProvisioned.Arn
   TenantServiceInsertArn:
     Description: Tenant Service insert new tenant Lambda ARN
     Value: !GetAtt TenantServiceInsert.Arn

resources/saas-boost.yaml

@@ -768,7 +768,6 @@ Resources:
         SettingsServiceSetAppConfig: !GetAtt settings.Outputs.SettingsServiceSetAppConfigArn
         SettingsServiceUpdateAppConfig: !GetAtt settings.Outputs.SettingsServiceUpdateAppConfigArn
         TenantServiceGetAll: !GetAtt tenant.Outputs.TenantServiceGetAllArn
-        TenantServiceGetProvisioned: !GetAtt tenant.Outputs.TenantServiceGetProvisionedArn
         TenantServiceById: !GetAtt tenant.Outputs.TenantServiceByIdArn
         TenantServiceUpdate: !GetAtt tenant.Outputs.TenantServiceUpdateArn
         TenantServiceDelete: !GetAtt tenant.Outputs.TenantServiceDeleteArn
@@ -795,7 +794,6 @@ Resources:
         TenantServiceById: !GetAtt tenant.Outputs.TenantServiceByIdArn
         TenantServiceInsert: !GetAtt tenant.Outputs.TenantServiceInsertArn
         TenantServiceGetAll: !GetAtt tenant.Outputs.TenantServiceGetAllArn
-        TenantServiceGetProvisioned: !GetAtt tenant.Outputs.TenantServiceGetProvisionedArn
         SettingsServiceGetAll: !GetAtt settings.Outputs.SettingsServiceGetAllArn
         SettingsServiceGetSecret: !GetAtt settings.Outputs.SettingsServiceGetSecretArn
         SettingsServiceDeleteAppConfig: !GetAtt settings.Outputs.SettingsServiceDeleteAppConfigArn

services/tenant-service/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/TenantService.java

@@ -59,36 +59,23 @@ public APIGatewayProxyResponseEvent getTenants(Map<String, Object> event, Contex
         final long startTimeMillis = System.currentTimeMillis();
         LOGGER.info("TenantService::getTenants");
         //Utils.logRequestEvent(event);
-        List<Tenant> tenants = dal.getOnboardedTenants();
-        APIGatewayProxyResponseEvent response = new APIGatewayProxyResponseEvent()
-                .withStatusCode(200)
-                .withHeaders(CORS)
-                .withBody(Utils.toJson(tenants));
-        long totalTimeMillis = System.currentTimeMillis() - startTimeMillis;
-        LOGGER.info("TenantService::getTenants exec " + totalTimeMillis);
-        return response;
-    }
-
-    public APIGatewayProxyResponseEvent getProvisionedTenants(Map<String, Object> event, Context context) {
-        if (Utils.warmup(event)) {
-            //LOGGER.info("Warming up");
-            return new APIGatewayProxyResponseEvent().withHeaders(CORS).withStatusCode(200);
-        }
-
-        final long startTimeMillis = System.currentTimeMillis();
-        LOGGER.info("TenantService::getProvisionedTenants");
-        //Utils.logRequestEvent(event);
-
-        List<Tenant> tenants;
+        List<Tenant> tenants = new ArrayList<>();
         Map<String, String> queryParams = (Map<String, String>) event.get("queryStringParameters");
-        tenants = dal.getProvisionedTenants();
-
+        if (queryParams != null && queryParams.containsKey("status")) {
+            if ("provisioned".equalsIgnoreCase(queryParams.get("status"))) {
+                tenants.addAll(dal.getProvisionedTenants());
+            } else if ("onboarded".equalsIgnoreCase(queryParams.get("status"))) {
+                tenants.addAll(dal.getOnboardedTenants());
+            }
+        } else {
+            tenants.addAll(dal.getAllTenants());
+        }
         APIGatewayProxyResponseEvent response = new APIGatewayProxyResponseEvent()
                 .withStatusCode(200)
                 .withHeaders(CORS)
                 .withBody(Utils.toJson(tenants));
         long totalTimeMillis = System.currentTimeMillis() - startTimeMillis;
-        LOGGER.info("TenantService::getProvisionedTenants exec {}", totalTimeMillis);
+        LOGGER.info("TenantService::getTenants exec " + totalTimeMillis);
         return response;
     }
 

services/tenant-service/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/TenantServiceDAL.java

@@ -26,7 +26,6 @@
 import java.time.format.DateTimeParseException;
 import java.util.*;
 import java.util.stream.Collectors;
-import java.util.stream.Stream;
 
 public class TenantServiceDAL {
 
@@ -46,20 +45,24 @@ public TenantServiceDAL() {
     public List<Tenant> getOnboardedTenants() {
         final long startTimeMillis = System.currentTimeMillis();
         LOGGER.info("TenantServiceDAL::getTenants");
+
+        // Get all tenants that have the workload deployed and are ready to use the system
+        // or who have had the workload deployed and are in an update/deployment cycle
         List<Tenant> tenants = new ArrayList<>();
         try {
             ScanResponse response = ddb.scan(request -> request
                     .tableName(TENANTS_TABLE)
-                    .filterExpression("attribute_exists(onboarding_status) AND onboarding_status IN (:status1, :status2)")
-                    .expressionAttributeValues(Stream
-                            .of(
-                                    new AbstractMap.SimpleEntry<>(":status1", AttributeValue.builder().s("succeeded").build()),
-                                    new AbstractMap.SimpleEntry<>(":status2", AttributeValue.builder().s("updated").build())
-                            )
-                            .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue))
-                    )
+                    .filterExpression("attribute_exists(onboarding_status) "
+                            + "AND onboarding_status IN (:updating, :updated, :deploying, :deployed)")
+                    .expressionAttributeValues(Map.of(
+                            ":updating", AttributeValue.builder().s("updating").build(),
+                            ":updated", AttributeValue.builder().s("updated").build(),
+                            ":deploying", AttributeValue.builder().s("deploying").build(),
+                            ":deployed", AttributeValue.builder().s("deployed").build()
+                    ))
+                    .build()
             );
-            LOGGER.info("TenantServiceDAL::getTenants returning " + response.items().size() + " onboarded tenants");
+            LOGGER.info("TenantServiceDAL::getTenants returning {} onboarded tenants", response.items().size());
             response.items().forEach(item ->
                     tenants.add(fromAttributeValueMap(item))
             );
@@ -76,22 +79,20 @@ public List<Tenant> getProvisionedTenants() {
         final long startTimeMillis = System.currentTimeMillis();
         LOGGER.info("TenantServiceDAL::getProvisionedTenants");
 
-        // Get all tenants who haven't just started provisioning (created)
-        // or who had an error during provisioning (failed)
-        String filter = "attribute_exists(onboarding_status) " +
-                "AND onboarding_status <> :created " +
-                "AND onboarding_status <> :failed " +
-                "AND onboarding_status <> :deleted";
-        Map<String, AttributeValue> expressions = new HashMap<>();
-        expressions.put(":created", AttributeValue.builder().s("created").build());
-        expressions.put(":failed", AttributeValue.builder().s("failed").build());
-        expressions.put(":deleted", AttributeValue.builder().s("deleted").build());
+        // Get all tenants that have infrastructure running or being created
         List<Tenant> tenants = new ArrayList<>();
         try {
             ScanResponse response = ddb.scan(ScanRequest.builder()
                     .tableName(TENANTS_TABLE)
-                    .filterExpression(filter)
-                    .expressionAttributeValues(expressions)
+                    .filterExpression("attribute_exists(onboarding_status) "
+                            + "AND onboarding_status <> :failed "
+                            + "AND onboarding_status <> :deleting "
+                            + "AND onboarding_status <> :deleted") // Can't use NOT IN (...) in DynamoDB
+                    .expressionAttributeValues(Map.of(
+                            ":failed", AttributeValue.builder().s("failed").build(),
+                            ":deleting", AttributeValue.builder().s("deleting").build(),
+                            ":deleted", AttributeValue.builder().s("deleted").build()
+                    ))
                     .build()
             );
             LOGGER.info("TenantServiceDAL::getProvisionedTenants returning {} provisioned tenants", response.items().size());