forked from awslabs/aws-solutions-constructs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added two new construct patterns: aws-events-rule-kinesisstream and a…
…ws-events-rule-kinesisfirehose-s3 (awslabs#92) * Added new pattern aws-events-rule-kinesisstream * Added file events-rule-kinesisstream.test.ts * Added file test/integ.events-rule-kinesistream-no-arguments.ts * Fixed header validation error and added file test/integ.events-rule-kinesisstream-no-arguments.ts * Added new construct pattern aws-events-rule-kinesisfirehose-s3 and updated aws-events-rule-kinesisstream * Cleaned up .gitignore * Reverted change to change log * Updates per code review feedback * removed references to firehoseToS3 * Updated aws-events-rule-kinesisfirehose-s3 readme and renamed aws-events-rule-kinesisstream to aws-events-rule-kinesisstreams * Updated version to 1.69.0 and events-rule-kinesisfirehose-s3 snapshot and integration template Co-authored-by: peng <penaijun@f0189810211c.ant.amazon.com>
- Loading branch information
Showing
24 changed files
with
2,250 additions
and
0 deletions.
There are no files selected for viewing
5 changes: 5 additions & 0 deletions
5
source/patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/.eslintignore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
lib/*.js | ||
test/*.js | ||
*.d.ts | ||
coverage | ||
test/lambda/index.js |
16 changes: 16 additions & 0 deletions
16
source/patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/.gitignore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
lib/*.js | ||
test/*.js | ||
!test/lambda/* | ||
*.js.map | ||
*.d.ts | ||
node_modules | ||
*.generated.ts | ||
dist | ||
.jsii | ||
|
||
.LAST_BUILD | ||
.nyc_output | ||
coverage | ||
.nycrc | ||
.LAST_PACKAGE | ||
*.snk |
21 changes: 21 additions & 0 deletions
21
source/patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/.npmignore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Exclude typescript source and config | ||
*.ts | ||
tsconfig.json | ||
coverage | ||
.nyc_output | ||
*.tgz | ||
*.snk | ||
*.tsbuildinfo | ||
|
||
# Include javascript files and typescript declarations | ||
!*.js | ||
!*.d.ts | ||
|
||
# Exclude jsii outdir | ||
dist | ||
|
||
# Include .jsii | ||
!.jsii | ||
|
||
# Include .jsii | ||
!.jsii |
99 changes: 99 additions & 0 deletions
99
...patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,99 @@ | ||
# aws-events-rule-kinesisfirehose-s3 module | ||
<!--BEGIN STABILITY BANNER--> | ||
|
||
--- | ||
|
||
![Stability: Experimental](https://img.shields.io/badge/stability-Experimental-important.svg?style=for-the-badge) | ||
|
||
> All classes are under active development and subject to non-backward compatible changes or removal in any | ||
> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model. | ||
> This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package. | ||
--- | ||
<!--END STABILITY BANNER--> | ||
|
||
| **Reference Documentation**:| <span style="font-weight: normal">https://docs.aws.amazon.com/solutions/latest/constructs/</span>| | ||
|:-------------|:-------------| | ||
<div style="height:8px"></div> | ||
|
||
| **Language** | **Package** | | ||
|:-------------|-----------------| | ||
|![Python Logo](https://docs.aws.amazon.com/cdk/api/latest/img/python32.png) Python|`aws_solutions_constructs.aws_events_rule_kinesisfirehose_s3`| | ||
|![Typescript Logo](https://docs.aws.amazon.com/cdk/api/latest/img/typescript32.png) Typescript|`@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3`| | ||
|![Java Logo](https://docs.aws.amazon.com/cdk/api/latest/img/java32.png) Java|`software.amazon.awsconstructs.services.eventsrulekinesisfirehoses3`| | ||
|
||
This AWS Solutions Construct implements an Amazon CloudWatch Events rule to send data to an Amazon Kinesis Data Firehose delivery stream connected to an Amazon S3 bucket. | ||
|
||
Here is a minimal deployable pattern definition in Typescript: | ||
|
||
``` javascript | ||
import * as cdk from '@aws-cdk/core'; | ||
import { EventsRuleToKinesisFirehoseToS3, EventsRuleToKinesisFirehoseToS3Props } from '@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3'; | ||
|
||
const eventsRuleToKinesisFirehoseToS3Props: EventsRuleToKinesisFirehoseToS3Props = { | ||
eventRuleProps: { | ||
schedule: events.Schedule.rate(cdk.Duration.minutes(5)) | ||
} | ||
}; | ||
|
||
new EventsRuleToKinesisFirehoseToS3(this, 'test-events-rule-firehose-s3', eventsRuleToKinesisFirehoseToS3Props); | ||
|
||
``` | ||
|
||
## Initializer | ||
|
||
``` text | ||
new EventsRuleToKinesisFirehoseToS3(scope: Construct, id: string, props: EventsRuleToKinesisFirehoseToS3Props); | ||
``` | ||
|
||
_Parameters_ | ||
|
||
* scope [`Construct`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_core.Construct.html) | ||
* id `string` | ||
* props [`EventsRuleToKinesisFirehoseToS3Props`](#pattern-construct-props) | ||
|
||
## Pattern Construct Props | ||
|
||
| **Name** | **Type** | **Description** | | ||
|:-------------|:----------------|-----------------| | ||
|eventRuleProps|[`events.RuleProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-events.RuleProps.html)|User provided eventRuleProps to override the defaults.| | ||
|kinesisFirehoseProps?|[`kinesisfirehose.CfnDeliveryStreamProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-kinesisfirehose.CfnDeliveryStreamProps.html)|Optional user provided props to override the default props for Kinesis Firehose Delivery Stream| | ||
|existingBucketObj?|[`s3.IBucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.IBucket.html)|Existing instance of S3 Bucket object, if this is set then the bucketProps is ignored.| | ||
|bucketProps?|[`s3.BucketProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.BucketProps.html)|User provided props to override the default props for the S3 Bucket.| | ||
|
||
## Pattern Properties | ||
|
||
| **Name** | **Type** | **Description** | | ||
|:-------------|:----------------|-----------------| | ||
|eventsRule|[`events.Rule`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-events.Rule.html)|Returns an instance of events.Rule created by the construct.| | ||
|kinesisFirehose|[`kinesisfirehose.CfnDeliveryStream`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-kinesisfirehose.CfnDeliveryStream.html)|Returns an instance of kinesisfirehose.CfnDeliveryStream created by the construct| | ||
|s3Bucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct| | ||
|s3LoggingBucket?|[`s3.Bucket`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-s3.Bucket.html)|Returns an instance of s3.Bucket created by the construct as the logging bucket for the primary bucket.| | ||
|eventsRole|[`iam.Role`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-iam.Role.html)|Returns an instance of the iam.Role created by the construct for Events Rule| | ||
|kinesisFirehoseRole|[`iam.Role`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-iam.Role.html)|Returns an instance of the iam.Role created by the construct for Kinesis Data Firehose delivery stream| | ||
|kinesisFirehoseLogGroup|[`logs.LogGroup`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-logs.LogGroup.html)|Returns an instance of the LogGroup created by the construct for Kinesis Data Firehose delivery stream| | ||
|
||
## Default settings | ||
|
||
Out of the box implementation of the Construct without any override will set the following defaults: | ||
|
||
### Amazon CloudWatch Events Rule | ||
* Configure least privilege access IAM role for Events Rule to publish to the Kinesis Firehose Delivery Stream. | ||
|
||
### Amazon Kinesis Firehose | ||
* Enable CloudWatch logging for Kinesis Firehose | ||
* Configure least privilege access IAM role for Amazon Kinesis Firehose | ||
|
||
### Amazon S3 Bucket | ||
* Configure Access logging for S3 Bucket | ||
* Enable server-side encryption for S3 Bucket using AWS managed KMS Key | ||
* Turn on the versioning for S3 Bucket | ||
* Don't allow public access for S3 Bucket | ||
* Retain the S3 Bucket when deleting the CloudFormation stack | ||
* Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days | ||
|
||
## Architecture | ||
![Architecture Diagram](architecture.png) | ||
|
||
*** | ||
© Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. |
Binary file added
BIN
+301 KB
...s/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/architecture.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
122 changes: 122 additions & 0 deletions
122
source/patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/lib/index.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,122 @@ | ||
/** | ||
* Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance | ||
* with the License. A copy of the License is located at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES | ||
* OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions | ||
* and limitations under the License. | ||
*/ | ||
|
||
import * as events from '@aws-cdk/aws-events'; | ||
import * as kinesisfirehose from '@aws-cdk/aws-kinesisfirehose'; | ||
import * as defaults from '@aws-solutions-constructs/core'; | ||
import * as iam from '@aws-cdk/aws-iam'; | ||
import * as s3 from '@aws-cdk/aws-s3'; | ||
import * as logs from '@aws-cdk/aws-logs'; | ||
import { Construct } from '@aws-cdk/core'; | ||
import { overrideProps } from '@aws-solutions-constructs/core'; | ||
import { KinesisFirehoseToS3 } from '@aws-solutions-constructs/aws-kinesisfirehose-s3'; | ||
|
||
/** | ||
* @summary The properties for the EventsRuleToKinesisFirehoseToS3 Construct | ||
*/ | ||
export interface EventsRuleToKinesisFirehoseToS3Props { | ||
/** | ||
* User provided eventRuleProps to override the defaults | ||
* | ||
* @default - None | ||
*/ | ||
readonly eventRuleProps: events.RuleProps | ||
/** | ||
* User provided props to override the default props for the Kinesis Firehose. | ||
* | ||
* @default - Default props are used | ||
*/ | ||
readonly kinesisFirehoseProps?: kinesisfirehose.CfnDeliveryStreamProps | any | ||
/** | ||
* Existing instance of S3 Bucket object, if this is set then the bucketProps is ignored. | ||
* | ||
* @default - None | ||
*/ | ||
readonly existingBucketObj?: s3.IBucket, | ||
/** | ||
* User provided props to override the default props for the S3 Bucket. | ||
* | ||
* @default - Default props are used | ||
*/ | ||
readonly bucketProps?: s3.BucketProps | ||
} | ||
|
||
export class EventsRuleToKinesisFirehoseToS3 extends Construct { | ||
public readonly eventsRule: events.Rule; | ||
public readonly eventsRole: iam.Role; | ||
public readonly kinesisFirehose: kinesisfirehose.CfnDeliveryStream; | ||
public readonly kinesisFirehoseLogGroup: logs.LogGroup; | ||
public readonly kinesisFirehoseRole: iam.Role; | ||
public readonly s3Bucket?: s3.Bucket; | ||
public readonly s3LoggingBucket?: s3.Bucket; | ||
|
||
/** | ||
* @summary Constructs a new instance of the EventsRuleToKinesisFirehoseToS3 class. | ||
* @param {cdk.App} scope - represents the scope for all the resources. | ||
* @param {string} id - this is a a scope-unique id. | ||
* @param {EventsRuleToKinesisFirehoseToS3Props} props - user provided props for the construct | ||
* @since 0.8.0 | ||
* @access public | ||
*/ | ||
constructor(scope: Construct, id: string, props: EventsRuleToKinesisFirehoseToS3Props) { | ||
super(scope, id); | ||
|
||
// Set up the Kinesis Firehose using KinesisFirehoseToS3 construct | ||
const firehoseToS3 = new KinesisFirehoseToS3(this, 'KinesisFirehoseToS3', { | ||
kinesisFirehoseProps: props.kinesisFirehoseProps, | ||
existingBucketObj: props.existingBucketObj, | ||
bucketProps: props.bucketProps | ||
}); | ||
this.kinesisFirehose = firehoseToS3.kinesisFirehose; | ||
this.s3Bucket = firehoseToS3.s3Bucket; | ||
this.kinesisFirehoseRole = firehoseToS3.kinesisFirehoseRole; | ||
this.s3LoggingBucket = firehoseToS3.s3LoggingBucket; | ||
this.kinesisFirehoseLogGroup = firehoseToS3.kinesisFirehoseLogGroup; | ||
|
||
// Create an events service role | ||
this.eventsRole = new iam.Role(this, 'EventsRuleInvokeKinesisFirehoseRole', { | ||
assumedBy: new iam.ServicePrincipal('events.amazonaws.com'), | ||
description: 'Events Rule To Kinesis Firehose Role', | ||
}); | ||
|
||
// Setup the IAM policy that grants events rule the permission to send cw events data to kinesis firehose | ||
const eventsPolicy = new iam.Policy(this, 'EventsRuleInvokeKinesisFirehosePolicy', { | ||
statements: [new iam.PolicyStatement({ | ||
actions: [ | ||
'firehose:PutRecord', | ||
'firehose:PutRecordBatch' | ||
], | ||
resources: [this.kinesisFirehose.attrArn] | ||
}) | ||
]}); | ||
|
||
// Attach policy to role | ||
eventsPolicy.attachToRole(this.eventsRole); | ||
|
||
// Set up the Kinesis Firehose as the target for event rule | ||
const KinesisFirehoseEventTarget: events.IRuleTarget = { | ||
bind: () => ({ | ||
id: '', | ||
arn: this.kinesisFirehose.attrArn, | ||
role: this.eventsRole | ||
}) | ||
}; | ||
|
||
// Set up the events rule props | ||
const defaultEventsRuleProps = defaults.DefaultEventsRuleProps([KinesisFirehoseEventTarget]); | ||
const eventsRuleProps = overrideProps(defaultEventsRuleProps, props.eventRuleProps, true); | ||
|
||
this.eventsRule = new events.Rule(this, 'EventsRule', eventsRuleProps); | ||
|
||
} | ||
} |
87 changes: 87 additions & 0 deletions
87
source/patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3/package.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
{ | ||
"name": "@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3", | ||
"version": "1.69.0", | ||
"description": "CDK Constructs for Amazon CloudWatch Events Rule to Amazon Kinesis Firehose to Amazon S3 integration.", | ||
"main": "lib/index.js", | ||
"types": "lib/index.d.ts", | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/awslabs/aws-solutions-constructs.git", | ||
"directory": "source/patterns/@aws-solutions-constructs/aws-events-rule-kinesisfirehose-s3" | ||
}, | ||
"author": { | ||
"name": "Amazon Web Services", | ||
"url": "https://aws.amazon.com", | ||
"organization": true | ||
}, | ||
"license": "Apache-2.0", | ||
"scripts": { | ||
"build": "tsc -b .", | ||
"lint": "eslint -c ../eslintrc.yml --ext=.js,.ts . && tslint --project .", | ||
"lint-fix": "eslint -c ../eslintrc.yml --ext=.js,.ts --fix .", | ||
"test": "jest --coverage", | ||
"clean": "tsc -b --clean", | ||
"watch": "tsc -b -w", | ||
"integ": "cdk-integ", | ||
"integ-assert": "cdk-integ-assert", | ||
"integ-no-clean": "cdk-integ --no-clean", | ||
"jsii": "jsii", | ||
"jsii-pacmak": "jsii-pacmak", | ||
"build+lint+test": "npm run jsii && npm run lint && npm test && npm run integ-assert", | ||
"snapshot-update": "npm run jsii && npm test -- -u && npm run integ-assert" | ||
}, | ||
"jsii": { | ||
"outdir": "dist", | ||
"targets": { | ||
"java": { | ||
"package": "software.amazon.awsconstructs.services.eventsrulekinesisfirehoses3", | ||
"maven": { | ||
"groupId": "software.amazon.awsconstructs", | ||
"artifactId": "eventsrulekinesisfirehoses3" | ||
} | ||
}, | ||
"dotnet": { | ||
"namespace": "Amazon.Constructs.AWS.EventsRuleKinesisFirehoseS3", | ||
"packageId": "Amazon.Constructs.AWS.EventsRuleKinesisFirehoseS3", | ||
"signAssembly": true, | ||
"iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" | ||
}, | ||
"python": { | ||
"distName": "aws-solutions-constructs.aws-events-rule-kinesis-firehose-s3", | ||
"module": "aws_solutions_constructs.aws_events_rule_kinesis_firehose_s3" | ||
} | ||
} | ||
}, | ||
"dependencies": { | ||
"@aws-cdk/aws-iam": "~1.69.0", | ||
"@aws-cdk/aws-kinesisfirehose": "~1.69.0", | ||
"@aws-cdk/aws-events": "~1.69.0", | ||
"@aws-cdk/core": "~1.69.0", | ||
"@aws-cdk/aws-s3": "~1.69.0", | ||
"@aws-cdk/aws-logs": "~1.69.0", | ||
"@aws-solutions-constructs/core": "~1.69.0", | ||
"@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.69.0", | ||
"constructs": "^3.0.4" | ||
}, | ||
"devDependencies": { | ||
"@aws-cdk/assert": "~1.69.0", | ||
"@types/jest": "^24.0.23", | ||
"@types/node": "^10.3.0" | ||
}, | ||
"jest": { | ||
"moduleFileExtensions": [ | ||
"js" | ||
] | ||
}, | ||
"peerDependencies": { | ||
"@aws-cdk/aws-iam": "~1.69.0", | ||
"@aws-cdk/aws-kinesisfirehose": "~1.69.0", | ||
"@aws-cdk/aws-events": "~1.69.0", | ||
"@aws-cdk/aws-s3": "~1.69.0", | ||
"@aws-cdk/core": "~1.69.0", | ||
"@aws-solutions-constructs/core": "~1.69.0", | ||
"@aws-solutions-constructs/aws-kinesisfirehose-s3": "~1.69.0", | ||
"constructs": "^3.0.4", | ||
"@aws-cdk/aws-logs": "~1.69.0" | ||
} | ||
} |
Oops, something went wrong.