UNPKG

cdk-monitoring-constructs

Version:

[![Gitpod Ready-to-Code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/cdklabs/cdk-monitoring-constructs) [![NPM version](https://badge.fury.io/js/cdk-monitoring-constructs.svg)](https://badge

github.com/cdklabs/cdk-monitoring-constructs

cdklabs/cdk-monitoring-constructs

71 lines 9.87 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
"use strict"; var _a; Object.defineProperty(exports, "__esModule", { value: true }); exports.SecretsManagerMetricsPublisher = void 0; const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti"); const path = require("path"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const aws_events_1 = require("aws-cdk-lib/aws-events"); const aws_events_targets_1 = require("aws-cdk-lib/aws-events-targets"); const aws_iam_1 = require("aws-cdk-lib/aws-iam"); const aws_lambda_1 = require("aws-cdk-lib/aws-lambda"); const aws_logs_1 = require("aws-cdk-lib/aws-logs"); const constructs_1 = require("constructs"); const SecretsManagerSecretMetricFactory_1 = require("./SecretsManagerSecretMetricFactory"); class SecretsManagerMetricsPublisher extends constructs_1.Construct { constructor(scope) { super(scope, "SecretsManagerMetricsPublisher"); this.lambda = new aws_lambda_1.Function(this, "Lambda", { code: aws_lambda_1.Code.fromAsset(path.join(__dirname, "..", "..", "..", "assets", "SecretsManagerMetricsPublisher")), description: "Custom metrics publisher for SecretsManager Secrets (MonitoringCDKConstructs)", handler: "index.handler", memorySize: 128, runtime: aws_lambda_1.Runtime.NODEJS_14_X, architecture: aws_lambda_1.Architecture.ARM_64, timeout: aws_cdk_lib_1.Duration.seconds(60), logRetention: aws_logs_1.RetentionDays.ONE_DAY, }); this.lambda.addToRolePolicy(new aws_iam_1.PolicyStatement({ effect: aws_iam_1.Effect.ALLOW, actions: ["secretsmanager:DescribeSecret"], resources: ["*"], })); this.lambda.addToRolePolicy(new aws_iam_1.PolicyStatement({ effect: aws_iam_1.Effect.ALLOW, actions: ["cloudwatch:PutMetricData"], resources: ["*"], conditions: { StringEquals: { "cloudwatch:namespace": SecretsManagerSecretMetricFactory_1.SecretsManagerSecretMetricFactory.Namespace, }, }, })); } static getInstance(scope) { const key = aws_cdk_lib_1.Names.nodeUniqueId(scope.node); let instance = SecretsManagerMetricsPublisher.instances[key]; if (!instance) { instance = new SecretsManagerMetricsPublisher(scope); SecretsManagerMetricsPublisher.instances[key] = instance; } return instance; } addSecret(secret) { // run 1/hr so alarms can recover automatically const rule = new aws_events_1.Rule(this, `RuleFor${aws_cdk_lib_1.Names.nodeUniqueId(secret.node)}`, { schedule: aws_events_1.Schedule.cron({ minute: "0", }), }); rule.addTarget(new aws_events_targets_1.LambdaFunction(this.lambda, { event: aws_events_1.RuleTargetInput.fromObject({ secretId: secret.secretArn, }), })); } } exports.SecretsManagerMetricsPublisher = SecretsManagerMetricsPublisher; _a = JSII_RTTI_SYMBOL_1; SecretsManagerMetricsPublisher[_a] = { fqn: "cdk-monitoring-constructs.SecretsManagerMetricsPublisher", version: "1.21.0" }; SecretsManagerMetricsPublisher.instances = {}; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2VjcmV0c01hbmFnZXJNZXRyaWNzUHVibGlzaGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiU2VjcmV0c01hbmFnZXJNZXRyaWNzUHVibGlzaGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsNkJBQTZCO0FBRTdCLDZDQUE4QztBQUM5Qyx1REFBeUU7QUFDekUsdUVBQWdFO0FBQ2hFLGlEQUE4RDtBQUM5RCx1REFNZ0M7QUFDaEMsbURBQXFEO0FBRXJELDJDQUF1QztBQUd2QywyRkFBd0Y7QUFFeEYsTUFBYSw4QkFBK0IsU0FBUSxzQkFBUztJQUkzRCxZQUFvQixLQUFzQjtRQUN4QyxLQUFLLENBQUMsS0FBSyxFQUFFLGdDQUFnQyxDQUFDLENBQUM7UUFFL0MsSUFBSSxDQUFDLE1BQU0sR0FBRyxJQUFJLHFCQUFRLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUN6QyxJQUFJLEVBQUUsaUJBQUksQ0FBQyxTQUFTLENBQ2xCLElBQUksQ0FBQyxJQUFJLENBQ1AsU0FBUyxFQUNULElBQUksRUFDSixJQUFJLEVBQ0osSUFBSSxFQUNKLFFBQVEsRUFDUixnQ0FBZ0MsQ0FDakMsQ0FDRjtZQUNELFdBQVcsRUFDVCwrRUFBK0U7WUFDakYsT0FBTyxFQUFFLGVBQWU7WUFDeEIsVUFBVSxFQUFFLEdBQUc7WUFDZixPQUFPLEVBQUUsb0JBQU8sQ0FBQyxXQUFXO1lBQzVCLFlBQVksRUFBRSx5QkFBWSxDQUFDLE1BQU07WUFDakMsT0FBTyxFQUFFLHNCQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztZQUM3QixZQUFZLEVBQUUsd0JBQWEsQ0FBQyxPQUFPO1NBQ3BDLENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxNQUFNLENBQUMsZUFBZSxDQUN6QixJQUFJLHlCQUFlLENBQUM7WUFDbEIsTUFBTSxFQUFFLGdCQUFNLENBQUMsS0FBSztZQUNwQixPQUFPLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQztZQUMxQyxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7U0FDakIsQ0FBQyxDQUNILENBQUM7UUFFRixJQUFJLENBQUMsTUFBTSxDQUFDLGVBQWUsQ0FDekIsSUFBSSx5QkFBZSxDQUFDO1lBQ2xCLE1BQU0sRUFBRSxnQkFBTSxDQUFDLEtBQUs7WUFDcEIsT0FBTyxFQUFFLENBQUMsMEJBQTBCLENBQUM7WUFDckMsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO1lBQ2hCLFVBQVUsRUFBRTtnQkFDVixZQUFZLEVBQUU7b0JBQ1osc0JBQXNCLEVBQUUscUVBQWlDLENBQUMsU0FBUztpQkFDcEU7YUFDRjtTQUNGLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxXQUFXLENBQUMsS0FBc0I7UUFDdkMsTUFBTSxHQUFHLEdBQUcsbUJBQUssQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzNDLElBQUksUUFBUSxHQUFHLDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM3RCxJQUFJLENBQUMsUUFBUSxFQUFFO1lBQ2IsUUFBUSxHQUFHLElBQUksOEJBQThCLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDckQsOEJBQThCLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxHQUFHLFFBQVEsQ0FBQztTQUMxRDtRQUVELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7SUFFRCxTQUFTLENBQUMsTUFBZTtRQUN2QiwrQ0FBK0M7UUFDL0MsTUFBTSxJQUFJLEdBQUcsSUFBSSxpQkFBSSxDQUFDLElBQUksRUFBRSxVQUFVLG1CQUFLLENBQUMsWUFBWSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsRUFBRSxFQUFFO1lBQ3ZFLFFBQVEsRUFBRSxxQkFBUSxDQUFDLElBQUksQ0FBQztnQkFDdEIsTUFBTSxFQUFFLEdBQUc7YUFDWixDQUFDO1NBQ0gsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFNBQVMsQ0FDWixJQUFJLG1DQUFjLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRTtZQUM5QixLQUFLLEVBQUUsNEJBQWUsQ0FBQyxVQUFVLENBQUM7Z0JBQ2hDLFFBQVEsRUFBRSxNQUFNLENBQUMsU0FBUzthQUMzQixDQUFDO1NBQ0gsQ0FBQyxDQUNILENBQUM7SUFDSixDQUFDOztBQTVFSCx3RUE2RUM7OztBQTVFZ0Isd0NBQVMsR0FBbUQsRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgcGF0aCBmcm9tIFwicGF0aFwiO1xuXG5pbXBvcnQgeyBEdXJhdGlvbiwgTmFtZXMgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IFJ1bGUsIFJ1bGVUYXJnZXRJbnB1dCwgU2NoZWR1bGUgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50c1wiO1xuaW1wb3J0IHsgTGFtYmRhRnVuY3Rpb24gfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50cy10YXJnZXRzXCI7XG5pbXBvcnQgeyBFZmZlY3QsIFBvbGljeVN0YXRlbWVudCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5pbXBvcnQge1xuICBBcmNoaXRlY3R1cmUsXG4gIENvZGUsXG4gIEZ1bmN0aW9uLFxuICBJRnVuY3Rpb24sXG4gIFJ1bnRpbWUsXG59IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtbGFtYmRhXCI7XG5pbXBvcnQgeyBSZXRlbnRpb25EYXlzIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1sb2dzXCI7XG5pbXBvcnQgeyBJU2VjcmV0IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zZWNyZXRzbWFuYWdlclwiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuaW1wb3J0IHsgTW9uaXRvcmluZ1Njb3BlIH0gZnJvbSBcIi4uLy4uL2NvbW1vblwiO1xuaW1wb3J0IHsgU2VjcmV0c01hbmFnZXJTZWNyZXRNZXRyaWNGYWN0b3J5IH0gZnJvbSBcIi4vU2VjcmV0c01hbmFnZXJTZWNyZXRNZXRyaWNGYWN0b3J5XCI7XG5cbmV4cG9ydCBjbGFzcyBTZWNyZXRzTWFuYWdlck1ldHJpY3NQdWJsaXNoZXIgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwcml2YXRlIHN0YXRpYyBpbnN0YW5jZXM6IFJlY29yZDxzdHJpbmcsIFNlY3JldHNNYW5hZ2VyTWV0cmljc1B1Ymxpc2hlcj4gPSB7fTtcbiAgcHVibGljIHJlYWRvbmx5IGxhbWJkYTogSUZ1bmN0aW9uO1xuXG4gIHByaXZhdGUgY29uc3RydWN0b3Ioc2NvcGU6IE1vbml0b3JpbmdTY29wZSkge1xuICAgIHN1cGVyKHNjb3BlLCBcIlNlY3JldHNNYW5hZ2VyTWV0cmljc1B1Ymxpc2hlclwiKTtcblxuICAgIHRoaXMubGFtYmRhID0gbmV3IEZ1bmN0aW9uKHRoaXMsIFwiTGFtYmRhXCIsIHtcbiAgICAgIGNvZGU6IENvZGUuZnJvbUFzc2V0KFxuICAgICAgICBwYXRoLmpvaW4oXG4gICAgICAgICAgX19kaXJuYW1lLFxuICAgICAgICAgIFwiLi5cIixcbiAgICAgICAgICBcIi4uXCIsXG4gICAgICAgICAgXCIuLlwiLFxuICAgICAgICAgIFwiYXNzZXRzXCIsXG4gICAgICAgICAgXCJTZWNyZXRzTWFuYWdlck1ldHJpY3NQdWJsaXNoZXJcIlxuICAgICAgICApXG4gICAgICApLFxuICAgICAgZGVzY3JpcHRpb246XG4gICAgICAgIFwiQ3VzdG9tIG1ldHJpY3MgcHVibGlzaGVyIGZvciBTZWNyZXRzTWFuYWdlciBTZWNyZXRzIChNb25pdG9yaW5nQ0RLQ29uc3RydWN0cylcIixcbiAgICAgIGhhbmRsZXI6IFwiaW5kZXguaGFuZGxlclwiLFxuICAgICAgbWVtb3J5U2l6ZTogMTI4LFxuICAgICAgcnVudGltZTogUnVudGltZS5OT0RFSlNfMTRfWCxcbiAgICAgIGFyY2hpdGVjdHVyZTogQXJjaGl0ZWN0dXJlLkFSTV82NCxcbiAgICAgIHRpbWVvdXQ6IER1cmF0aW9uLnNlY29uZHMoNjApLFxuICAgICAgbG9nUmV0ZW50aW9uOiBSZXRlbnRpb25EYXlzLk9ORV9EQVksXG4gICAgfSk7XG5cbiAgICB0aGlzLmxhbWJkYS5hZGRUb1JvbGVQb2xpY3koXG4gICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgIGFjdGlvbnM6IFtcInNlY3JldHNtYW5hZ2VyOkRlc2NyaWJlU2VjcmV0XCJdLFxuICAgICAgICByZXNvdXJjZXM6IFtcIipcIl0sXG4gICAgICB9KVxuICAgICk7XG5cbiAgICB0aGlzLmxhbWJkYS5hZGRUb1JvbGVQb2xpY3koXG4gICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgIGFjdGlvbnM6IFtcImNsb3Vkd2F0Y2g6UHV0TWV0cmljRGF0YVwiXSxcbiAgICAgICAgcmVzb3VyY2VzOiBbXCIqXCJdLFxuICAgICAgICBjb25kaXRpb25zOiB7XG4gICAgICAgICAgU3RyaW5nRXF1YWxzOiB7XG4gICAgICAgICAgICBcImNsb3Vkd2F0Y2g6bmFtZXNwYWNlXCI6IFNlY3JldHNNYW5hZ2VyU2VjcmV0TWV0cmljRmFjdG9yeS5OYW1lc3BhY2UsXG4gICAgICAgICAgfSxcbiAgICAgICAgfSxcbiAgICAgIH0pXG4gICAgKTtcbiAgfVxuXG4gIHN0YXRpYyBnZXRJbnN0YW5jZShzY29wZTogTW9uaXRvcmluZ1Njb3BlKSB7XG4gICAgY29uc3Qga2V5ID0gTmFtZXMubm9kZVVuaXF1ZUlkKHNjb3BlLm5vZGUpO1xuICAgIGxldCBpbnN0YW5jZSA9IFNlY3JldHNNYW5hZ2VyTWV0cmljc1B1Ymxpc2hlci5pbnN0YW5jZXNba2V5XTtcbiAgICBpZiAoIWluc3RhbmNlKSB7XG4gICAgICBpbnN0YW5jZSA9IG5ldyBTZWNyZXRzTWFuYWdlck1ldHJpY3NQdWJsaXNoZXIoc2NvcGUpO1xuICAgICAgU2VjcmV0c01hbmFnZXJNZXRyaWNzUHVibGlzaGVyLmluc3RhbmNlc1trZXldID0gaW5zdGFuY2U7XG4gICAgfVxuXG4gICAgcmV0dXJuIGluc3RhbmNlO1xuICB9XG5cbiAgYWRkU2VjcmV0KHNlY3JldDogSVNlY3JldCk6IHZvaWQge1xuICAgIC8vIHJ1biAxL2hyIHNvIGFsYXJtcyBjYW4gcmVjb3ZlciBhdXRvbWF0aWNhbGx5XG4gICAgY29uc3QgcnVsZSA9IG5ldyBSdWxlKHRoaXMsIGBSdWxlRm9yJHtOYW1lcy5ub2RlVW5pcXVlSWQoc2VjcmV0Lm5vZGUpfWAsIHtcbiAgICAgIHNjaGVkdWxlOiBTY2hlZHVsZS5jcm9uKHtcbiAgICAgICAgbWludXRlOiBcIjBcIixcbiAgICAgIH0pLFxuICAgIH0pO1xuXG4gICAgcnVsZS5hZGRUYXJnZXQoXG4gICAgICBuZXcgTGFtYmRhRnVuY3Rpb24odGhpcy5sYW1iZGEsIHtcbiAgICAgICAgZXZlbnQ6IFJ1bGVUYXJnZXRJbnB1dC5mcm9tT2JqZWN0KHtcbiAgICAgICAgICBzZWNyZXRJZDogc2VjcmV0LnNlY3JldEFybixcbiAgICAgICAgfSksXG4gICAgICB9KVxuICAgICk7XG4gIH1cbn1cbiJdfQ==