cdk-monitoring-constructs
Version:
[](https://badge.fury.io/js/cdk-monitoring-constructs) [](https://m
73 lines • 10.3 kB
JavaScript
;
var _a;
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecretsManagerMetricsPublisher = void 0;
const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
const path = require("path");
const aws_cdk_lib_1 = require("aws-cdk-lib");
const aws_events_1 = require("aws-cdk-lib/aws-events");
const aws_events_targets_1 = require("aws-cdk-lib/aws-events-targets");
const aws_iam_1 = require("aws-cdk-lib/aws-iam");
const aws_lambda_1 = require("aws-cdk-lib/aws-lambda");
const aws_logs_1 = require("aws-cdk-lib/aws-logs");
const constructs_1 = require("constructs");
const SecretsManagerSecretMetricFactory_1 = require("./SecretsManagerSecretMetricFactory");
class SecretsManagerMetricsPublisher extends constructs_1.Construct {
constructor(scope) {
super(scope, "SecretsManagerMetricsPublisher");
this.lambda = new aws_lambda_1.Function(this, "Lambda", {
code: aws_lambda_1.Code.fromAsset(path.join(__dirname, "..", "..", "..", "assets", "SecretsManagerMetricsPublisher")),
description: "Custom metrics publisher for SecretsManager Secrets (cdk-monitoring-constructs)",
handler: "index.handler",
memorySize: 128,
runtime: aws_lambda_1.determineLatestNodeRuntime(this),
timeout: aws_cdk_lib_1.Duration.seconds(60),
logGroup: new aws_logs_1.LogGroup(this, "LambdaLogs", {
retention: aws_logs_1.RetentionDays.ONE_DAY,
removalPolicy: aws_cdk_lib_1.RemovalPolicy.RETAIN_ON_UPDATE_OR_DELETE,
}),
});
this.lambda.addToRolePolicy(new aws_iam_1.PolicyStatement({
effect: aws_iam_1.Effect.ALLOW,
actions: ["secretsmanager:DescribeSecret"],
resources: ["*"],
}));
this.lambda.addToRolePolicy(new aws_iam_1.PolicyStatement({
effect: aws_iam_1.Effect.ALLOW,
actions: ["cloudwatch:PutMetricData"],
resources: ["*"],
conditions: {
StringEquals: {
"cloudwatch:namespace": SecretsManagerSecretMetricFactory_1.SecretsManagerSecretMetricFactory.Namespace,
},
},
}));
}
static getInstance(scope) {
const key = aws_cdk_lib_1.Names.nodeUniqueId(scope.node);
let instance = SecretsManagerMetricsPublisher.instances[key];
if (!instance) {
instance = new SecretsManagerMetricsPublisher(scope);
SecretsManagerMetricsPublisher.instances[key] = instance;
}
return instance;
}
addSecret(secret) {
// run 1/hr so alarms can recover automatically
const rule = new aws_events_1.Rule(this, `RuleFor${aws_cdk_lib_1.Names.nodeUniqueId(secret.node)}`, {
schedule: aws_events_1.Schedule.cron({
minute: "0",
}),
});
rule.addTarget(new aws_events_targets_1.LambdaFunction(this.lambda, {
event: aws_events_1.RuleTargetInput.fromObject({
secretId: secret.secretArn,
}),
}));
}
}
exports.SecretsManagerMetricsPublisher = SecretsManagerMetricsPublisher;
_a = JSII_RTTI_SYMBOL_1;
SecretsManagerMetricsPublisher[_a] = { fqn: "cdk-monitoring-constructs.SecretsManagerMetricsPublisher", version: "9.15.2" };
SecretsManagerMetricsPublisher.instances = {};
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2VjcmV0c01hbmFnZXJNZXRyaWNzUHVibGlzaGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiU2VjcmV0c01hbmFnZXJNZXRyaWNzUHVibGlzaGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsNkJBQTZCO0FBRTdCLDZDQUE2RDtBQUM3RCx1REFBeUU7QUFDekUsdUVBQWdFO0FBQ2hFLGlEQUE4RDtBQUM5RCx1REFLZ0M7QUFDaEMsbURBQStEO0FBRS9ELDJDQUF1QztBQUV2QywyRkFBd0Y7QUFHeEYsTUFBYSw4QkFBK0IsU0FBUSxzQkFBUztJQUkzRCxZQUFvQixLQUFzQjtRQUN4QyxLQUFLLENBQUMsS0FBSyxFQUFFLGdDQUFnQyxDQUFDLENBQUM7UUFFL0MsSUFBSSxDQUFDLE1BQU0sR0FBRyxJQUFJLHFCQUFRLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUN6QyxJQUFJLEVBQUUsaUJBQUksQ0FBQyxTQUFTLENBQ2xCLElBQUksQ0FBQyxJQUFJLENBQ1AsU0FBUyxFQUNULElBQUksRUFDSixJQUFJLEVBQ0osSUFBSSxFQUNKLFFBQVEsRUFDUixnQ0FBZ0MsQ0FDakMsQ0FDRjtZQUNELFdBQVcsRUFDVCxpRkFBaUY7WUFDbkYsT0FBTyxFQUFFLGVBQWU7WUFDeEIsVUFBVSxFQUFFLEdBQUc7WUFDZixPQUFPLEVBQUUsdUNBQTBCLENBQUMsSUFBSSxDQUFDO1lBQ3pDLE9BQU8sRUFBRSxzQkFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7WUFDN0IsUUFBUSxFQUFFLElBQUksbUJBQVEsQ0FBQyxJQUFJLEVBQUUsWUFBWSxFQUFFO2dCQUN6QyxTQUFTLEVBQUUsd0JBQWEsQ0FBQyxPQUFPO2dCQUNoQyxhQUFhLEVBQUUsMkJBQWEsQ0FBQywwQkFBMEI7YUFDeEQsQ0FBQztTQUNILENBQUMsQ0FBQztRQUVILElBQUksQ0FBQyxNQUFNLENBQUMsZUFBZSxDQUN6QixJQUFJLHlCQUFlLENBQUM7WUFDbEIsTUFBTSxFQUFFLGdCQUFNLENBQUMsS0FBSztZQUNwQixPQUFPLEVBQUUsQ0FBQywrQkFBK0IsQ0FBQztZQUMxQyxTQUFTLEVBQUUsQ0FBQyxHQUFHLENBQUM7U0FDakIsQ0FBQyxDQUNILENBQUM7UUFFRixJQUFJLENBQUMsTUFBTSxDQUFDLGVBQWUsQ0FDekIsSUFBSSx5QkFBZSxDQUFDO1lBQ2xCLE1BQU0sRUFBRSxnQkFBTSxDQUFDLEtBQUs7WUFDcEIsT0FBTyxFQUFFLENBQUMsMEJBQTBCLENBQUM7WUFDckMsU0FBUyxFQUFFLENBQUMsR0FBRyxDQUFDO1lBQ2hCLFVBQVUsRUFBRTtnQkFDVixZQUFZLEVBQUU7b0JBQ1osc0JBQXNCLEVBQUUscUVBQWlDLENBQUMsU0FBUztpQkFDcEU7YUFDRjtTQUNGLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVELE1BQU0sQ0FBQyxXQUFXLENBQUMsS0FBc0I7UUFDdkMsTUFBTSxHQUFHLEdBQUcsbUJBQUssQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzNDLElBQUksUUFBUSxHQUFHLDhCQUE4QixDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM3RCxJQUFJLENBQUMsUUFBUSxFQUFFO1lBQ2IsUUFBUSxHQUFHLElBQUksOEJBQThCLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDckQsOEJBQThCLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxHQUFHLFFBQVEsQ0FBQztTQUMxRDtRQUVELE9BQU8sUUFBUSxDQUFDO0lBQ2xCLENBQUM7SUFFRCxTQUFTLENBQUMsTUFBZTtRQUN2QiwrQ0FBK0M7UUFDL0MsTUFBTSxJQUFJLEdBQUcsSUFBSSxpQkFBSSxDQUFDLElBQUksRUFBRSxVQUFVLG1CQUFLLENBQUMsWUFBWSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsRUFBRSxFQUFFO1lBQ3ZFLFFBQVEsRUFBRSxxQkFBUSxDQUFDLElBQUksQ0FBQztnQkFDdEIsTUFBTSxFQUFFLEdBQUc7YUFDWixDQUFDO1NBQ0gsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFNBQVMsQ0FDWixJQUFJLG1DQUFjLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRTtZQUM5QixLQUFLLEVBQUUsNEJBQWUsQ0FBQyxVQUFVLENBQUM7Z0JBQ2hDLFFBQVEsRUFBRSxNQUFNLENBQUMsU0FBUzthQUMzQixDQUFDO1NBQ0gsQ0FBQyxDQUNILENBQUM7SUFDSixDQUFDOztBQTlFSCx3RUErRUM7OztBQTlFZ0Isd0NBQVMsR0FBbUQsRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgcGF0aCBmcm9tIFwicGF0aFwiO1xuXG5pbXBvcnQgeyBEdXJhdGlvbiwgTmFtZXMsIFJlbW92YWxQb2xpY3kgfSBmcm9tIFwiYXdzLWNkay1saWJcIjtcbmltcG9ydCB7IFJ1bGUsIFJ1bGVUYXJnZXRJbnB1dCwgU2NoZWR1bGUgfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50c1wiO1xuaW1wb3J0IHsgTGFtYmRhRnVuY3Rpb24gfSBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWV2ZW50cy10YXJnZXRzXCI7XG5pbXBvcnQgeyBFZmZlY3QsIFBvbGljeVN0YXRlbWVudCB9IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCI7XG5pbXBvcnQge1xuICBDb2RlLFxuICBkZXRlcm1pbmVMYXRlc3ROb2RlUnVudGltZSxcbiAgRnVuY3Rpb24sXG4gIElGdW5jdGlvbixcbn0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1sYW1iZGFcIjtcbmltcG9ydCB7IExvZ0dyb3VwLCBSZXRlbnRpb25EYXlzIH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1sb2dzXCI7XG5pbXBvcnQgeyBJU2VjcmV0IH0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1zZWNyZXRzbWFuYWdlclwiO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSBcImNvbnN0cnVjdHNcIjtcblxuaW1wb3J0IHsgU2VjcmV0c01hbmFnZXJTZWNyZXRNZXRyaWNGYWN0b3J5IH0gZnJvbSBcIi4vU2VjcmV0c01hbmFnZXJTZWNyZXRNZXRyaWNGYWN0b3J5XCI7XG5pbXBvcnQgeyBNb25pdG9yaW5nU2NvcGUgfSBmcm9tIFwiLi4vLi4vY29tbW9uXCI7XG5cbmV4cG9ydCBjbGFzcyBTZWNyZXRzTWFuYWdlck1ldHJpY3NQdWJsaXNoZXIgZXh0ZW5kcyBDb25zdHJ1Y3Qge1xuICBwcml2YXRlIHN0YXRpYyBpbnN0YW5jZXM6IFJlY29yZDxzdHJpbmcsIFNlY3JldHNNYW5hZ2VyTWV0cmljc1B1Ymxpc2hlcj4gPSB7fTtcbiAgcHVibGljIHJlYWRvbmx5IGxhbWJkYTogSUZ1bmN0aW9uO1xuXG4gIHByaXZhdGUgY29uc3RydWN0b3Ioc2NvcGU6IE1vbml0b3JpbmdTY29wZSkge1xuICAgIHN1cGVyKHNjb3BlLCBcIlNlY3JldHNNYW5hZ2VyTWV0cmljc1B1Ymxpc2hlclwiKTtcblxuICAgIHRoaXMubGFtYmRhID0gbmV3IEZ1bmN0aW9uKHRoaXMsIFwiTGFtYmRhXCIsIHtcbiAgICAgIGNvZGU6IENvZGUuZnJvbUFzc2V0KFxuICAgICAgICBwYXRoLmpvaW4oXG4gICAgICAgICAgX19kaXJuYW1lLFxuICAgICAgICAgIFwiLi5cIixcbiAgICAgICAgICBcIi4uXCIsXG4gICAgICAgICAgXCIuLlwiLFxuICAgICAgICAgIFwiYXNzZXRzXCIsXG4gICAgICAgICAgXCJTZWNyZXRzTWFuYWdlck1ldHJpY3NQdWJsaXNoZXJcIixcbiAgICAgICAgKSxcbiAgICAgICksXG4gICAgICBkZXNjcmlwdGlvbjpcbiAgICAgICAgXCJDdXN0b20gbWV0cmljcyBwdWJsaXNoZXIgZm9yIFNlY3JldHNNYW5hZ2VyIFNlY3JldHMgKGNkay1tb25pdG9yaW5nLWNvbnN0cnVjdHMpXCIsXG4gICAgICBoYW5kbGVyOiBcImluZGV4LmhhbmRsZXJcIixcbiAgICAgIG1lbW9yeVNpemU6IDEyOCxcbiAgICAgIHJ1bnRpbWU6IGRldGVybWluZUxhdGVzdE5vZGVSdW50aW1lKHRoaXMpLFxuICAgICAgdGltZW91dDogRHVyYXRpb24uc2Vjb25kcyg2MCksXG4gICAgICBsb2dHcm91cDogbmV3IExvZ0dyb3VwKHRoaXMsIFwiTGFtYmRhTG9nc1wiLCB7XG4gICAgICAgIHJldGVudGlvbjogUmV0ZW50aW9uRGF5cy5PTkVfREFZLFxuICAgICAgICByZW1vdmFsUG9saWN5OiBSZW1vdmFsUG9saWN5LlJFVEFJTl9PTl9VUERBVEVfT1JfREVMRVRFLFxuICAgICAgfSksXG4gICAgfSk7XG5cbiAgICB0aGlzLmxhbWJkYS5hZGRUb1JvbGVQb2xpY3koXG4gICAgICBuZXcgUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgZWZmZWN0OiBFZmZlY3QuQUxMT1csXG4gICAgICAgIGFjdGlvbnM6IFtcInNlY3JldHNtYW5hZ2VyOkRlc2NyaWJlU2VjcmV0XCJdLFxuICAgICAgICByZXNvdXJjZXM6IFtcIipcIl0sXG4gICAgICB9KSxcbiAgICApO1xuXG4gICAgdGhpcy5sYW1iZGEuYWRkVG9Sb2xlUG9saWN5KFxuICAgICAgbmV3IFBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIGVmZmVjdDogRWZmZWN0LkFMTE9XLFxuICAgICAgICBhY3Rpb25zOiBbXCJjbG91ZHdhdGNoOlB1dE1ldHJpY0RhdGFcIl0sXG4gICAgICAgIHJlc291cmNlczogW1wiKlwiXSxcbiAgICAgICAgY29uZGl0aW9uczoge1xuICAgICAgICAgIFN0cmluZ0VxdWFsczoge1xuICAgICAgICAgICAgXCJjbG91ZHdhdGNoOm5hbWVzcGFjZVwiOiBTZWNyZXRzTWFuYWdlclNlY3JldE1ldHJpY0ZhY3RvcnkuTmFtZXNwYWNlLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0sXG4gICAgICB9KSxcbiAgICApO1xuICB9XG5cbiAgc3RhdGljIGdldEluc3RhbmNlKHNjb3BlOiBNb25pdG9yaW5nU2NvcGUpIHtcbiAgICBjb25zdCBrZXkgPSBOYW1lcy5ub2RlVW5pcXVlSWQoc2NvcGUubm9kZSk7XG4gICAgbGV0IGluc3RhbmNlID0gU2VjcmV0c01hbmFnZXJNZXRyaWNzUHVibGlzaGVyLmluc3RhbmNlc1trZXldO1xuICAgIGlmICghaW5zdGFuY2UpIHtcbiAgICAgIGluc3RhbmNlID0gbmV3IFNlY3JldHNNYW5hZ2VyTWV0cmljc1B1Ymxpc2hlcihzY29wZSk7XG4gICAgICBTZWNyZXRzTWFuYWdlck1ldHJpY3NQdWJsaXNoZXIuaW5zdGFuY2VzW2tleV0gPSBpbnN0YW5jZTtcbiAgICB9XG5cbiAgICByZXR1cm4gaW5zdGFuY2U7XG4gIH1cblxuICBhZGRTZWNyZXQoc2VjcmV0OiBJU2VjcmV0KTogdm9pZCB7XG4gICAgLy8gcnVuIDEvaHIgc28gYWxhcm1zIGNhbiByZWNvdmVyIGF1dG9tYXRpY2FsbHlcbiAgICBjb25zdCBydWxlID0gbmV3IFJ1bGUodGhpcywgYFJ1bGVGb3Ike05hbWVzLm5vZGVVbmlxdWVJZChzZWNyZXQubm9kZSl9YCwge1xuICAgICAgc2NoZWR1bGU6IFNjaGVkdWxlLmNyb24oe1xuICAgICAgICBtaW51dGU6IFwiMFwiLFxuICAgICAgfSksXG4gICAgfSk7XG5cbiAgICBydWxlLmFkZFRhcmdldChcbiAgICAgIG5ldyBMYW1iZGFGdW5jdGlvbih0aGlzLmxhbWJkYSwge1xuICAgICAgICBldmVudDogUnVsZVRhcmdldElucHV0LmZyb21PYmplY3Qoe1xuICAgICAgICAgIHNlY3JldElkOiBzZWNyZXQuc2VjcmV0QXJuLFxuICAgICAgICB9KSxcbiAgICAgIH0pLFxuICAgICk7XG4gIH1cbn1cbiJdfQ==