UNPKG

raindancers-network

Version:

Extensions to the ec2.Vpc Constructs

github.com/raindancers/raindancers-network.raindancers-cdk

raindancers/raindancers-network.raindancers-cdk

53 lines 7.75 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.StatefulRuleDatabase = void 0; const path = require("path"); const aws_cdk_lib_1 = require("aws-cdk-lib"); const cdk = require("aws-cdk-lib"); const constructs = require("constructs"); class StatefulRuleDatabase extends constructs.Construct { constructor(scope, id) { super(scope, id); const policyTable = new aws_cdk_lib_1.aws_dynamodb.Table(this, 'PolicyTable', { partitionKey: { name: 'UUID', type: aws_cdk_lib_1.aws_dynamodb.AttributeType.STRING, }, sortKey: { name: 'Type', type: aws_cdk_lib_1.aws_dynamodb.AttributeType.STRING, }, billingMode: aws_cdk_lib_1.aws_dynamodb.BillingMode.PAY_PER_REQUEST, tableClass: aws_cdk_lib_1.aws_dynamodb.TableClass.STANDARD_INFREQUENT_ACCESS, removalPolicy: cdk.RemovalPolicy.DESTROY, pointInTimeRecovery: true, }); // this key should only be set for debugging purposes.. protecting the table is generally // something required by policy. if (!(this.node.tryGetContext('disableDynamobackup') == true)) { // backup the database just in case aws_cdk_lib_1.aws_backup.BackupPlan.dailyWeeklyMonthly5YearRetention(this, 'statefulruleDatabase').addSelection('Selection', { resources: [ aws_cdk_lib_1.aws_backup.BackupResource.fromDynamoDbTable(policyTable), ], }); } // create the lambda const onEvent = new aws_cdk_lib_1.aws_lambda.Function(this, 'putItems', { environment: { policyTableName: policyTable.tableName }, runtime: aws_cdk_lib_1.aws_lambda.Runtime.PYTHON_3_9, handler: 'putrules.on_event', code: aws_cdk_lib_1.aws_lambda.Code.fromAsset(path.join(__dirname, '../../lambda/firewall')), timeout: cdk.Duration.seconds(300), }); policyTable.grantFullAccess(onEvent); const databaseCRUDProvider = new aws_cdk_lib_1.custom_resources.Provider(this, 'CRUDProvider', { onEventHandler: onEvent, logRetention: aws_cdk_lib_1.aws_logs.RetentionDays.SEVEN_YEARS, }); this.policyTable = policyTable, this.crudServiceToken = databaseCRUDProvider.serviceToken; } } exports.StatefulRuleDatabase = StatefulRuleDatabase; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic3RhdGVmdWxkYXRhYmFzZS5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy9ud2ZpcmV3YWxsL3N0YXRlZnVsZGF0YWJhc2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQ0EsNkJBQTZCO0FBQzdCLDZDQU9xQjtBQUNyQixtQ0FBbUM7QUFDbkMseUNBQXlDO0FBR3pDLE1BQWEsb0JBQXFCLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFLNUQsWUFBWSxLQUEyQixFQUFFLEVBQVU7UUFDakQsS0FBSyxDQUFFLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQztRQUVsQixNQUFNLFdBQVcsR0FBRyxJQUFJLDBCQUFRLENBQUMsS0FBSyxDQUFDLElBQUksRUFBRSxhQUFhLEVBQUU7WUFDMUQsWUFBWSxFQUFFO2dCQUNaLElBQUksRUFBRSxNQUFNO2dCQUNaLElBQUksRUFBRSwwQkFBUSxDQUFDLGFBQWEsQ0FBQyxNQUFNO2FBQ3BDO1lBQ0QsT0FBTyxFQUFFO2dCQUNQLElBQUksRUFBRSxNQUFNO2dCQUNaLElBQUksRUFBRSwwQkFBUSxDQUFDLGFBQWEsQ0FBQyxNQUFNO2FBQ3BDO1lBQ0QsV0FBVyxFQUFFLDBCQUFRLENBQUMsV0FBVyxDQUFDLGVBQWU7WUFDakQsVUFBVSxFQUFFLDBCQUFRLENBQUMsVUFBVSxDQUFDLDBCQUEwQjtZQUMxRCxhQUFhLEVBQUUsR0FBRyxDQUFDLGFBQWEsQ0FBQyxPQUFPO1lBQ3hDLG1CQUFtQixFQUFFLElBQUk7U0FDM0IsQ0FBQyxDQUFDO1FBRUYseUZBQXlGO1FBQ3pGLGdDQUFnQztRQUNoQyxJQUFJLENBQUMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxxQkFBcUIsQ0FBQyxJQUFJLElBQUksQ0FBQyxFQUFFO1lBQzdELG1DQUFtQztZQUNuQyx3QkFBTSxDQUFDLFVBQVUsQ0FBQyxnQ0FBZ0MsQ0FBQyxJQUFJLEVBQUUsc0JBQXNCLENBQUMsQ0FBQyxZQUFZLENBQzNGLFdBQVcsRUFDWDtnQkFDRSxTQUFTLEVBQUU7b0JBQ1Qsd0JBQU0sQ0FBQyxjQUFjLENBQUMsaUJBQWlCLENBQUMsV0FBVyxDQUFDO2lCQUNyRDthQUNGLENBQ0YsQ0FBQztTQUNIO1FBRUQsb0JBQW9CO1FBQ3BCLE1BQU0sT0FBTyxHQUFHLElBQUksd0JBQVUsQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLFVBQVUsRUFBRTtZQUN4RCxXQUFXLEVBQUUsRUFBRSxlQUFlLEVBQUUsV0FBVyxDQUFDLFNBQVMsRUFBRTtZQUN2RCxPQUFPLEVBQUUsd0JBQVUsQ0FBQyxPQUFPLENBQUMsVUFBVTtZQUN0QyxPQUFPLEVBQUUsbUJBQW1CO1lBQzVCLElBQUksRUFBRSx3QkFBVSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLEVBQUUsdUJBQXVCLENBQUMsQ0FBQztZQUM5RSxPQUFPLEVBQUUsR0FBRyxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDO1NBQ25DLENBQUMsQ0FBQztRQUVILFdBQVcsQ0FBQyxlQUFlLENBQUMsT0FBTyxDQUFDLENBQUM7UUFFckMsTUFBTSxvQkFBb0IsR0FBRyxJQUFJLDhCQUFFLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxjQUFjLEVBQUU7WUFDakUsY0FBYyxFQUFFLE9BQU87WUFDdkIsWUFBWSxFQUFFLHNCQUFJLENBQUMsYUFBYSxDQUFDLFdBQVc7U0FDN0MsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLFdBQVcsR0FBRyxXQUFXO1lBQzlCLElBQUksQ0FBQyxnQkFBZ0IsR0FBRyxvQkFBb0IsQ0FBQyxZQUFZLENBQUM7SUFDNUQsQ0FBQztDQUNGO0FBeERELG9EQXdEQyIsInNvdXJjZXNDb250ZW50IjpbIlxuaW1wb3J0ICogYXMgcGF0aCBmcm9tICdwYXRoJztcbmltcG9ydCB7XG4gIGN1c3RvbV9yZXNvdXJjZXMgYXMgY3IsXG4gIGF3c19sYW1iZGEsXG4gIGF3c19keW5hbW9kYiBhcyBkeW5hbW9kYixcbiAgYXdzX2JhY2t1cCBhcyBiYWNrdXAsXG4gIGF3c19sb2dzIGFzIGxvZ3MsXG59XG4gIGZyb20gJ2F3cy1jZGstbGliJztcbmltcG9ydCAqIGFzIGNkayBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gJ2NvbnN0cnVjdHMnO1xuXG5cbmV4cG9ydCBjbGFzcyBTdGF0ZWZ1bFJ1bGVEYXRhYmFzZSBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcblxuICBwdWJsaWMgcmVhZG9ubHkgY3J1ZFNlcnZpY2VUb2tlbjogc3RyaW5nO1xuICBwdWJsaWMgcmVhZG9ubHkgcG9saWN5VGFibGU6IGR5bmFtb2RiLlRhYmxlO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCwgaWQ6IHN0cmluZykge1xuICAgIHN1cGVyKCBzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgcG9saWN5VGFibGUgPSBuZXcgZHluYW1vZGIuVGFibGUodGhpcywgJ1BvbGljeVRhYmxlJywge1xuICAgICAgcGFydGl0aW9uS2V5OiB7XG4gICAgICAgIG5hbWU6ICdVVUlEJyxcbiAgICAgICAgdHlwZTogZHluYW1vZGIuQXR0cmlidXRlVHlwZS5TVFJJTkcsXG4gICAgICB9LFxuICAgICAgc29ydEtleToge1xuICAgICAgICBuYW1lOiAnVHlwZScsXG4gICAgICAgIHR5cGU6IGR5bmFtb2RiLkF0dHJpYnV0ZVR5cGUuU1RSSU5HLFxuICAgICAgfSxcbiAgICAgIGJpbGxpbmdNb2RlOiBkeW5hbW9kYi5CaWxsaW5nTW9kZS5QQVlfUEVSX1JFUVVFU1QsXG4gICAgICB0YWJsZUNsYXNzOiBkeW5hbW9kYi5UYWJsZUNsYXNzLlNUQU5EQVJEX0lORlJFUVVFTlRfQUNDRVNTLFxuICAgICAgcmVtb3ZhbFBvbGljeTogY2RrLlJlbW92YWxQb2xpY3kuREVTVFJPWSxcbiAgICAgIHBvaW50SW5UaW1lUmVjb3Zlcnk6IHRydWUsXG4gIFx0fSk7XG5cbiAgICAvLyB0aGlzIGtleSBzaG91bGQgb25seSBiZSBzZXQgZm9yIGRlYnVnZ2luZyBwdXJwb3Nlcy4uIHByb3RlY3RpbmcgdGhlIHRhYmxlIGlzIGdlbmVyYWxseVxuICAgIC8vIHNvbWV0aGluZyByZXF1aXJlZCBieSBwb2xpY3kuXG4gICAgaWYgKCEodGhpcy5ub2RlLnRyeUdldENvbnRleHQoJ2Rpc2FibGVEeW5hbW9iYWNrdXAnKSA9PSB0cnVlKSkge1xuICAgICAgLy8gYmFja3VwIHRoZSBkYXRhYmFzZSBqdXN0IGluIGNhc2VcbiAgICAgIGJhY2t1cC5CYWNrdXBQbGFuLmRhaWx5V2Vla2x5TW9udGhseTVZZWFyUmV0ZW50aW9uKHRoaXMsICdzdGF0ZWZ1bHJ1bGVEYXRhYmFzZScpLmFkZFNlbGVjdGlvbihcbiAgICAgICAgJ1NlbGVjdGlvbicsXG4gICAgICAgIHtcbiAgICAgICAgICByZXNvdXJjZXM6IFtcbiAgICAgICAgICAgIGJhY2t1cC5CYWNrdXBSZXNvdXJjZS5mcm9tRHluYW1vRGJUYWJsZShwb2xpY3lUYWJsZSksXG4gICAgICAgICAgXSxcbiAgICAgICAgfSxcbiAgICAgICk7XG4gICAgfVxuXG4gICAgLy8gY3JlYXRlIHRoZSBsYW1iZGFcbiAgICBjb25zdCBvbkV2ZW50ID0gbmV3IGF3c19sYW1iZGEuRnVuY3Rpb24odGhpcywgJ3B1dEl0ZW1zJywge1xuICAgICAgZW52aXJvbm1lbnQ6IHsgcG9saWN5VGFibGVOYW1lOiBwb2xpY3lUYWJsZS50YWJsZU5hbWUgfSxcbiAgICAgIHJ1bnRpbWU6IGF3c19sYW1iZGEuUnVudGltZS5QWVRIT05fM185LFxuICAgICAgaGFuZGxlcjogJ3B1dHJ1bGVzLm9uX2V2ZW50JyxcbiAgICAgIGNvZGU6IGF3c19sYW1iZGEuQ29kZS5mcm9tQXNzZXQocGF0aC5qb2luKF9fZGlybmFtZSwgJy4uLy4uL2xhbWJkYS9maXJld2FsbCcpKSxcbiAgICAgIHRpbWVvdXQ6IGNkay5EdXJhdGlvbi5zZWNvbmRzKDMwMCksXG4gICAgfSk7XG5cbiAgICBwb2xpY3lUYWJsZS5ncmFudEZ1bGxBY2Nlc3Mob25FdmVudCk7XG5cbiAgICBjb25zdCBkYXRhYmFzZUNSVURQcm92aWRlciA9IG5ldyBjci5Qcm92aWRlcih0aGlzLCAnQ1JVRFByb3ZpZGVyJywge1xuICAgICAgb25FdmVudEhhbmRsZXI6IG9uRXZlbnQsXG4gICAgICBsb2dSZXRlbnRpb246IGxvZ3MuUmV0ZW50aW9uRGF5cy5TRVZFTl9ZRUFSUyxcbiAgICB9KTtcblxuICAgIHRoaXMucG9saWN5VGFibGUgPSBwb2xpY3lUYWJsZSxcbiAgICB0aGlzLmNydWRTZXJ2aWNlVG9rZW4gPSBkYXRhYmFzZUNSVURQcm92aWRlci5zZXJ2aWNlVG9rZW47XG4gIH1cbn1cbiJdfQ==