-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support custom SSL certs in SQL lambda handler #2631
Conversation
@@ -364,7 +364,7 @@ export class SQLLambdaModelDataSourceStrategyFactory { | |||
export type SqlModelDataSourceDbConnectionConfig = SqlModelDataSourceSecretsManagerDbConnectionConfig | SqlModelDataSourceSsmDbConnectionConfig | SqlModelDataSourceSsmDbConnectionStringConfig; | |||
|
|||
// @public | |||
export interface SqlModelDataSourceSecretsManagerDbConnectionConfig { | |||
export interface SqlModelDataSourceSecretsManagerDbConnectionConfig extends SslCertSsmPathAwareConfig { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not ideal. When using secrets manager for credentials, I think we shouldn't use (mix) SSM for SSL certificate alone.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can
(1) for now, support ssl certificate only when using SSM config (which is enough to support Gen2 DX).
(2) later, we will support secret manager for SSL certificate.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Discussed offline. Will remove from Secrets Manager Will rework the type interface to apply it to the . Requirement is that we preserve future API extensibility, at the cost of additional structure at the declaration. Upcoming commit will accomplish this, and I'll summarize the change in this PR description for API BR & PM approval.SqlModelDataSourceDbConnectionConfig
215fc4c
to
57d26ad
Compare
- test: add initial rds-lambda tests - test: add e2e tests - test: add partial Aspects support for beta lambda layer
57d26ad
to
7c837a6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
API BR approved.
(I did not review the implementation)
9b8f6fe
Reviewed offline with @swaminator and @atierian, both approved API changes. |
Description of changes
Adds support for custom SSL certs in SQL data sources. Changes:
sslCertConfig
attribute to the SQL data source configsNew CDK parameters & API
cc: @atierian, @swaminator
AmplifyGraphqlApi and AmplifyData constructs add a new
sslCertConfig
parameter to the SQL db configs. New config API:Type declarations
Call site
Note that we should be able to provide a more streamlined interface in the data schema builder; the additional structure in the CDK construct is required to allow disjoint-union-type behavior in a JSII-compatible interface.
Description of how you validated changes
Checklist
yarn test
passesBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.