-
Notifications
You must be signed in to change notification settings - Fork 21
/
core-appplane-stack.ts
150 lines (133 loc) · 5.07 KB
/
core-appplane-stack.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
import { Stack, type StackProps, CfnOutput } from 'aws-cdk-lib';
import { type Construct } from 'constructs';
import { type ApiKeySSMParameterNames } from '../interfaces/api-key-ssm-parameter-names';
import { TenantApiKey } from './tenant-api-key';
import { Table, AttributeType } from 'aws-cdk-lib/aws-dynamodb';
import { PolicyDocument } from 'aws-cdk-lib/aws-iam';
import { EventBus } from 'aws-cdk-lib/aws-events';
import { UserInterface } from './user-interface';
import { CoreAppPlaneNag } from '../cdknag/core-app-plane-nag';
import * as fs from 'fs';
import * as core_app_plane from '@cdklabs/sbt-aws';
import { type CoreApplicationPlaneJobRunnerProps, DetailType, EventManager } from '@cdklabs/sbt-aws';
interface CoreAppPlaneStackProps extends StackProps {
ApiKeySSMParameterNames: ApiKeySSMParameterNames
apiKeyPlatinumTierParameter: string
apiKeyPremiumTierParameter: string
apiKeyAdvancedTierParameter: string
apiKeyBasicTierParameter: string
eventBusArn: string
systemAdminEmail: string
regApiGatewayUrl: string
}
export class CoreAppPlaneStack extends Stack {
public readonly userInterface: UserInterface;
public readonly tenantMappingTable: Table;
constructor (scope: Construct, id: string, props: CoreAppPlaneStackProps) {
super(scope, id, props);
const systemAdminEmail = props.systemAdminEmail;
this.tenantMappingTable = new Table(this, 'TenantMappingTable', {
partitionKey: { name: 'tenantId', type: AttributeType.STRING }
});
const provisioningJobRunnerProps: CoreApplicationPlaneJobRunnerProps = {
name: 'provisioning',
permissions: PolicyDocument.fromJson(
JSON.parse(`
{
"Version":"2012-10-17",
"Statement":[
{
"Action":[
"*"
],
"Resource":"*",
"Effect":"Allow"
}
]
}
`)
),
script: fs.readFileSync('../scripts/provision-tenant.sh', 'utf8'),
outgoingEvent: DetailType.PROVISION_SUCCESS,
incomingEvent: DetailType.ONBOARDING_REQUEST,
postScript: '',
environmentStringVariablesFromIncomingEvent: [
'tenantId',
'tier',
'tenantName',
'email',
'tenantStatus'
],
environmentVariablesToOutgoingEvent: ['tenantConfig', 'tenantStatus'],
scriptEnvironmentVariables: {
// CDK_PARAM_SYSTEM_ADMIN_EMAIL is required - as part of deploying the bootstrap-template
// the control plane is also deployed. To ensure the operation does not error out, this value
// is provided as an env parameter.
CDK_PARAM_SYSTEM_ADMIN_EMAIL: systemAdminEmail
}
};
const deprovisioningJobRunnerProps: CoreApplicationPlaneJobRunnerProps = {
name: 'deprovisioning',
permissions: PolicyDocument.fromJson(
JSON.parse(`
{
"Version":"2012-10-17",
"Statement":[
{
"Action":[
"*"
],
"Resource":"*",
"Effect":"Allow"
}
]
}
`)
),
script: fs.readFileSync('../scripts/deprovision-tenant.sh', 'utf8'),
environmentStringVariablesFromIncomingEvent: ['tenantId', 'tier'],
environmentVariablesToOutgoingEvent: ['tenantStatus'],
outgoingEvent: DetailType.DEPROVISION_SUCCESS,
incomingEvent: DetailType.OFFBOARDING_REQUEST,
scriptEnvironmentVariables: {
TENANT_STACK_MAPPING_TABLE: this.tenantMappingTable.tableName,
CDK_PARAM_SYSTEM_ADMIN_EMAIL: systemAdminEmail
}
};
const eventBus = EventBus.fromEventBusArn(this, 'EventBus', props.eventBusArn);
const eventManager = new EventManager(this, 'EventManager', {
eventBus: eventBus,
});
new core_app_plane.CoreApplicationPlane(this, 'coreappplane-sbt', {
eventManager: eventManager,
jobRunnerPropsList: [provisioningJobRunnerProps, deprovisioningJobRunnerProps]
});
new TenantApiKey(this, 'BasicTierApiKey', {
apiKeyValue: props.apiKeyBasicTierParameter,
ssmParameterApiKeyIdName: props.ApiKeySSMParameterNames.basic.keyId,
ssmParameterApiValueName: props.ApiKeySSMParameterNames.basic.value
});
new TenantApiKey(this, 'AdvancedTierApiKey', {
apiKeyValue: props.apiKeyAdvancedTierParameter,
ssmParameterApiKeyIdName: props.ApiKeySSMParameterNames.advanced.keyId,
ssmParameterApiValueName: props.ApiKeySSMParameterNames.advanced.value
});
new TenantApiKey(this, 'PremiumTierApiKey', {
apiKeyValue: props.apiKeyPremiumTierParameter,
ssmParameterApiKeyIdName: props.ApiKeySSMParameterNames.premium.keyId,
ssmParameterApiValueName: props.ApiKeySSMParameterNames.premium.value
});
new TenantApiKey(this, 'PlatinumTierApiKey', {
apiKeyValue: props.apiKeyPlatinumTierParameter,
ssmParameterApiKeyIdName: props.ApiKeySSMParameterNames.platinum.keyId,
ssmParameterApiValueName: props.ApiKeySSMParameterNames.platinum.value
});
this.userInterface = new UserInterface(this, 'saas-application-ui', {
regApiGatewayUrl: props.regApiGatewayUrl
});
new CfnOutput(this, 'appSiteUrl', {
value: this.userInterface.appSiteUrl
});
new CoreAppPlaneNag(this, 'CoreAppPlaneNag');
}
}