feat(stepfunctions-tasks): add EKS call to SFN-tasks (#12779)

Taking over the ownership of original PR #11738 feat(stepfunctions-tasks): support for EKS Call Implementation Update package @aws-cdk/aws-stepfunctions-tasks to include support for EKS Call API as per documentation here: https://docs.aws.amazon.com/step-functions/latest/dg/connect-eks.html Includes support for the following Amazon EKS API calls: eks:call ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Feb 22, 2021 · 296a10d · 296a10d
1 parent 45cf387
commit 296a10d
Show file tree

Hide file tree

Showing 7 changed files with 2,039 additions and 0 deletions.
diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/README.md b/packages/@aws-cdk/aws-stepfunctions-tasks/README.md
@@ -54,6 +54,8 @@ This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aw
   - [Cancel Step](#cancel-step)
   - [Modify Instance Fleet](#modify-instance-fleet)
   - [Modify Instance Group](#modify-instance-group)
+- [EKS](#eks)
+  - [Call](#call)
 - [Glue](#glue)
 - [Glue DataBrew](#glue-databrew)
 - [Lambda](#lambda)
@@ -664,6 +666,37 @@ new tasks.EmrModifyInstanceGroupByName(stack, 'Task', {
 });
 ```
 
+## EKS
+
+Step Functions supports Amazon EKS through the service integration pattern.
+The service integration APIs correspond to Amazon EKS APIs.
+
+[Read more](https://docs.aws.amazon.com/step-functions/latest/dg/connect-eks.html) about the differences when using these service integrations.
+
+### Call
+
+Read and write Kubernetes resource objects via a Kubernetes API endpoint.
+Corresponds to the [`call`](https://docs.aws.amazon.com/step-functions/latest/dg/connect-eks.html) API in Step Functions Connector.
+
+The following code snippet includes a Task state that uses eks:call to list the pods.
+
+```ts
+import * as eks from '@aws-cdk/aws-eks';
+import * as sfn from '@aws-cdk/aws-stepfunctions';
+import * as tasks from '@aws-cdk/aws-stepfunctions-tasks';
+
+const myEksCluster = new eks.Cluster(this, 'my sample cluster', {
+   version: eks.KubernetesVersion.V1_18,
+   clusterName: 'myEksCluster',
+ });
+
+new tasks.EksCall(stack, 'Call a EKS Endpoint', {
+  cluster: myEksCluster,
+  httpMethod: MethodType.GET,
+  httpPath: '/api/v1/namespaces/default/pods',
+});
+```
+
 ## Glue
 
 Step Functions supports [AWS Glue](https://docs.aws.amazon.com/step-functions/latest/dg/connect-glue.html) through the service integration pattern.

diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/eks/call.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/eks/call.ts
@@ -0,0 +1,137 @@
+import * as eks from '@aws-cdk/aws-eks';
+import * as iam from '@aws-cdk/aws-iam';
+import * as sfn from '@aws-cdk/aws-stepfunctions';
+import { Construct } from 'constructs';
+import { integrationResourceArn, validatePatternSupported } from '../private/task-utils';
+
+/**
+ * Properties for calling a EKS endpoint with EksCall
+ * @experimental
+ */
+export interface EksCallProps extends sfn.TaskStateBaseProps {
+
+  /**
+   * The EKS cluster
+   */
+  readonly cluster: eks.ICluster;
+
+  /**
+   * HTTP method ("GET", "POST", "PUT", ...) part of HTTP request
+   */
+  readonly httpMethod: HttpMethods;
+
+  /**
+   * HTTP path of the Kubernetes REST API operation
+   * For example: /api/v1/namespaces/default/pods
+   */
+  readonly httpPath: string;
+
+  /**
+   * Query Parameters part of HTTP request
+   * @default - no query parameters
+   */
+  readonly queryParameters?: { [key: string]: string[] };
+
+  /**
+   * Request body part of HTTP request
+   * @default - No request body
+   */
+  readonly requestBody?: sfn.TaskInput;
+}
+
+/**
+ * Call a EKS endpoint as a Task
+ *
+ * @see https://docs.aws.amazon.com/step-functions/latest/dg/connect-eks.html
+ * @experimental
+ */
+export class EksCall extends sfn.TaskStateBase {
+
+  private static readonly SUPPORTED_INTEGRATION_PATTERNS: sfn.IntegrationPattern[] = [
+    sfn.IntegrationPattern.REQUEST_RESPONSE,
+  ];
+
+  /** No policies are required due to eks:call is an Http service integration and does not call and EKS API directly
+   * @see https://docs.aws.amazon.com/step-functions/latest/dg/connect-eks.html#connect-eks-permissions
+   */
+  protected readonly taskMetrics?: sfn.TaskMetricsConfig;
+  protected readonly taskPolicies?: iam.PolicyStatement[];
+
+  private readonly integrationPattern: sfn.IntegrationPattern;
+
+  private readonly clusterEndpoint: string;
+  private readonly clusterCertificateAuthorityData: string;
+
+  constructor(scope: Construct, id: string, private readonly props: EksCallProps) {
+    super(scope, id, props);
+    this.integrationPattern = props.integrationPattern ?? sfn.IntegrationPattern.REQUEST_RESPONSE;
+
+    validatePatternSupported(this.integrationPattern, EksCall.SUPPORTED_INTEGRATION_PATTERNS);
+
+    try {
+      this.clusterEndpoint = this.props.cluster.clusterEndpoint;
+    } catch (e) {
+      throw new Error('The "clusterEndpoint" property must be specified when using an imported Cluster.');
+    }
+
+    try {
+      this.clusterCertificateAuthorityData = this.props.cluster.clusterCertificateAuthorityData;
+    } catch (e) {
+      throw new Error('The "clusterCertificateAuthorityData" property must be specified when using an imported Cluster.');
+    }
+  }
+
+  /**
+   * Provides the EKS Call service integration task configuration
+   * @internal
+   */
+  protected _renderTask(): any {
+    return {
+      Resource: integrationResourceArn('eks', 'call', this.integrationPattern),
+      Parameters: sfn.FieldUtils.renderObject({
+        ClusterName: this.props.cluster.clusterName,
+        CertificateAuthority: this.clusterCertificateAuthorityData,
+        Endpoint: this.clusterEndpoint,
+        Method: this.props.httpMethod,
+        Path: this.props.httpPath,
+        QueryParameters: this.props.queryParameters,
+        RequestBody: this.props.requestBody?.value,
+      }),
+    };
+  }
+}
+
+/**
+ * Method type of a EKS call
+ */
+export enum HttpMethods {
+  /**
+   * Retrieve data from a server at the specified resource
+   */
+  GET = 'GET',
+
+  /**
+   * Send data to the API endpoint to create or update a resource
+   */
+  POST = 'POST',
+
+  /**
+   * Send data to the API endpoint to update or create a resource
+   */
+  PUT = 'PUT',
+
+  /**
+   * Delete the resource at the specified endpoint
+   */
+  DELETE = 'DELETE',
+
+  /**
+   * Apply partial modifications to the resource
+   */
+  PATCH = 'PATCH',
+
+  /**
+   * Retrieve data from a server at the specified resource without the response body
+   */
+  HEAD = 'HEAD'
+}
diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/lib/index.ts b/packages/@aws-cdk/aws-stepfunctions-tasks/lib/index.ts
@@ -44,3 +44,4 @@ export * from './athena/stop-query-execution';
 export * from './athena/get-query-execution';
 export * from './athena/get-query-results';
 export * from './databrew/start-job-run';
+export * from './eks/call';
diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json
@@ -81,6 +81,7 @@
     "@aws-cdk/aws-ecr": "0.0.0",
     "@aws-cdk/aws-ecr-assets": "0.0.0",
     "@aws-cdk/aws-ecs": "0.0.0",
+    "@aws-cdk/aws-eks": "0.0.0",
     "@aws-cdk/aws-glue": "0.0.0",
     "@aws-cdk/aws-iam": "0.0.0",
     "@aws-cdk/aws-kms": "0.0.0",
@@ -103,6 +104,7 @@
     "@aws-cdk/aws-ecr": "0.0.0",
     "@aws-cdk/aws-ecr-assets": "0.0.0",
     "@aws-cdk/aws-ecs": "0.0.0",
+    "@aws-cdk/aws-eks": "0.0.0",
     "@aws-cdk/aws-glue": "0.0.0",
     "@aws-cdk/aws-iam": "0.0.0",
     "@aws-cdk/aws-kms": "0.0.0",