Enable developer isolated stacks

- Add IsolatedStackPrefix parameter to SAM template - Conditionally deploy pipeline based resources - Ensure named resources include the IsolatedStackPrefix - Add Environment Variable to Lambda functions for DynamoDB - Add DynmoDB helper to create a context with the correct prefix
scottjbaldwin · Jul 9, 2022 · 3f32a60 · 3f32a60
1 parent 55ebf6c
commit 3f32a60
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 14 deletions.
diff --git a/CovidAPI/src/CovidAPI/Controllers/LocationsController.cs b/CovidAPI/src/CovidAPI/Controllers/LocationsController.cs
@@ -24,7 +24,7 @@ public LocationsController(IAmazonDynamoDB dynamoDBClient)
         [HttpGet]
         public async Task<IEnumerable<Location>> Get()
         {
-            using (var context = new DynamoDBContext(_dynamoDBClient))
+            using (var context = _dynamoDBClient.CreateDynamoDBContext())
             {
                 return await context.QueryAsync<Location>(Location.LocationPartitionKeyValue).GetRemainingAsync(); 
             }
@@ -34,7 +34,7 @@ public async Task<IEnumerable<Location>> Get()
         [HttpGet("{id}")]
         public async Task<Location> Get(Guid id)
         {
-            using (var context = new DynamoDBContext(_dynamoDBClient))
+            using (var context = _dynamoDBClient.CreateDynamoDBContext())
             {
                 var location = await context.QueryAsync<Location>(Location.LocationPartitionKeyValue, 
                     QueryOperator.Equal, 
@@ -48,7 +48,7 @@ public async Task<Location> Get(Guid id)
         [HttpPost]
         public async Task Post([FromBody]LocationPost locationPost)
         {
-            using (var context = new DynamoDBContext(_dynamoDBClient))
+            using (var context = _dynamoDBClient.CreateDynamoDBContext())
             {
                 var location = new Location
                 {
@@ -65,7 +65,7 @@ public async Task Post([FromBody]LocationPost locationPost)
         [HttpDelete("{id}")]
         public void Delete(Guid id)
         {
-            using (var context = new DynamoDBContext(_dynamoDBClient))
+            using (var context = _dynamoDBClient.CreateDynamoDBContext())
             {
                 var location = new Location
                 {

diff --git a/CovidAPI/src/CovidAPI/Controllers/RegistrationsController.cs b/CovidAPI/src/CovidAPI/Controllers/RegistrationsController.cs
@@ -24,7 +24,7 @@ public RegistrationsController(IAmazonDynamoDB dynamoDBClient)
         [HttpPost]
         public async Task<IActionResult> Post([FromBody]RegistrationPost registrationPost)
         {
-            using(var context = new DynamoDBContext(_dynamoDBClient))
+            using(var context = _dynamoDBClient.CreateDynamoDBContext())
             {
                 Console.WriteLine($"Looking up location Id {registrationPost.LocationId}");
                 var location = await context.QueryAsync<Location>(Location.LocationPartitionKeyValue, 
@@ -68,7 +68,7 @@ public async Task<ActionResult<IEnumerable<Registration>>> GetByDateAndLocation(
                 useLocationId = true;
             }
 
-            using (var context = new DynamoDBContext(_dynamoDBClient))
+            using (var context = _dynamoDBClient.CreateDynamoDBContext())
             {
                 Console.WriteLine($"Looking up registrations for date {registrationDate}");
 

diff --git a/CovidAPI/src/CovidAPI/DyanoDBHelper.cs b/CovidAPI/src/CovidAPI/DyanoDBHelper.cs
@@ -0,0 +1,22 @@
+using Amazon.DynamoDBv2;
+using Amazon.DynamoDBv2.DataModel;
+using Amazon.DynamoDBv2.Model;
+using System;
+
+namespace CovidAPI
+{
+    public static class DynamoDBHelper
+    {
+        public static DynamoDBContext CreateDynamoDBContext(this IAmazonDynamoDB client)
+        {
+            var prefix = Environment.GetEnvironmentVariable("TablePrefix");
+            var config = new DynamoDBContextConfig();
+            if (!string.IsNullOrEmpty(prefix))
+            {
+                config.TableNamePrefix = prefix;
+            }
+
+            return new DynamoDBContext(client, config);
+        }
+    }
+}
diff --git a/CovidAPI/src/CovidAPI/covidapi.yml b/CovidAPI/src/CovidAPI/covidapi.yml
@@ -6,8 +6,14 @@ Parameters:
     Type: String
     Default: Dev
     Description: The environment the application is being deployed into
+  IsolatedStackPrefix:
+    Type: String
+    Default: ''
 Conditions: 
   IsProd: !Equals ["Prod", !Ref "Environment"]
+  PipelineStack: !Equals
+    - !Ref IsolatedStackPrefix
+    - ''
 Resources:
   AspNetCoreFunctionRole:
     Type: AWS::IAM::Role
@@ -23,6 +29,7 @@ Resources:
 
   LifecycleEventHookRole:
     Type: AWS::IAM::Role
+    Condition: PipelineStack
     Properties:
       AssumeRolePolicyDocument: 
         Version: "2012-10-17"
@@ -36,10 +43,13 @@ Resources:
   FunctionCloudWatchPolicy:
     Type: AWS::IAM::Policy
     Properties:
-      PolicyName: CovidAPIFunctionCloudWatchPolicy
+      PolicyName: !Sub ${IsolatedStackPrefix}CovidAPIFunctionCloudWatchPolicy
       Roles:
         - !Ref AspNetCoreFunctionRole
-        - !Ref LifecycleEventHookRole
+        - !If 
+          - PipelineStack 
+          - !Ref LifecycleEventHookRole
+          - !Ref AWS::NoValue
       PolicyDocument:
         Version: '2012-10-17'
         Statement:
@@ -54,7 +64,7 @@ Resources:
   ApiDynamoDBPolicy:
     Type: AWS::IAM::Policy
     Properties:
-      PolicyName: CovidAPIDynamoDBPolicy
+      PolicyName: !Sub ${IsolatedStackPrefix}CovidAPIDynamoDBPolicy
       Roles:
         - !Ref AspNetCoreFunctionRole
       PolicyDocument:
@@ -85,8 +95,11 @@ Resources:
     Properties:
       Roles:
         - !Ref AspNetCoreFunctionRole
-        - !Ref LifecycleEventHookRole
-      PolicyName: CovidAPIFunctionXRayPolicy
+        - !If 
+          - PipelineStack 
+          - !Ref LifecycleEventHookRole
+          - !Ref AWS::NoValue
+      PolicyName: !Sub ${IsolatedStackPrefix}CovidAPIFunctionXRayPolicy
       PolicyDocument:
         Version: "2012-10-17"
         Statement:
@@ -98,6 +111,7 @@ Resources:
 
   LifecycleFunctionCodeDeployPolicy:
     Type: AWS::IAM::Policy
+    Condition: PipelineStack
     Properties:
       Roles: 
         - !Ref LifecycleEventHookRole
@@ -112,6 +126,7 @@ Resources:
 
   PreTrafficLifecycleFunction:
     Type: AWS::Serverless::Function
+    Condition: PipelineStack
     Properties:
       FunctionName: CodeDeployHook_CovidSafeAPI_PreTrafficHook
       Handler: LifecycleHooks::LifecycleHooks.Function::PreTrafficHook
@@ -130,6 +145,7 @@ Resources:
 
   PostTrafficLifecycleFunction:
     Type: AWS::Serverless::Function
+    Condition: PipelineStack
     Properties:
       FunctionName: CodeDeployHook_CovidSafeAPI_PostTrafficHook
       Handler: LifecycleHooks::LifecycleHooks.Function::PostTrafficHook
@@ -171,6 +187,7 @@ Resources:
       Environment:
         Variables:
           env: !Ref Environment
+          TablePrefix: !Ref IsolatedStackPrefix
       Timeout: 30
       Tracing: Active
       AutoPublishAlias: live
@@ -180,8 +197,14 @@ Resources:
           # A list of alarms that you want to monitor
           - !Ref ApiErrorMetricGreaterThanZeroAlarm
         Hooks:
-          PreTraffic: !Ref PreTrafficLifecycleFunction
-          PostTraffic: !Ref PostTrafficLifecycleFunction
+          PreTraffic: !If 
+            - PipelineStack
+            - !Ref PreTrafficLifecycleFunction
+            - !Ref AWS::NoValue
+          PostTraffic: !If 
+            - PipelineStack
+            - !Ref PostTrafficLifecycleFunction
+            - !Ref AWS::NoValue
       Role: 
         !GetAtt 
           - AspNetCoreFunctionRole
@@ -215,7 +238,7 @@ Resources:
         - AttributeName: sk
           KeyType: RANGE
       BillingMode: PAY_PER_REQUEST
-      TableName: CovidAPI
+      TableName: !Sub ${IsolatedStackPrefix}CovidAPI
 Outputs:
   ApiURL:
     Description: API endpoint URL for Prod environment