Git Product home page Git Product logo

neulabscom / neulabs-cdk-constructs Goto Github PK

View Code? Open in Web Editor NEW
2.0 4.0 1.0 1.99 MB

The neulabs-cdk-constructs library contains CDK-based constructs and stacks to allow the creation of cloud infrastructure on AWS.

Home Page: https://constructs.dev/packages/neulabs-cdk-constructs

License: Apache License 2.0

JavaScript 3.48% TypeScript 96.28% Shell 0.24%
aws cdk cdk-constructs cloudformation jsii newrelic projen typescript infrastructure-as-code

neulabs-cdk-constructs's Introduction

id title
index
Getting Started

Neulabs CDK Constructs

NPM PyPI PyPI License

The neulabs-cdk-constructs library contains CDK-based constructs and stacks to allow the creation of cloud infrastructure on AWS.

The purpose of the library is to expose modules that can facilitate the creation and maintenance of the infrastructure as code.

Inside you will find generic stacks that allow the creation of services by simply instantiating a class, or constructs that implement logic to facilitate the developer and many other aspects.

We decided to develop it in Typescript, using projen for repository management, and the JSII library to be able to compile the neulabs-cdk-constructs package into multiple languages.

Usage

Package Installation (npm)

yarn add neulabs-cdk-constructs
# or
npm install neulabs-cdk-constructs

Package Installation (python)

pip install neulabs-cdk-constructs

Construct APIs

View on Construct Hub

Examples

Lambda Function with New Relic

import {aws_lambda as neulabs_lambda} from 'neulabs-cdk-constructs';


    // Create the lambda function
    this.lambdaFn = new neulabs_lambda.NewRelicFunction(this, functionName, {
      stage: props.stage,
      functionName: functionName,
      runtime: Runtime.PYTHON_3_9,
      handler: 'app.handler',
      code: Code.fromAsset(path.join(__dirname, handler), {}),
      layers: [baseLayer, ...(layers || [])],
      environment: props.environment,
      memorySize: props.memorySize || 128,
      timeout: props.timeout || Duration.seconds(30),
      architecture: lambda.Architecture.X86_64,
      newRelicAccountId: '3540246',
      newRelicLayerName: 'NewRelicPython39',
      newRelicLayerVersion: 49,
      newRelicwithExtensionSendLogs: true,
      disableNewRelic: props.stage === 'production' ? false : true,
    });

    this.lambdaFn.addPowerToolsLayer(
      app,
      neulabs_lambda.LambdaPowerToolsLayerName.TYPESCRIPT,
      neulabs_lambda.LambdaPowerToolsLayerAccountId.TYPESCRIPT,
      20,
      props.stage === 'production' ? false : true,
      props.stage === 'production' ? 'WARGNING' : 'DEBUG'
    );

Create Github OIDC

AWS (Amazon Web Services) supports the use of OpenID Connect (OIDC) for identity federation. OIDC allows you to use an identity provider (such as GitHub) to authenticate users and grant them temporary security credentials to access AWS resources. Here's a brief overview of using GitHub as an identity provider with AWS OIDC:

  • Identity Provider (GitHub): GitHub acts as the identity provider in this setup. Users authenticate with GitHub, and GitHub issues identity tokens following the OIDC standard.
  • AWS IAM Role: In AWS, you create an IAM (Identity and Access Management) role that specifies the permissions users should have when authenticated. This role trusts the GitHub OIDC provider.
  • GithubOIDCStack a neulabs construct: create a new stack with three roles:
    • github-oidc-workflow-role user used for authentication
    • cdk-oidc-deploy-role role used for cdk deploying
    • cdk-oidc-bootsrap-role role used for cdk bootstrap
  1. Create GithubOIDCStack
environment = process.env.ENVIRONMENT! || 'staging';

new GithubOIDCStack(app, 'OidcStack', {
  env: {
    account: process.env.CDK_DEFAULT_ACCOUNT,
    region: process.env.CDK_DEFAULT_REGION,
  },
  stage: environment,
  githubUser: 'username',
  githubRepository: 'repositoryName', # You can also use '*'
  tokenAction: TokenActions.ALL,
  cdkDeployRoleAwsManagedPolicies: ['AdministratorAccess'],
});
  1. Use oidc role to authenticate the Github workflow
...

permissions:
  id-token: write
  contents: read

jobs:
  ...
  deploy:
    name: OIDC Auth
    runs-on: ubuntu-20.04
    steps:
      - name: Configure aws credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          role-to-assume: arn:aws:iam::{ACCOUNT ID}:role/github-oidc-workflow-role
          aws-region: {REGION}
          mask-aws-account-id: no
  ...

Create NewRelic Connection

The NewRelicStack implements the infrastructure to send metrics and logs to Newrelic through Kinesis and Cloudwatch Stream. Once deployed you can copy the ARN of the 'NewRelicInfrastructure-Integrations' role and use it to configure Newrelic.

  new NewRelicStack(app, 'NewrelicStack', {
    env: constants.env,
    stage: constants.environment,
    newRelicBucketName: `newrelic-${constants.awsAccountId}-${constants.environment}`,
    newRelicAccountId: newRelicAccountId,
    newRelicLicenseKey: newRelicLicenseKey,
    newRelicApiUrlMetrics: EndpointUrlMetrics.EU_METRICS,
    newRelicApiUrlLogs: EndpointUrlLogs.EU_LOGS,
  });

Dev mode

Requirements

  • Node >= v20.12.0
  • Yarn >= 1.22

Setup env

yarn install

npx projen default

chmod +x .husky/pre-commit

cd docs yarn install

Contributors

Rules

Read the CONTRIBUTING.md and CODE_OF_CONDUCT.md before create pull-request.

Developers

License

See the LICENSE file for more information.

neulabs-cdk-constructs's People

Contributors

fabriziocafolla avatar pregno avatar

Stargazers

avatar

Watchers

avatar avatar avatar avatar

Forkers

fabriziocafolla

neulabs-cdk-constructs's Issues

๐Ÿ› [BUG] - CDK Tests linter error

Description

Trying to add unit test to cdk I am getting the following linter error:

Argument of type 'ExampleStack' is not assignable to parameter of type 'Stack'.
  Types of property 'tags' are incompatible.
    Type 'import(".../cdk/node_modules/neulabs-cdk-constructs/node_modules/aws-cdk-lib/core/lib/tag-manager").TagManager' is not assignable to type 'import(".../cdk/node_modules/aws-cdk-lib/core/lib/tag-manager").TagManager'.
      Types have separate declarations of a private property 'tags'.

Reproduction steps

1. Start from the base example of cdk
2. Import a stack that extends BaseStack
3. See error

Logs

Argument of type 'ExampleStack' is not assignable to parameter of type 'Stack'.
  Types of property 'tags' are incompatible.
    Type 'import(".../cdk/node_modules/neulabs-cdk-constructs/node_modules/aws-cdk-lib/core/lib/tag-manager").TagManager' is not assignable to type 'import(".../cdk/node_modules/aws-cdk-lib/core/lib/tag-manager").TagManager'.
      Types have separate declarations of a private property 'tags'.

OS

Mac

OS Version

Ventura 13.4.1

Language

Typescript

๐Ÿ› [BUG] - Error importing NewRelic CDK Stack

Description

Temporary solution is to import the stack with this code:
import { newrelic } from 'neulabs-cdk-constructs/lib/stacks/monitoring/index.js';

Reproduction steps

After importing the stack, the deploy will fail with this error:

Logs

Using stage: staging
Preparing your SST app

Error [ERR_MODULE_NOT_FOUND]: Cannot find module '/Users/pregno/Neulabs/misato/node_modules/neulabs-cdk-constructs/lib/stacks/monitoring/index' imported from /Users/pregno/Neulabs/misato/brands/cibocrudo/infrastructure/.build/lib/index.js
Did you mean to import neulabs-cdk-constructs/lib/stacks/monitoring/index.js?
    at new NodeError (node:internal/errors:372:5)
    at finalizeResolution (node:internal/modules/esm/resolve:437:11)
    at moduleResolve (node:internal/modules/esm/resolve:1009:10)
    at defaultResolve (node:internal/modules/esm/resolve:1218:11)
    at ESMLoader.resolve (node:internal/modules/esm/loader:580:30)
    at ESMLoader.getModuleJob (node:internal/modules/esm/loader:294:18)
    at ModuleWrap.<anonymous> (node:internal/modules/esm/module_job:80:40)
    at link (node:internal/modules/esm/module_job:78:36)



There was an error synthesizing your app.
error Command failed with exit code 1.

OS

Linux, Mac

OS Version

unix

Language

Typescript

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.