Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(aws-sns-sqs): New aws-sns-sqs pattern implementation #48

Merged

Conversation

danielmatuki
Copy link
Contributor

closes #24

Issue #, if available: #24

Description of changes:
Implements the AWS Solutions Construct that creates an Amazon SNS Topic connected to an Amazon SQS queue.
In addition, it includes the changes in the sqs-helper.ts to support an imported KMS customer managed CMK.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@danielmatuki danielmatuki requested a review from hnishar as a code owner August 25, 2020 18:07
@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: c3d902c
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: ccd1d9c
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: 409fdb3
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

…a KMS key with rotation to perform SQS encryption.
@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: 3e9cb3d
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: 26c4ec6
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Copy link
Contributor

@hnishar hnishar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good first cut, apart from some minor updates, suggest to expose encryptionKeyProps? via construct props

* @param {cdk.App} scope - represents the scope for all the resources.
* @param {string} id - this is a a scope-unique id.
* @param {SnsToSqsProps} props - user provided props for the construct.
* @since 0.8.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"@SInCE 1.60.0" ?

});
}

let enableEncryptionParam = props.enableEncryption;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

declare variable type enableEncryptionParam:boolean

}

let enableEncryptionParam = props.enableEncryption;
let encryptionKeyParam = props.encryptionKey;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

declare variable type encryptionKeyParam:kms.Key

*
* @default - not specified.
*/
readonly encryptionKey?: kms.Key
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One more optional argument for user-provided encryptionKeyProps? readonly encryptionKeyProps?: kms.KeyProps

if (props.enableEncryption !== false) {
enableEncryptionParam = true;
if (!props.encryptionKey) {
encryptionKeyParam = buildEncryptionKey(scope);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use the user provided props.encryptionKeyProps to override

import '@aws-cdk/assert/jest';

// --------------------------------------------------------------
// Pattern deployment w/ new Lambda function and
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

new Lambda function ?

// Initial Setup
const stack = new Stack();
const props: SnsToSqsProps = {
topicProps: {},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can it omitted since its empty anyway ?

enableEncryption: true,
deployDeadLetterQueue: true,
maxReceiveCount: 0,
queueProps: {}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can it omitted since its empty anyway ?

let enableEncryptionParam = props.enableEncryption;
let encryptionKeyParam = props.encryptionKey;
// Create the encryptionKey if none was provided
if (props.enableEncryption !== false) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does it require a check for === undefined as well ? If user does not provide this optional parameter

*
* @default - false (encryption enabled with a KMS key managed by SQS).
*/
readonly enableEncryption?: boolean
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this parameter be renamed to indicate its required only for Customer Managed KMS Key ? e.g. enableEncryptionWithCustomerManagedKey

Copy link
Contributor

@hnishar hnishar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One more minor update

@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: a2ead48
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: dc27900
  • Result: FAILED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-solutions-constructs-team
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: codebuildgithubautobuildPro-rp7jMDIK1wBN
  • Commit ID: dc27900
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

Copy link
Contributor

@hnishar hnishar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ship it!

@hnishar hnishar merged commit 58f54de into awslabs:master Aug 28, 2020
@hnishar
Copy link
Contributor

hnishar commented Aug 28, 2020

Thanks for the contribution! It will be pushed out in the next release of Constructs library!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

New Pattern: aws-sns-sqs
3 participants