Skip to content

Commit

Permalink
[Integration] Initial implementation of AWS::RDS::Integration
Browse files Browse the repository at this point in the history 
Contract tests are passing.

Co-authored-by: Valentin Shirshov <[email protected]>
  • Loading branch information
@wbkang
wbkang and Valentin Shirshov committed Dec 6, 2023
1 parent 9f2a9be commit adca009
Show file tree
Hide file tree
Showing 34 changed files with 2,639 additions and 1 deletion.
3 changes: 2 additions & 1 deletion ...s-cfn-test-common/src/main/java/software/amazon/rds/test/common/core/ServiceProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@ public enum ServiceProvider {
SDK("sdk"),
S3("s3"),
MEDIAIMPORT("mediaimport"),
ASM("secretsmanager");
ASM("secretsmanager"),
REDSHIFT("redshift");

private final String name;

Expand Down
28 changes: 28 additions & 0 deletions aws-rds-integration/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# macOS
.DS_Store
._*

# Maven outputs
.classpath
/aws-rds-integration.zip

# IntelliJ
*.iml
.idea
out.java
out/
.settings
.project

# auto-generated files
target/
/build/

# our logs
rpdk.log

# contains credentials
sam-tests/

# auto-generated sam file
.aws-sam/build.toml
20 changes: 20 additions & 0 deletions aws-rds-integration/.rpdk-config
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{
"artifact_type": "RESOURCE",
"typeName": "AWS::RDS::Integration",
"language": "java",
"runtime": "java8",
"entrypoint": "software.amazon.rds.integration.HandlerWrapper::handleRequest",
"testEntrypoint": "software.amazon.rds.integration.HandlerWrapper::testEntrypoint",
"settings": {
"namespace": [
"software",
"amazon",
"rds",
"integration"
],
"codegen_template_path": "guided_aws",
"protocolVersion": "2.0.0"
},
"logProcessorEnabled": "true",
"executableEntrypoint": "software.amazon.rds.integration.HandlerWrapperExecutable"
}
28 changes: 28 additions & 0 deletions aws-rds-integration/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
## aws-cloudformation-resource-providers-rds

The CloudFormation Resource Provider Package For Amazon Relational Database Service

## License

This library is licensed under the Apache 2.0 License.

### Generate testsAccountsConfig.yml for contract tests

See [Uluru wiki](https://w.amazon.com/bin/view/AWS/CloudFormation/Teams/ProviderEx/RP-Framework/Projects/UluruContractTests#HCanIrunCTv2inpipelineusingmyownaccounts3F)

Uluru allows service teams to run contract tests on their own accounts. This way, the test process is completely visible
to the service team -- any errors can be easily debugged in Step Functions (instead of S3), any stuck dependency stacks
can be freely removed and retried, and contract tests can reuse the same prefab resources as integration tests.

File generation is only needed if: 1) RDS adds a new control plane region, 2) RDS adds a new CFN resource

1. (One-time) Install jq and yq
```
brew install jq yq
```
2. Run command to generate testsAccountsConfig.yml and copy the generated file to all projects' **contract-tests-artifacts** directories
```
brazil-build generateTestAccountsConfig
```
3. Examine `git diff` to make sure the changes are expected
4. CR the changes
155 changes: 155 additions & 0 deletions aws-rds-integration/aws-rds-integration.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,155 @@
{
"typeName": "AWS::RDS::Integration",
"description": "An example resource schema demonstrating some basic constructs and validation rules.",
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"properties": {
"IntegrationName": {
"description": "The name of the integration.",
"type": "string",
"minLength": 1,
"maxLength": 64
},
"Tags": {
"type": "array",
"maxItems": 50,
"uniqueItems": true,
"insertionOrder": false,
"description": "An array of key-value pairs to apply to this resource.",
"items": {
"$ref": "#/definitions/Tag"
}
},
"SourceArn": {
"type": "string",
"description": "The Amazon Resource Name (ARN) of the Aurora DB cluster to use as the source for replication."
},
"TargetArn": {
"type": "string",
"description": "The ARN of the Redshift data warehouse to use as the target for replication."
},
"IntegrationArn": {
"type": "string",
"description": "The ARN of the integration."
},
"KMSKeyId": {
"type": "string",
"description": "An optional AWS Key Management System (AWS KMS) key ARN for the key used to to encrypt the integration. The resource accepts the key ID and the key ARN forms. The key ID form can be used if the KMS key is owned by te same account. If the KMS key belongs to a different account than the calling account, the full key ARN must be specified. Do not use the key alias or the key alias ARN as this will cause a false drift of the resource."
},
"AdditionalEncryptionContext": {
"$ref": "#/definitions/EncryptionContextMap"
},
"CreateTime": {
"type": "string"
}
},
"required": [
"SourceArn",
"TargetArn"
],
"definitions": {
"Tags": {
"type": "array",
"maxItems": 50,
"uniqueItems": true,
"insertionOrder": false,
"description": "An array of key-value pairs to apply to this resource.",
"items": {
"$ref": "#/definitions/Tag"
}
},
"Tag": {
"description": "A key-value pair to associate with a resource.",
"type": "object",
"additionalProperties": false,
"properties": {
"Key": {
"type": "string",
"description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
"minLength": 1,
"maxLength": 128
},
"Value": {
"type": "string",
"description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
"minLength": 0,
"maxLength": 256
}
},
"required": [
"Key"
]
},
"EncryptionContextMap": {
"type": "object",
"patternProperties": {
"^[\\s\\S]*$": {
"type": "string",
"maxLength": 131072,
"minLength": 0
}
},
"description": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data.",
"additionalProperties": false
}
},
"propertyTransform": {
"/properties/SourceArn": "$lowercase(SourceArn)",
"/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])"
},
"createOnlyProperties": [
"/properties/SourceArn",
"/properties/TargetArn",
"/properties/KMSKeyId",
"/properties/AdditionalEncryptionContext",
"/properties/IntegrationName"
],
"readOnlyProperties": [
"/properties/IntegrationArn",
"/properties/CreateTime"
],
"primaryIdentifier": [
"/properties/IntegrationArn"
],
"handlers": {
"create": {
"permissions": [
"rds:CreateIntegration",
"rds:DescribeIntegrations",
"rds:AddTagsToResource",
"kms:CreateGrant",
"kms:DescribeKey",
"redshift:CreateInboundIntegration"
]
},
"read": {
"permissions": [
"rds:DescribeIntegrations"
]
},
"update": {
"permissions": [
"rds:DescribeIntegrations",
"rds:AddTagsToResource",
"rds:RemoveTagsFromResource"
]
},
"delete": {
"permissions": [
"rds:DeleteIntegration",
"rds:DescribeIntegrations"
]
},
"list": {
"permissions": [
"rds:DescribeIntegrations"
]
}
},
"tagging": {
"taggable": true,
"tagOnCreate": true,
"tagUpdatable": true,
"tagProperty": "/properties/Tags"
},
"additionalProperties": false
}
123 changes: 123 additions & 0 deletions aws-rds-integration/docs/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
# AWS::RDS::Integration

An example resource schema demonstrating some basic constructs and validation rules.

## Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

### JSON

<pre>
{
"Type" : "AWS::RDS::Integration",
"Properties" : {
"<a href="#integrationname" title="IntegrationName">IntegrationName</a>" : <i>String</i>,
"<a href="#tags" title="Tags">Tags</a>" : <i>[ <a href="tag.md">Tag</a>, ... ]</i>,
"<a href="#sourcearn" title="SourceArn">SourceArn</a>" : <i>String</i>,
"<a href="#targetarn" title="TargetArn">TargetArn</a>" : <i>String</i>,
"<a href="#kmskeyid" title="KMSKeyId">KMSKeyId</a>" : <i>String</i>,
"<a href="#additionalencryptioncontext" title="AdditionalEncryptionContext">AdditionalEncryptionContext</a>" : <i><a href="additionalencryptioncontext.md">AdditionalEncryptionContext</a></i>,
}
}
</pre>

### YAML

<pre>
Type: AWS::RDS::Integration
Properties:
<a href="#integrationname" title="IntegrationName">IntegrationName</a>: <i>String</i>
<a href="#tags" title="Tags">Tags</a>: <i>
- <a href="tag.md">Tag</a></i>
<a href="#sourcearn" title="SourceArn">SourceArn</a>: <i>String</i>
<a href="#targetarn" title="TargetArn">TargetArn</a>: <i>String</i>
<a href="#kmskeyid" title="KMSKeyId">KMSKeyId</a>: <i>String</i>
<a href="#additionalencryptioncontext" title="AdditionalEncryptionContext">AdditionalEncryptionContext</a>: <i><a href="additionalencryptioncontext.md">AdditionalEncryptionContext</a></i>
</pre>

## Properties

#### IntegrationName

The name of the integration.

_Required_: No

_Type_: String

_Minimum Length_: <code>1</code>

_Maximum Length_: <code>64</code>

_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

#### Tags

An array of key-value pairs to apply to this resource.

_Required_: No

_Type_: List of <a href="tag.md">Tag</a>

_Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)

#### SourceArn

The Amazon Resource Name (ARN) of the Aurora DB cluster to use as the source for replication.

_Required_: Yes

_Type_: String

_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

#### TargetArn

The ARN of the Redshift data warehouse to use as the target for replication.

_Required_: Yes

_Type_: String

_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

#### KMSKeyId

An optional AWS Key Management System (AWS KMS) key ARN for the key used to to encrypt the integration. The resource accepts the key ID and the key ARN forms. The key ID form can be used if the KMS key is owned by te same account. If the KMS key belongs to a different account than the calling account, the full key ARN must be specified. Do not use the key alias or the key alias ARN as this will cause a false drift of the resource.

_Required_: No

_Type_: String

_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

#### AdditionalEncryptionContext

An optional set of non-secret key–value pairs that contains additional contextual information about the data.

_Required_: No

_Type_: <a href="additionalencryptioncontext.md">AdditionalEncryptionContext</a>

_Update requires_: [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)

## Return Values

### Ref

When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the IntegrationArn.

### Fn::GetAtt

The `Fn::GetAtt` intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the `Fn::GetAtt` intrinsic function, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html).

#### IntegrationArn

The ARN of the integration.

#### CreateTime

Returns the <code>CreateTime</code> value.
Loading

0 comments on commit adca009

Please sign in to comment.