0.1.0 • Published 1 year ago

aws-cdk-app v0.1.0

Weekly downloads
-
License
-
Repository
-
Last release
1 year ago

Overview

This AWS CDK project is designed to save time and reduce duplicated work when provisioning Amazon RDS instances. It automates the creation of AWS resources such as RDS secrets for CI, APP, and Readonly users, security groups, RDS proxy security groups, RDS proxy role, RDS database instance, RDS proxy, and RDS proxy target group. Additionally, the project provides output of the database related endpoints and names.

Prerequisites

Before you can use this AWS CDK project, you must have the following prerequisites installed and configured:

  • AWS CLI
  • Node.js and npm
  • AWS CDK CLI

You must also have appropriate AWS credentials configured on your system.

Installation

Clone this repository to your local machine. Navigate to the root directory of the project in your terminal or command prompt. Run npm install to install the project dependencies.

The cdk.json file tells the CDK Toolkit how to execute your app.

Usage

Modify the properties of the RdsStackProps interface to match your desired configuration for the RDS instance. Save the file.

In your terminal or command prompt, run the following command to provision the RDS instance:

cdk deploy

This will deploy the RDS instance and associated resources to your AWS account.

When the deployment is complete, the AWS CloudFormation console will display the output values for the stack. These values will include the endpoint and name of the RDS instance and other relevant information.

Cleanup

When you are finished with the RDS instance, you can remove it from your AWS account to avoid incurring additional charges. To do this, run the following command in your terminal or command prompt:

cdk destroy

This will remove all resources associated with the stack.

Useful commands

  • npm run build compile typescript to js
  • npm run watch watch for changes and compile
  • npm run test perform the jest unit tests
  • cdk deploy deploy this stack to your default AWS account/region
  • cdk diff compare deployed stack with current state
  • cdk synth emits the synthesized CloudFormation template

Naming conventions

Given {pascalDbName : 'CdkTestDb', snakeDbName : 'cdk-test-db'}

ResourcesNameNotes
AWS::SecretsManager::Secretcdk-test-db-test-RDS-ReadonlySecretusername: CdkTestDb_readonly, password: uuidv4, ssmUsername:/rds/cdk-test-db/test/readonly/username, ssmPassword:/rds/cdk-test-db/test/readonly/username
AWS::SecretsManager::Secretcdk-test-db-test-RDS-CISecretusername: CdkTestDb_ci, password: uuidv4, ssmUsername:/rds/cdk-test-db/test/ci/username, ssmPassword:/rds/cdk-test-db/test/ci/username
AWS::SecretsManager::Secretcdk-test-db-test-RDS-AppSecretusername: CdkTestDb_app, password: uuidv4, ssmUsername:/rds/cdk-test-db/test/app/username, ssmPassword:/rds/cdk-test-db/test/app/username
AWS::IAM::RoleCdkTestDbRDSProxyRole
AWS::EC2::SecurityGroupCdkTestDbRDSProxySecurityGroup
AWS::EC2::SecurityGroupCdkTestDbRDSSecurityGroup
AWS::RDS::DBInstancecdk-test-db-testDBName: cdktestdbtest DBInstanceIdentifier: cdk-test-db-test, MasterUsername: CdkTestDb_ci, MasterUserPassword: uuidv4
AWS::RDS::DBProxycdk-test-db-rds-proxy`
AWS::RDS::DBProxyTargetGroupdefault
OutputsCdkTestDbDatabaseProxy, CdkTestDbDatabaseHost,CdkTestDbDatabasePort,CdkTestDb`DatabaseName

8 digits will be added to resource name to make sure it's global unique

Issues

  1. Fn:Import value doesn't work properly in AWS-CDK, to resolve the problem, we would need to read the data from ssm or read from stack details
  2. RdsProxy IAMAuth is attached to Proxy rather than DBSecrets, so we can't have different IAMAuth configuration for the secrets under the RdsProxy
  3. To create the credential and put it into ssm, we would need to check its existence, fetch ssm will throw an exception and terminate the deployment processes even if we captured the exception. To avoid the exception being thrown, we have to read the parameter describes to check existence.
  4. DBProxyTargetGroup deployment can't be processed successfully, somehow we can't connect to the RDS properly, https://github.com/aws/aws-cdk/issues/8919, https://github.com/aws/aws-cdk/pull/12953

Conclusion

This AWS CDK project can save you significant time and effort when provisioning Amazon RDS instances. It automates the creation of resources and provides output values that can be used to configure your applications to use the new RDS instance. By using this project, you can quickly and easily provision RDS instances without having to manually create and configure each resource.

@aws-cdk/aws-ec2@aws-cdk/aws-iam@aws-cdk/aws-rds@aws-cdk/aws-secretsmanager@aws-cdk/aws-ssm@aws-cdk/core@aws-sdk/client-cloudformation@aws-sdk/client-ssm@types/uuidaws-cdkconstructssource-map-support
@everything-registry/sub-chunk-1193
0.1.0

1 year ago