cdk-sqlserver-seeder v0.2.3
cdk-sqlserver-seeder 
A simple CDK seeder for SQL Server RDS databases.
When you create an RDS SQL Server instance using CloudFormation template, there is no way to provide initial schema definition as part of CloudFormation stack deployment. Custom schema deployment scripts can be executed only after the database deployment is complete.
cdk-sqlserver-seeder library is a AWS CDK construct that provides a way to automate this process and eliminate manual steps involved in the process of preparing new RDS SQL Server environment by executing custom SQL scripts on RDS SQL Server instance creation/deletion.
The construct relies on Invoke-SqlCmd cmdlet to run the scripts and provides a way to handle transient errors during stack provisioning.
Usage
import * as cdk from '@aws-cdk/core';
import * as ec2 from '@aws-cdk/aws-ec2';
import * as rds from '@aws-cdk/aws-rds';
import { SqlServerSeeder } from 'cdk-sqlserver-seeder';
export class DatabaseStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const sqlServer = new rds.DatabaseInstance(this, 'Instance', {
engine: rds.DatabaseInstanceEngine.SQL_SERVER_WEB,
// all other properties removed for clarity
});
const seeder = new SqlServerSeeder(this, "SqlSeeder", {
database: sqlServer,
port: 1433,
vpc: vpc,
createScriptPath: "./SQL/v1.0.0.sql", // script to be executed on resource creation
deleteScriptPath: "./SQL/cleanup.sql" // script to be executed on resource deletion
});
}
}Configuration properties
SqlServerSeeder construct accepts the following configuration properties:
| Parameter | Required | Default | Description |
|---|---|---|---|
vpc | yes | VPC for Lambda function deployment | |
database | yes | RDS SQL Server database instance | |
createScriptPath | yes | SQL scripts to run on resource creation | |
deleteScriptPath | no | SQL script to run on resource deletion | |
port | no | 1433 | RSD SQL Server database port |
memorySize | no | 512 | Lambda function memory size |
ignoreSqlErrors | no | false | Whether to ignore SQL error or not |
Architecture
cdk-sqlserver-seeder deploys a custom resource backed by PowerShell lambda to connect to SQL Server instance. Lambda function is deployed in private subnets of your VPC where RDS instance resides.
Lambda function retrieves database credentials from AWS Secrets Manager and uses them to construct connection string to the database.
SQL scripts are uploaded into S3 bucket during CDK application deployment. Lambda function downloads these scripts during execution.
Security considerations
Lambda function has the following permissions:
- Managed policies
AWSLambdaBasicExecutionRolefor CloudWatch logsAWSLambdaVPCAccessExecutionRolefor VPC access
- Inline policy
secretsmanager:GetSecretValuefor RDS credentials secrets3:GetObject*,s3:GetBucket*,s3:List*for S3 bucket with SQL scripts
Acknowledgements
The whole project inspired by aws-cdk-dynamodb-seeder. I though it would be very helpful to have a similar way to seed initial schema to more traditional SQL Server databases.