@makemydeal/cdk-dr-constructs
    TypeScript icon, indicating that this package has built-in type declarations

    1.106.0 • Public • Published

    @makemydeal/cdk-dr-constructs

    This package contains DR specific implementations of most of the types above. This will take some opinions from Accelerate, for example, using the SSM Parameter Store to retrieve ARN values for IAM roles.

    Constructs

    Name Description
    Encryption Reads an Encryption Key from SSM /dr/global/encryption/{keyName} where Keyname is a property passed
    IAM Reads 7 different IAM roles from SSM all in /dr/global/iam. CodeBuild (NonProd and Prod), CodePipeline (NonProd and Prod), CloudFormation (NonProd and Prod) along with Lambda Execution Role (read during build from the appropriate account)
    SsmProperties Class to read SSM properties.
    VpcConfig Given a VpcId, SecurityGroup Ids and Subnet Ids it will read these resources from the account/region given to the stack. VPC requires concrete values to be read (cannot come from SSM or other dynamic sources)
    VpcEndpoint Given a VpcConfig, it can read an existing VPC Endpoint or create a new one.

    Factories

    The following factories exist to build their corresponding construct above. This allows these factories to be passed to the main stack allowing you to customize construction of the objects or supply your own object with your implementation.

    • EncryptionFactory
    • EncryptionFactoryProps (takes properties to specify region or a different key)
    • IamFactory
    • SsmPropertiesFactory
    • VpcConfigFactory

    Usage

    import { VpcConfigFactory } from '@makemydeal/cdk-dr-constructs';
    
    const factory = VpcConfigFactory({
        // VPC Configuration coming from the process.env variables from CodeBuild.  These NEED to be concrete, cannot come from SSM directly in the stack
        vpcId,
        securityGroupIds,
        subnetIds
    })
    

    Parameter Store Dependencies

    All Deployments

    Key Construct Description
    /dr/global/iam/code-build-service-role IAM Code Build Service Role
    /dr/global/iam/crossaccount-build-role IAM Role used for cross account builds (production)
    /dr/global/iam/code-pipeline-service-role IAM Code Pipeline Service Role
    /dr/global/iam/crossaccount-deploy-role IAM Role used for cross account deployment (production)
    /dr/global/iam/cfn-service-role-prod IAM Production Account CloudFormation role
    /dr/global/iam/cfn-service-role IAM Non-Production Account CloudFormation role
    /dr/global/iam/lambda-execution-role IAM Lambda Execution Role
    /dr/global/iam/s3-replication-role IAM Role used to set up replication between s3 buckets
    /dr/global/certificates/makemydealcom DRCertificate Default ARN to use for Certificate
    /dr/global/network/hosted-zone-ids/makemydealcom DRHostedZone Default Hosted Zone ID

    Single Region Deployments

    To support backward compatibility, we will support the existing keys when a region is not specified.

    Key Construct Description
    /dr/global/encryption/basicKey Encryption KMS key used for encryption

    Multi Region Deployments

    For multi region deployments, we need to support a region for these values. This is used in the pipeline only so the keys change

    Key Construct Description
    /dr/global/cdk/regions/${region}/encryption/basicKey Encryption KMS key used for encryption

    Keywords

    none

    Install

    npm i @makemydeal/cdk-dr-constructs

    DownloadsWeekly Downloads

    304

    Version

    1.106.0

    License

    ISC

    Unpacked Size

    187 kB

    Total Files

    30

    Last publish

    Collaborators

    • mmd-devops