API Reference
Constructs
AssignOnLaunch
- Implements:
shady-island.IAssignOnLaunch
Enables the “assignIpv6AddressOnCreation” attribute on selected subnets.
{@link https://github.com/aws/aws-cdk/issues/5927}
Initializers
import { AssignOnLaunch } from 'shady-island'
new AssignOnLaunch(scope: Construct, id: string, options: AssignOnLaunchProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
The construct scope. |
id * |
string |
The construct ID. |
options * |
shady-island.AssignOnLaunchProps |
The constructor options. |
scope
Required
- Type:
constructs.Construct
The construct scope.
id
Required
- Type:
string
The construct ID.
options
Required
The constructor options.
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The IPv6-enabled VPC. |
vpcPlacement * |
aws-cdk-lib.aws_ec2.SelectedSubnets |
The chosen subnets for address assignment on ENI launch. |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The IPv6-enabled VPC.
vpcPlacement
Required
public readonly vpcPlacement: SelectedSubnets;
The chosen subnets for address assignment on ENI launch.
BaseDatabase
- Implements:
shady-island.IDatabase
A database.
Initializers
import { BaseDatabase } from 'shady-island'
new BaseDatabase(scope: IConstruct, id: string, props: BaseDatabaseProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.IConstruct |
The Construct that contains this one. |
id * |
string |
The identifier of this construct. |
props * |
shady-island.BaseDatabaseProps |
The configuration properties for this construct. |
scope
Required
- Type:
constructs.IConstruct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
props
Required
The configuration properties for this construct.
Methods
Name | Description |
---|---|
addUserAsOwner |
Declares a new database user to be assigned ownership permissions. |
addUserAsReader |
Declares a new database user to be assigned read-only permissions. |
addUserAsUnprivileged |
Declares a new database user with no permissions. |
addUserAsOwner
public addUserAsOwner(secret: ISecret)
secret
Required
addUserAsReader
public addUserAsReader(secret: ISecret)
secret
Required
addUserAsUnprivileged
public addUserAsUnprivileged(secret: ISecret)
secret
Required
Properties
Name | Type | Description |
---|---|---|
databaseName * |
string |
The name of the database/catalog. |
endpoint * |
aws-cdk-lib.aws_rds.Endpoint |
The cluster or instance endpoint. |
trigger * |
aws-cdk-lib.triggers.ITrigger |
The CDK Trigger that kicks off the process. |
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog.
endpoint
Required
public readonly endpoint: Endpoint;
The cluster or instance endpoint.
trigger
Required
public readonly trigger: ITrigger;
The CDK Trigger that kicks off the process.
You can further customize when the trigger fires using executeAfter
.
CidrContext
- Implements:
shady-island.ICidrContext
Allocates IPv6 CIDRs and routes for subnets in a VPC.
{@link https://github.com/aws/aws-cdk/issues/5927}
Initializers
import { CidrContext } from 'shady-island'
new CidrContext(scope: Construct, id: string, options: CidrContextProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
The construct scope. |
id * |
string |
The construct ID. |
options * |
shady-island.CidrContextProps |
The constructor options. |
scope
Required
- Type:
constructs.Construct
The construct scope.
id
Required
- Type:
string
The construct ID.
options
Required
The constructor options.
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The IPv6-enabled VPC. |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The IPv6-enabled VPC.
ContextLoadingStage
A Stage that can load context values from a JSON file.
Initializers
import { ContextLoadingStage } from 'shady-island'
new ContextLoadingStage(scope: Construct, id: string, props: ContextLoadingStageProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
The scope in which to define this construct. |
id * |
string |
The scoped construct ID. |
props * |
shady-island.ContextLoadingStageProps |
Initialization properties for this construct. |
scope
Required
- Type:
constructs.Construct
The scope in which to define this construct.
id
Required
- Type:
string
The scoped construct ID.
props
Required
Initialization properties for this construct.
DeploymentTierStage
A Stage whose stacks are part of a single deployment tier.
Initializers
import { DeploymentTierStage } from 'shady-island'
new DeploymentTierStage(scope: Construct, id: string, props: DeploymentTierStageProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
The scope in which to define this construct. |
id * |
string |
The scoped construct ID. |
props * |
shady-island.DeploymentTierStageProps |
Initialization properties for this construct. |
scope
Required
- Type:
constructs.Construct
The scope in which to define this construct.
id
Required
- Type:
string
The scoped construct ID.
props
Required
Initialization properties for this construct.
Properties
Name | Type | Description |
---|---|---|
inProduction * |
boolean |
Whether this stage is considered a production deployment. |
tier * |
shady-island.Tier |
No description. |
inProduction
Required
public readonly inProduction: boolean;
- Type:
boolean
Whether this stage is considered a production deployment.
tier
Required
public readonly tier: Tier;
- Type:
shady-island.Tier
EncryptedFileSystem
- Implements:
shady-island.IEncryptedFileSystem
An EncryptedFileSystem.
Initializers
import { EncryptedFileSystem } from 'shady-island'
new EncryptedFileSystem(scope: IConstruct, id: string, props: EncryptedFileSystemProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.IConstruct |
The Construct that contains this one. |
id * |
string |
The identifier of this construct. |
props * |
shady-island.EncryptedFileSystemProps |
The configuration properties for this construct. |
scope
Required
- Type:
constructs.IConstruct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
props
Required
The configuration properties for this construct.
Properties
Name | Type | Description |
---|---|---|
fileSystem * |
aws-cdk-lib.aws_efs.IFileSystem |
The EFS file system. |
key * |
aws-cdk-lib.aws_kms.IKey |
The KMS encryption key. |
fileSystem
Required
public readonly fileSystem: IFileSystem;
The EFS file system.
key
Required
public readonly key: IKey;
- Type:
aws-cdk-lib.aws_kms.IKey
The KMS encryption key.
EncryptedLogGroup
- Implements:
shady-island.IEncryptedLogGroup
A log group encrypted by a KMS customer managed key.
Initializers
import { EncryptedLogGroup } from 'shady-island'
new EncryptedLogGroup(scope: Construct, id: string, props: EncryptedLogGroupProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
No description. |
id * |
string |
No description. |
props * |
shady-island.EncryptedLogGroupProps |
No description. |
scope
Required
- Type:
constructs.Construct
id
Required
- Type:
string
props
Required
Properties
Name | Type | Description |
---|---|---|
key * |
aws-cdk-lib.aws_kms.IKey |
The KMS encryption key. |
logGroup * |
aws-cdk-lib.aws_logs.ILogGroup |
The log group. |
key
Required
public readonly key: IKey;
- Type:
aws-cdk-lib.aws_kms.IKey
The KMS encryption key.
logGroup
Required
public readonly logGroup: ILogGroup;
The log group.
FargateTask
- Implements:
shady-island.IFargateTask
An FargateTask.
If vpcSubnets
is blank but assignPublicIp
is set, the task will launch in Public subnets, otherwise the first available one of Private, Isolated, Public, in that order.
Initializers
import { FargateTask } from 'shady-island'
new FargateTask(scope: Construct, id: string, props: FargateTaskProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
No description. |
id * |
string |
No description. |
props * |
shady-island.FargateTaskProps |
No description. |
scope
Required
- Type:
constructs.Construct
id
Required
- Type:
string
props
Required
Methods
Name | Description |
---|---|
grantRun |
Grants permission to invoke ecs:RunTask on this task’s cluster. |
grantRun
public grantRun(grantee: IGrantable)
grantee
Required
Properties
Name | Type | Description |
---|---|---|
awsVpcNetworkConfig * |
shady-island.FargateAwsVpcConfiguration |
Get the networkConfiguration.awsvpcConfiguration property to run this task. |
cluster * |
aws-cdk-lib.aws_ecs.ICluster |
The name of the cluster that hosts the service. |
connections * |
aws-cdk-lib.aws_ec2.Connections |
The network connections associated with this resource. |
taskDefinition * |
aws-cdk-lib.aws_ecs.FargateTaskDefinition |
The task definition that can be launched. |
awsVpcNetworkConfig
Required
public readonly awsVpcNetworkConfig: FargateAwsVpcConfiguration;
Get the networkConfiguration.awsvpcConfiguration property to run this task.
cluster
Required
public readonly cluster: ICluster;
The name of the cluster that hosts the service.
connections
Required
public readonly connections: Connections;
The network connections associated with this resource.
taskDefinition
Required
public readonly taskDefinition: FargateTaskDefinition;
The task definition that can be launched.
MysqlDatabase
A MySQL database.
Initializers
import { MysqlDatabase } from 'shady-island'
new MysqlDatabase(scope: IConstruct, id: string, props: MysqlDatabaseProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.IConstruct |
The Construct that contains this one. |
id * |
string |
The identifier of this construct. |
props * |
shady-island.MysqlDatabaseProps |
The configuration properties for this construct. |
scope
Required
- Type:
constructs.IConstruct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
props
Required
The configuration properties for this construct.
Methods
Name | Description |
---|---|
addUserAsOwner |
Declares a new database user to be assigned ownership permissions. |
addUserAsReader |
Declares a new database user to be assigned read-only permissions. |
addUserAsUnprivileged |
Declares a new database user with no permissions. |
addUserAsOwner
public addUserAsOwner(secret: ISecret)
secret
Required
addUserAsReader
public addUserAsReader(secret: ISecret)
secret
Required
addUserAsUnprivileged
public addUserAsUnprivileged(secret: ISecret)
secret
Required
Static Functions
Name | Description |
---|---|
forCluster |
Create a new MysqlDatabase inside a DatabaseCluster. |
forClusterFromSnapshot |
Create a new MysqlDatabase inside a DatabaseClusterFromSnapshot. |
forInstance |
Create a new MysqlDatabase inside a DatabaseInstance. |
forInstanceFromSnapshot |
Create a new MysqlDatabase inside a DatabaseInstanceFromSnapshot. |
forServerlessCluster |
Create a new MysqlDatabase inside a DatabaseCluster. |
forServerlessClusterFromSnapshot |
Create a new MysqlDatabase inside a DatabaseClusterFromSnapshot. |
forCluster
import { MysqlDatabase } from 'shady-island'
MysqlDatabase.forCluster(scope: Construct, id: string, cluster: DatabaseCluster, options: MysqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forClusterFromSnapshot
import { MysqlDatabase } from 'shady-island'
MysqlDatabase.forClusterFromSnapshot(scope: Construct, id: string, cluster: DatabaseClusterFromSnapshot, options: MysqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forInstance
import { MysqlDatabase } from 'shady-island'
MysqlDatabase.forInstance(scope: Construct, id: string, instance: DatabaseInstance, options: MysqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
instance
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forInstanceFromSnapshot
import { MysqlDatabase } from 'shady-island'
MysqlDatabase.forInstanceFromSnapshot(scope: Construct, id: string, instance: DatabaseInstanceFromSnapshot, options: MysqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
instance
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forServerlessCluster
import { MysqlDatabase } from 'shady-island'
MysqlDatabase.forServerlessCluster(scope: Construct, id: string, cluster: ServerlessCluster, options: MysqlDatabaseForServerlessClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forServerlessClusterFromSnapshot
import { MysqlDatabase } from 'shady-island'
MysqlDatabase.forServerlessClusterFromSnapshot(scope: Construct, id: string, cluster: ServerlessClusterFromSnapshot, options: MysqlDatabaseForServerlessClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
Properties
Name | Type | Description |
---|---|---|
trigger * |
aws-cdk-lib.triggers.ITrigger |
The CDK Trigger that kicks off the process. |
trigger
Required
public readonly trigger: ITrigger;
The CDK Trigger that kicks off the process.
You can further customize when the trigger fires using executeAfter
.
PostgresqlDatabase
A PostgreSQL database.
Initializers
import { PostgresqlDatabase } from 'shady-island'
new PostgresqlDatabase(scope: IConstruct, id: string, props: PostgresqlDatabaseProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.IConstruct |
The Construct that contains this one. |
id * |
string |
The identifier of this construct. |
props * |
shady-island.PostgresqlDatabaseProps |
The configuration properties for this construct. |
scope
Required
- Type:
constructs.IConstruct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
props
Required
The configuration properties for this construct.
Methods
Name | Description |
---|---|
addUserAsOwner |
Declares a new database user to be assigned ownership permissions. |
addUserAsReader |
Declares a new database user to be assigned read-only permissions. |
addUserAsUnprivileged |
Declares a new database user with no permissions. |
addUserAsOwner
public addUserAsOwner(secret: ISecret)
secret
Required
addUserAsReader
public addUserAsReader(secret: ISecret)
secret
Required
addUserAsUnprivileged
public addUserAsUnprivileged(secret: ISecret)
secret
Required
Static Functions
Name | Description |
---|---|
forCluster |
Create a new PostgresqlDatabase inside a DatabaseCluster. |
forClusterFromSnapshot |
Create a new PostgresqlDatabase inside a DatabaseClusterFromSnapshot. |
forInstance |
Create a new PostgresqlDatabase inside a DatabaseInstance. |
forInstanceFromSnapshot |
Create a new PostgresqlDatabase inside a DatabaseInstanceFromSnapshot. |
forServerlessCluster |
Create a new PostgresqlDatabase inside a DatabaseCluster. |
forServerlessClusterFromSnapshot |
Create a new PostgresqlDatabase inside a DatabaseClusterFromSnapshot. |
forCluster
import { PostgresqlDatabase } from 'shady-island'
PostgresqlDatabase.forCluster(scope: Construct, id: string, cluster: DatabaseCluster, options: PostgresqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forClusterFromSnapshot
import { PostgresqlDatabase } from 'shady-island'
PostgresqlDatabase.forClusterFromSnapshot(scope: Construct, id: string, cluster: DatabaseClusterFromSnapshot, options: PostgresqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forInstance
import { PostgresqlDatabase } from 'shady-island'
PostgresqlDatabase.forInstance(scope: Construct, id: string, instance: DatabaseInstance, options: PostgresqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
instance
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forInstanceFromSnapshot
import { PostgresqlDatabase } from 'shady-island'
PostgresqlDatabase.forInstanceFromSnapshot(scope: Construct, id: string, instance: DatabaseInstanceFromSnapshot, options: PostgresqlDatabaseForClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
instance
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forServerlessCluster
import { PostgresqlDatabase } from 'shady-island'
PostgresqlDatabase.forServerlessCluster(scope: Construct, id: string, cluster: ServerlessCluster, options: PostgresqlDatabaseForServerlessClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
forServerlessClusterFromSnapshot
import { PostgresqlDatabase } from 'shady-island'
PostgresqlDatabase.forServerlessClusterFromSnapshot(scope: Construct, id: string, cluster: ServerlessClusterFromSnapshot, options: PostgresqlDatabaseForServerlessClusterOptions)
scope
Required
- Type:
constructs.Construct
The Construct that contains this one.
id
Required
- Type:
string
The identifier of this construct.
cluster
Required
The database cluster construct.
options
Required
The configuration properties for this construct.
Properties
Name | Type | Description |
---|---|---|
trigger * |
aws-cdk-lib.triggers.ITrigger |
The CDK Trigger that kicks off the process. |
trigger
Required
public readonly trigger: ITrigger;
The CDK Trigger that kicks off the process.
You can further customize when the trigger fires using executeAfter
.
Workload
A collection of Stacks in an Environment representing a deployment Tier.
Consider deriving a subclass of Workload
and creating your Stack
objects within its constructor. The difference between this class and a Stage
is that a Stage
is meant to be deployed with CDK Pipelines. This class can be used with cdk deploy
. This class also provides context loading capabilities. It is an anti-pattern to provide a Workload
instance as the parent scope to the aws-cdk-lib.Stack
constructor. You should either use the createStack()
method, create your own sub-class of Stack
and provide a Workload
instance as the parent scope, or use the import()
method to essentially import a Stack
and its constructs into a Workload
without changing its scope.
Initializers
import { Workload } from 'shady-island'
new Workload(scope: Construct, id: string, props: WorkloadProps)
Name | Type | Description |
---|---|---|
scope * |
constructs.Construct |
The construct scope. |
id * |
string |
The construct ID. |
props * |
shady-island.WorkloadProps |
The constructor options. |
scope
Required
- Type:
constructs.Construct
The construct scope.
id
Required
- Type:
string
The construct ID.
props
Required
The constructor options.
Methods
Name | Description |
---|---|
createStack |
Adds a stack to the Workload. |
import |
Forces a return value for Workload.of for one or more Stack objects. |
createStack
public createStack(id: string, props?: StackProps)
id
Required
- Type:
string
The Stack construct id (e.g. “Network”).
props
Optional
- Type:
aws-cdk-lib.StackProps
The new Stack properties.
import
public import(stacks: Stack)
stacks
Required
- Type:
aws-cdk-lib.Stack
The Stack
instances to import to this Workload
.
Static Functions
Name | Description |
---|---|
isWorkload |
Test whether the given construct is a Workload. |
of |
Return the Workload the construct is contained within, fails if there is no workload up the tree. |
isWorkload
import { Workload } from 'shady-island'
Workload.isWorkload(x: any)
x
Required
- Type:
any
The value to test.
of
import { Workload } from 'shady-island'
Workload.of(construct: IConstruct)
construct
Required
- Type:
constructs.IConstruct
The construct whose parent nodes will be searched.
Properties
Name | Type | Description |
---|---|---|
stacks * |
aws-cdk-lib.Stack [] |
No description. |
tier * |
shady-island.Tier |
The deployment tier. |
workloadName * |
string |
The prefix used in the default stackName provided to child Stacks. |
account |
string |
The default account for all resources defined within this workload. |
publicDomainName |
string |
The domain name to use for resources that expose public endpoints. |
region |
string |
The default region for all resources defined within this workload. |
stacks
Required
public readonly stacks: Stack[];
- Type:
aws-cdk-lib.Stack
[]
tier
Required
public readonly tier: Tier;
- Type:
shady-island.Tier
The deployment tier.
workloadName
Required
public readonly workloadName: string;
- Type:
string
The prefix used in the default stackName
provided to child Stacks.
account
Optional
public readonly account: string;
- Type:
string
The default account for all resources defined within this workload.
publicDomainName
Optional
public readonly publicDomainName: string;
- Type:
string
- Default: If
baseDomainName
was empty, this will beundefined
The domain name to use for resources that expose public endpoints.
You can use Workload.of(this).publicDomainName
as the zoneName
of a Route 53 hosted zone. Any construct that creates public DNS resources (e.g. those of API Gateway, Application Load Balancing, CloudFront) can use this property to format a FQDN for itself by adding a subdomain.
region
Optional
public readonly region: string;
- Type:
string
The default region for all resources defined within this workload.
Structs
AssignOnLaunchProps
Properties for creating a new {@link AssignOnLaunch}.
Initializer
import { AssignOnLaunchProps } from 'shady-island'
const assignOnLaunchProps: AssignOnLaunchProps = { ... }
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC whose subnets will be configured. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Which subnets to assign IPv6 addresses upon ENI creation. |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC whose subnets will be configured.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
Which subnets to assign IPv6 addresses upon ENI creation.
BaseDatabaseOptions
These options cannot be determined from existing Database constructs.
Initializer
import { BaseDatabaseOptions } from 'shady-island'
const baseDatabaseOptions: BaseDatabaseOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
BaseDatabaseProps
The properties for a database.
Initializer
import { BaseDatabaseProps } from 'shady-island'
const baseDatabaseProps: BaseDatabaseProps = { ... }
Properties
Name | Type | Description |
---|---|---|
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
endpoint * |
aws-cdk-lib.aws_rds.Endpoint |
The cluster or instance endpoint. |
target * |
aws-cdk-lib.aws_ec2.IConnectable |
The target service or database. |
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC where the Lambda function will run. |
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Required
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
endpoint
Required
public readonly endpoint: Endpoint;
The cluster or instance endpoint.
target
Required
public readonly target: IConnectable;
The target service or database.
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC where the Lambda function will run.
CidrContextProps
Properties for creating a new {@link CidrContext}.
Initializer
import { CidrContextProps } from 'shady-island'
const cidrContextProps: CidrContextProps = { ... }
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC whose subnets will be configured. |
addressPool |
string |
The ID of a BYOIP IPv6 address pool from which to allocate the CIDR block. |
assignAddressOnLaunch |
boolean |
Whether this VPC should auto-assign an IPv6 address to launched ENIs. |
cidrBlock |
string |
An IPv6 CIDR block from the IPv6 address pool to use for this VPC. |
cidrCount |
number |
Split the CIDRs into this many groups (by default one for each subnet). |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC whose subnets will be configured.
addressPool
Optional
public readonly addressPool: string;
- Type:
string
The ID of a BYOIP IPv6 address pool from which to allocate the CIDR block.
If this parameter is not specified or is undefined, the CIDR block will be provided by AWS.
assignAddressOnLaunch
Optional
assignAddressOnLaunch
- Deprecated: - Launch templates now support specifying IPv6 addresses
public readonly assignAddressOnLaunch: boolean;
- Type:
boolean
Whether this VPC should auto-assign an IPv6 address to launched ENIs.
True by default.
cidrBlock
Optional
public readonly cidrBlock: string;
- Type:
string
An IPv6 CIDR block from the IPv6 address pool to use for this VPC.
The {@link EnableIpv6Props#addressPool} attribute is required if this parameter is specified.
cidrCount
Optional
public readonly cidrCount: number;
- Type:
number
Split the CIDRs into this many groups (by default one for each subnet).
ContextLoadingStageProps
Constructor properties for ContextLoadingStage.
Initializer
import { ContextLoadingStageProps } from 'shady-island'
const contextLoadingStageProps: ContextLoadingStageProps = { ... }
Properties
Name | Type | Description |
---|---|---|
env |
aws-cdk-lib.Environment |
Default AWS environment (account/region) for Stack s in this Stage . |
outdir |
string |
The output directory into which to emit synthesized artifacts. |
permissionsBoundary |
aws-cdk-lib.PermissionsBoundary |
Options for applying a permissions boundary to all IAM Roles and Users created within this Stage. |
policyValidationBeta1 |
aws-cdk-lib.IPolicyValidationPluginBeta1 [] |
Validation plugins to run during synthesis. |
stageName |
string |
Name of this stage. |
contextFile |
string |
The filesystem path to a JSON file that contains context values to load. |
env
Optional
public readonly env: Environment;
- Type:
aws-cdk-lib.Environment
- Default: The environments should be configured on the
Stack
s.
Default AWS environment (account/region) for Stack
s in this Stage
.
Stacks defined inside this Stage
with either region
or account
missing from its env will use the corresponding field given here. If either region
or account
is is not configured for Stack
(either on the Stack
itself or on the containing Stage
), the Stack will be environment-agnostic. Environment-agnostic stacks can be deployed to any environment, may not be able to take advantage of all features of the CDK. For example, they will not be able to use environmental context lookups, will not automatically translate Service Principals to the right format based on the environment’s AWS partition, and other such enhancements.
outdir
Optional
public readonly outdir: string;
- Type:
string
- Default: for nested stages, outdir will be determined as a relative directory to the outdir of the app. For apps, if outdir is not specified, a temporary directory will be created.
The output directory into which to emit synthesized artifacts.
Can only be specified if this stage is the root stage (the app). If this is specified and this stage is nested within another stage, an error will be thrown.
permissionsBoundary
Optional
public readonly permissionsBoundary: PermissionsBoundary;
- Type:
aws-cdk-lib.PermissionsBoundary
- Default: no permissions boundary is applied
Options for applying a permissions boundary to all IAM Roles and Users created within this Stage.
policyValidationBeta1
Optional
public readonly policyValidationBeta1: IPolicyValidationPluginBeta1[];
- Type:
aws-cdk-lib.IPolicyValidationPluginBeta1
[] - Default: no validation plugins are used
Validation plugins to run during synthesis.
If any plugin reports any violation, synthesis will be interrupted and the report displayed to the user.
stageName
Optional
public readonly stageName: string;
- Type:
string
- Default: Derived from the id.
Name of this stage.
contextFile
Optional
public readonly contextFile: string;
- Type:
string
The filesystem path to a JSON file that contains context values to load.
Using this property allows you to load different context values within each Stage, directly from a file you can check into source control.
DeploymentTierStageProps
Constructor properties for DeploymentTierStage.
Initializer
import { DeploymentTierStageProps } from 'shady-island'
const deploymentTierStageProps: DeploymentTierStageProps = { ... }
Properties
Name | Type | Description |
---|---|---|
env |
aws-cdk-lib.Environment |
Default AWS environment (account/region) for Stack s in this Stage . |
outdir |
string |
The output directory into which to emit synthesized artifacts. |
permissionsBoundary |
aws-cdk-lib.PermissionsBoundary |
Options for applying a permissions boundary to all IAM Roles and Users created within this Stage. |
policyValidationBeta1 |
aws-cdk-lib.IPolicyValidationPluginBeta1 [] |
Validation plugins to run during synthesis. |
stageName |
string |
Name of this stage. |
contextFile |
string |
The filesystem path to a JSON file that contains context values to load. |
tier * |
shady-island.Tier |
The deployment tier. |
addTag |
boolean |
Whether a DeploymentTier tag is added to nested constructs. |
env
Optional
public readonly env: Environment;
- Type:
aws-cdk-lib.Environment
- Default: The environments should be configured on the
Stack
s.
Default AWS environment (account/region) for Stack
s in this Stage
.
Stacks defined inside this Stage
with either region
or account
missing from its env will use the corresponding field given here. If either region
or account
is is not configured for Stack
(either on the Stack
itself or on the containing Stage
), the Stack will be environment-agnostic. Environment-agnostic stacks can be deployed to any environment, may not be able to take advantage of all features of the CDK. For example, they will not be able to use environmental context lookups, will not automatically translate Service Principals to the right format based on the environment’s AWS partition, and other such enhancements.
outdir
Optional
public readonly outdir: string;
- Type:
string
- Default: for nested stages, outdir will be determined as a relative directory to the outdir of the app. For apps, if outdir is not specified, a temporary directory will be created.
The output directory into which to emit synthesized artifacts.
Can only be specified if this stage is the root stage (the app). If this is specified and this stage is nested within another stage, an error will be thrown.
permissionsBoundary
Optional
public readonly permissionsBoundary: PermissionsBoundary;
- Type:
aws-cdk-lib.PermissionsBoundary
- Default: no permissions boundary is applied
Options for applying a permissions boundary to all IAM Roles and Users created within this Stage.
policyValidationBeta1
Optional
public readonly policyValidationBeta1: IPolicyValidationPluginBeta1[];
- Type:
aws-cdk-lib.IPolicyValidationPluginBeta1
[] - Default: no validation plugins are used
Validation plugins to run during synthesis.
If any plugin reports any violation, synthesis will be interrupted and the report displayed to the user.
stageName
Optional
public readonly stageName: string;
- Type:
string
- Default: Derived from the id.
Name of this stage.
contextFile
Optional
public readonly contextFile: string;
- Type:
string
The filesystem path to a JSON file that contains context values to load.
Using this property allows you to load different context values within each Stage, directly from a file you can check into source control.
tier
Required
public readonly tier: Tier;
- Type:
shady-island.Tier
The deployment tier.
addTag
Optional
public readonly addTag: boolean;
- Type:
boolean
- Default: true
Whether a DeploymentTier
tag is added to nested constructs.
EncryptedFileSystemProps
Constructor parameters for EncryptedFileSystem.
The encrypted
argument is ignored.
Initializer
import { EncryptedFileSystemProps } from 'shady-island'
const encryptedFileSystemProps: EncryptedFileSystemProps = { ... }
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
VPC to launch the file system in. |
allowAnonymousAccess |
boolean |
Allow access from anonymous client that doesn’t use IAM authentication. |
enableAutomaticBackups |
boolean |
Whether to enable automatic backups for the file system. |
encrypted |
boolean |
Defines if the data at rest in the file system is encrypted or not. |
fileSystemName |
string |
The file system’s name. |
fileSystemPolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
File system policy is an IAM resource policy used to control NFS access to an EFS file system. |
kmsKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
lifecyclePolicy |
aws-cdk-lib.aws_efs.LifecyclePolicy |
A policy used by EFS lifecycle management to transition files to the Infrequent Access (IA) storage class. |
outOfInfrequentAccessPolicy |
aws-cdk-lib.aws_efs.OutOfInfrequentAccessPolicy |
A policy used by EFS lifecycle management to transition files from Infrequent Access (IA) storage class to primary storage class. |
performanceMode |
aws-cdk-lib.aws_efs.PerformanceMode |
The performance mode that the file system will operate under. |
provisionedThroughputPerSecond |
aws-cdk-lib.Size |
Provisioned throughput for the file system. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
The removal policy to apply to the file system. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
Security Group to assign to this file system. |
throughputMode |
aws-cdk-lib.aws_efs.ThroughputMode |
Enum to mention the throughput mode of the file system. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Which subnets to place the mount target in the VPC. |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
VPC to launch the file system in.
allowAnonymousAccess
Optional
public readonly allowAnonymousAccess: boolean;
- Type:
boolean
- Default: false when using
grantRead
,grantWrite
,grantRootAccess
or set@aws-cdk/aws-efs:denyAnonymousAccess
feature flag, otherwise true
Allow access from anonymous client that doesn’t use IAM authentication.
enableAutomaticBackups
Optional
public readonly enableAutomaticBackups: boolean;
- Type:
boolean
- Default: false
Whether to enable automatic backups for the file system.
encrypted
Optional
public readonly encrypted: boolean;
- Type:
boolean
- Default: If your application has the ‘@aws-cdk/aws-efs:defaultEncryptionAtRest’ feature flag set, the default is true, otherwise, the default is false.
Defines if the data at rest in the file system is encrypted or not.
https://docs.aws.amazon.com/cdk/latest/guide/featureflags.html
fileSystemName
Optional
public readonly fileSystemName: string;
- Type:
string
- Default: CDK generated name
The file system’s name.
fileSystemPolicy
Optional
public readonly fileSystemPolicy: PolicyDocument;
- Type:
aws-cdk-lib.aws_iam.PolicyDocument
- Default: none
File system policy is an IAM resource policy used to control NFS access to an EFS file system.
kmsKey
Optional
public readonly kmsKey: IKey;
- Type:
aws-cdk-lib.aws_kms.IKey
- Default: if ‘encrypted’ is true, the default key for EFS (/aws/elasticfilesystem) is used
The KMS key used for encryption.
This is required to encrypt the data at rest if
lifecyclePolicy
Optional
public readonly lifecyclePolicy: LifecyclePolicy;
- Type:
aws-cdk-lib.aws_efs.LifecyclePolicy
- Default: None. EFS will not transition files to the IA storage class.
A policy used by EFS lifecycle management to transition files to the Infrequent Access (IA) storage class.
outOfInfrequentAccessPolicy
Optional
public readonly outOfInfrequentAccessPolicy: OutOfInfrequentAccessPolicy;
- Type:
aws-cdk-lib.aws_efs.OutOfInfrequentAccessPolicy
- Default: None. EFS will not transition files from IA storage to primary storage.
A policy used by EFS lifecycle management to transition files from Infrequent Access (IA) storage class to primary storage class.
performanceMode
Optional
public readonly performanceMode: PerformanceMode;
- Type:
aws-cdk-lib.aws_efs.PerformanceMode
- Default: PerformanceMode.GENERAL_PURPOSE
The performance mode that the file system will operate under.
An Amazon EFS file system’s performance mode can’t be changed after the file system has been created. Updating this property will replace the file system.
provisionedThroughputPerSecond
Optional
public readonly provisionedThroughputPerSecond: Size;
- Type:
aws-cdk-lib.Size
- Default: none, errors out
Provisioned throughput for the file system.
This is a required property if the throughput mode is set to PROVISIONED. Must be at least 1MiB/s.
removalPolicy
Optional
public readonly removalPolicy: RemovalPolicy;
- Type:
aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.RETAIN
The removal policy to apply to the file system.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: creates new security group which allows all outbound traffic
Security Group to assign to this file system.
throughputMode
Optional
public readonly throughputMode: ThroughputMode;
- Type:
aws-cdk-lib.aws_efs.ThroughputMode
- Default: ThroughputMode.BURSTING
Enum to mention the throughput mode of the file system.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Which subnets to place the mount target in the VPC.
EncryptedLogGroupProps
Constructor properties for EncryptedLogGroup.
Initializer
import { EncryptedLogGroupProps } from 'shady-island'
const encryptedLogGroupProps: EncryptedLogGroupProps = { ... }
Properties
Name | Type | Description |
---|---|---|
logGroupName * |
string |
Name of the log group. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS Key to encrypt the log group with. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
Whether the key and group should be retained when they are removed from the Stack. |
retention |
aws-cdk-lib.aws_logs.RetentionDays |
How long, in days, the log contents will be retained. |
logGroupName
Required
public readonly logGroupName: string;
- Type:
string
Name of the log group.
We need a log group name ahead of time because otherwise the key policy would create a cyclical dependency.
encryptionKey
Optional
public readonly encryptionKey: IKey;
- Type:
aws-cdk-lib.aws_kms.IKey
- Default: A new KMS key will be created
The KMS Key to encrypt the log group with.
removalPolicy
Optional
public readonly removalPolicy: RemovalPolicy;
- Type:
aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.RETAIN
Whether the key and group should be retained when they are removed from the Stack.
retention
Optional
public readonly retention: RetentionDays;
- Type:
aws-cdk-lib.aws_logs.RetentionDays
- Default: RetentionDays.TWO_YEARS
How long, in days, the log contents will be retained.
FargateAwsVpcConfiguration
The networkConfiguration.awsvpcConfiguration
values for ecs.RunTask
.
Initializer
import { FargateAwsVpcConfiguration } from 'shady-island'
const fargateAwsVpcConfiguration: FargateAwsVpcConfiguration = { ... }
Properties
Name | Type | Description |
---|---|---|
assignPublicIp |
string |
Whether the task’s elastic network interface receives a public IP address. |
securityGroups |
string [] |
The IDs of the security groups associated with the task or service. |
subnets |
string [] |
The IDs of the subnets associated with the task or service. |
assignPublicIp
Optional
public readonly assignPublicIp: string;
- Type:
string
Whether the task’s elastic network interface receives a public IP address.
The default value is DISABLED
.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-awsvpcconfiguration.html#cfn-ecs-service-awsvpcconfiguration-assignpublicip
securityGroups
Optional
public readonly securityGroups: string[];
- Type:
string
[]
The IDs of the security groups associated with the task or service.
If you don’t specify a security group, the default security group for the VPC is used. There’s a limit of 5 security groups that can be specified per AwsVpcConfiguration
. > All specified security groups must be from the same VPC.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-awsvpcconfiguration.html#cfn-ecs-service-awsvpcconfiguration-securitygroups
subnets
Optional
public readonly subnets: string[];
- Type:
string
[]
The IDs of the subnets associated with the task or service.
There’s a limit of 16 subnets that can be specified per AwsVpcConfiguration
. > All specified subnets must be from the same VPC.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-service-awsvpcconfiguration.html#cfn-ecs-service-awsvpcconfiguration-subnets
FargateTaskProps
Constructor parameters for FargateTask.
Initializer
import { FargateTaskProps } from 'shady-island'
const fargateTaskProps: FargateTaskProps = { ... }
Properties
Name | Type | Description |
---|---|---|
cluster * |
aws-cdk-lib.aws_ecs.ICluster |
The name of the cluster that hosts the service. |
taskDefinition * |
aws-cdk-lib.aws_ecs.FargateTaskDefinition |
The task definition that can be launched. |
assignPublicIp |
boolean |
Specifies whether the task’s elastic network interface receives a public IP address. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup [] |
Existing security groups to use for your task. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The subnets to associate with the task. |
cluster
Required
public readonly cluster: ICluster;
The name of the cluster that hosts the service.
taskDefinition
Required
public readonly taskDefinition: FargateTaskDefinition;
The task definition that can be launched.
assignPublicIp
Optional
public readonly assignPublicIp: boolean;
- Type:
boolean
- Default: false
Specifies whether the task’s elastic network interface receives a public IP address.
If true, the task will receive a public IP address.
securityGroups
Optional
public readonly securityGroups: ISecurityGroup[];
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
[] - Default: a new security group will be created.
Existing security groups to use for your task.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: Public subnets if
assignPublicIp
is set, otherwise the first available one of Private, Isolated, Public, in that order.
The subnets to associate with the task.
MysqlDatabaseForClusterOptions
Properties to specify when using MysqlDatabase.forCluster().
Initializer
import { MysqlDatabaseForClusterOptions } from 'shady-island'
const mysqlDatabaseForClusterOptions: MysqlDatabaseForClusterOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
characterSet |
string |
The database default character set to use. |
collation |
string |
The database default collation to use. |
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
characterSet
Optional
public readonly characterSet: string;
- Type:
string
- Default: “utf8mb4”
The database default character set to use.
collation
Optional
public readonly collation: string;
- Type:
string
- Default: rely on MySQL to choose the default collation.
The database default collation to use.
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Optional
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
MysqlDatabaseForServerlessClusterOptions
Properties to specify when using MysqlDatabase.forServerlessCluster().
Initializer
import { MysqlDatabaseForServerlessClusterOptions } from 'shady-island'
const mysqlDatabaseForServerlessClusterOptions: MysqlDatabaseForServerlessClusterOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
characterSet |
string |
The database default character set to use. |
collation |
string |
The database default collation to use. |
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC where the Lambda function will run. |
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
characterSet
Optional
public readonly characterSet: string;
- Type:
string
- Default: “utf8mb4”
The database default character set to use.
collation
Optional
public readonly collation: string;
- Type:
string
- Default: rely on MySQL to choose the default collation.
The database default collation to use.
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Optional
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC where the Lambda function will run.
MysqlDatabaseOptions
MySQL-specific options.
Initializer
import { MysqlDatabaseOptions } from 'shady-island'
const mysqlDatabaseOptions: MysqlDatabaseOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
characterSet |
string |
The database default character set to use. |
collation |
string |
The database default collation to use. |
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
characterSet
Optional
public readonly characterSet: string;
- Type:
string
- Default: “utf8mb4”
The database default character set to use.
collation
Optional
public readonly collation: string;
- Type:
string
- Default: rely on MySQL to choose the default collation.
The database default collation to use.
MysqlDatabaseProps
Constructor properties for MysqlDatabase.
Initializer
import { MysqlDatabaseProps } from 'shady-island'
const mysqlDatabaseProps: MysqlDatabaseProps = { ... }
Properties
Name | Type | Description |
---|---|---|
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
endpoint * |
aws-cdk-lib.aws_rds.Endpoint |
The cluster or instance endpoint. |
target * |
aws-cdk-lib.aws_ec2.IConnectable |
The target service or database. |
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC where the Lambda function will run. |
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
characterSet |
string |
The database default character set to use. |
collation |
string |
The database default collation to use. |
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Required
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
endpoint
Required
public readonly endpoint: Endpoint;
The cluster or instance endpoint.
target
Required
public readonly target: IConnectable;
The target service or database.
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC where the Lambda function will run.
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
characterSet
Optional
public readonly characterSet: string;
- Type:
string
- Default: “utf8mb4”
The database default character set to use.
collation
Optional
public readonly collation: string;
- Type:
string
- Default: rely on MySQL to choose the default collation.
The database default collation to use.
PostgresqlDatabaseForClusterOptions
Properties to specify when using PostgresqlDatabase.forCluster().
Initializer
import { PostgresqlDatabaseForClusterOptions } from 'shady-island'
const postgresqlDatabaseForClusterOptions: PostgresqlDatabaseForClusterOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
ownerSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
The Secrets Manager secret for the owner of the schema. |
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
encoding |
string |
The database default encoding set to use. |
locale |
string |
The database default locale to use. |
schemaName |
string |
The name of the schema to create. |
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
ownerSecret
Required
public readonly ownerSecret: ISecret;
The Secrets Manager secret for the owner of the schema.
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
encoding
Optional
public readonly encoding: string;
- Type:
string
- Default: “UTF8”
The database default encoding set to use.
locale
Optional
public readonly locale: string;
- Type:
string
- Default: rely on PostgreSQL to choose the default locale.
The database default locale to use.
schemaName
Optional
public readonly schemaName: string;
- Type:
string
- Default: The username of the ownerSecret.
The name of the schema to create.
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Optional
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
PostgresqlDatabaseForServerlessClusterOptions
Properties to specify when using PostgresqlDatabase.forServerlessCluster().
Initializer
import { PostgresqlDatabaseForServerlessClusterOptions } from 'shady-island'
const postgresqlDatabaseForServerlessClusterOptions: PostgresqlDatabaseForServerlessClusterOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
ownerSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
The Secrets Manager secret for the owner of the schema. |
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
encoding |
string |
The database default encoding set to use. |
locale |
string |
The database default locale to use. |
schemaName |
string |
The name of the schema to create. |
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC where the Lambda function will run. |
ownerSecret
Required
public readonly ownerSecret: ISecret;
The Secrets Manager secret for the owner of the schema.
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
encoding
Optional
public readonly encoding: string;
- Type:
string
- Default: “UTF8”
The database default encoding set to use.
locale
Optional
public readonly locale: string;
- Type:
string
- Default: rely on PostgreSQL to choose the default locale.
The database default locale to use.
schemaName
Optional
public readonly schemaName: string;
- Type:
string
- Default: The username of the ownerSecret.
The name of the schema to create.
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Optional
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC where the Lambda function will run.
PostgresqlDatabaseOptions
PostgreSQL-specific options.
Initializer
import { PostgresqlDatabaseOptions } from 'shady-island'
const postgresqlDatabaseOptions: PostgresqlDatabaseOptions = { ... }
Properties
Name | Type | Description |
---|---|---|
ownerSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
The Secrets Manager secret for the owner of the schema. |
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
encoding |
string |
The database default encoding set to use. |
locale |
string |
The database default locale to use. |
schemaName |
string |
The name of the schema to create. |
ownerSecret
Required
public readonly ownerSecret: ISecret;
The Secrets Manager secret for the owner of the schema.
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
encoding
Optional
public readonly encoding: string;
- Type:
string
- Default: “UTF8”
The database default encoding set to use.
locale
Optional
public readonly locale: string;
- Type:
string
- Default: rely on PostgreSQL to choose the default locale.
The database default locale to use.
schemaName
Optional
public readonly schemaName: string;
- Type:
string
- Default: The username of the ownerSecret.
The name of the schema to create.
PostgresqlDatabaseProps
Constructor properties for PostgresqlDatabase.
Initializer
import { PostgresqlDatabaseProps } from 'shady-island'
const postgresqlDatabaseProps: PostgresqlDatabaseProps = { ... }
Properties
Name | Type | Description |
---|---|---|
databaseName * |
string |
The name of the database/catalog to create. |
securityGroup |
aws-cdk-lib.aws_ec2.ISecurityGroup |
The security group for the Lambda function. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
The type of subnets in the VPC where the Lambda function will run. |
adminSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
A Secrets Manager secret that contains administrative credentials. |
endpoint * |
aws-cdk-lib.aws_rds.Endpoint |
The cluster or instance endpoint. |
target * |
aws-cdk-lib.aws_ec2.IConnectable |
The target service or database. |
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The VPC where the Lambda function will run. |
ownerSecret * |
aws-cdk-lib.aws_secretsmanager.ISecret |
The Secrets Manager secret for the owner of the schema. |
certificateAuthoritiesUrl |
string |
The URL to the PEM-encoded Certificate Authority file. |
encoding |
string |
The database default encoding set to use. |
locale |
string |
The database default locale to use. |
schemaName |
string |
The name of the schema to create. |
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog to create.
securityGroup
Optional
public readonly securityGroup: ISecurityGroup;
- Type:
aws-cdk-lib.aws_ec2.ISecurityGroup
- Default: a new security group is created
The security group for the Lambda function.
vpcSubnets
Optional
public readonly vpcSubnets: SubnetSelection;
- Type:
aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified.
The type of subnets in the VPC where the Lambda function will run.
adminSecret
Required
public readonly adminSecret: ISecret;
A Secrets Manager secret that contains administrative credentials.
endpoint
Required
public readonly endpoint: Endpoint;
The cluster or instance endpoint.
target
Required
public readonly target: IConnectable;
The target service or database.
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The VPC where the Lambda function will run.
ownerSecret
Required
public readonly ownerSecret: ISecret;
The Secrets Manager secret for the owner of the schema.
certificateAuthoritiesUrl
Optional
public readonly certificateAuthoritiesUrl: string;
- Type:
string
- Default: https://truststore.pki.rds.amazonaws.com/REGION/REGION-bundle.pem
The URL to the PEM-encoded Certificate Authority file.
Normally, we would just assume the Lambda runtime has the certificates to trust already installed. Since the current Lambda runtime environments lack the newer RDS certificate authority certificates, this option can be used to specify a URL to a remote file containing the CAs.
https://github.com/aws/aws-lambda-base-images/issues/123
encoding
Optional
public readonly encoding: string;
- Type:
string
- Default: “UTF8”
The database default encoding set to use.
locale
Optional
public readonly locale: string;
- Type:
string
- Default: rely on PostgreSQL to choose the default locale.
The database default locale to use.
schemaName
Optional
public readonly schemaName: string;
- Type:
string
- Default: The username of the ownerSecret.
The name of the schema to create.
PrioritizedLines
A container for lines of a User Data script, sortable by priority
.
Initializer
import { PrioritizedLines } from 'shady-island'
const prioritizedLines: PrioritizedLines = { ... }
Properties
Name | Type | Description |
---|---|---|
lines * |
string [] |
The command lines. |
priority * |
number |
The priority for this set of commands. |
lines
Required
public readonly lines: string[];
- Type:
string
[]
The command lines.
priority
Required
public readonly priority: number;
- Type:
number
The priority for this set of commands.
WorkloadProps
Constructor properties for a Workload.
Initializer
import { WorkloadProps } from 'shady-island'
const workloadProps: WorkloadProps = { ... }
Properties
Name | Type | Description |
---|---|---|
tier * |
shady-island.Tier |
The deployment tier. |
baseDomainName |
string |
The base domain name used to create the FQDN for public resources. |
contextFile |
string |
The filesystem path to a JSON file that contains context values to load. |
env |
aws-cdk-lib.Environment |
The AWS environment (account/region) where this stack will be deployed. |
workloadName |
string |
The machine identifier for this workload. |
tier
Required
public readonly tier: Tier;
- Type:
shady-island.Tier
The deployment tier.
baseDomainName
Optional
public readonly baseDomainName: string;
- Type:
string
The base domain name used to create the FQDN for public resources.
contextFile
Optional
public readonly contextFile: string;
- Type:
string
The filesystem path to a JSON file that contains context values to load.
Using this property allows you to load different context values within each instantiated Workload
, directly from a file you can check into source control.
env
Optional
public readonly env: Environment;
- Type:
aws-cdk-lib.Environment
The AWS environment (account/region) where this stack will be deployed.
workloadName
Optional
public readonly workloadName: string;
- Type:
string
- Default: The id passed to the
Workload
constructor, but in lowercase
The machine identifier for this workload.
This value will be used to create the publicDomainName
property. By default, the stackName
property used to create Stack
constructs in the createStack
method will begin with this Workload’s workloadName
and its tier
separated by hyphens. Consider providing a constant workloadName
value to the superclass constructor in your derived class.
Classes
ContextLoader
A utility to load context values into a construct node.
If you want to use this utility in your own construct, make sure to invoke it before you create any child constructs.
Initializers
import { ContextLoader } from 'shady-island'
new ContextLoader()
| Name | Type | Description | | — | — | — |
Static Functions
Name | Description |
---|---|
loadContext |
Parses JSON file contents, then provides the values to a Node’s context. |
loadContext
import { ContextLoader } from 'shady-island'
ContextLoader.loadContext(filename: string, node: Node)
filename
Required
- Type:
string
The JSON file with an object to use as context values.
node
Required
- Type:
constructs.Node
The constructs node to receive the context values.
Tier
A deployment environment with a specific purpose and audience.
You can create any Tier you like, but we include those explained by DTAP.
https://en.wikipedia.org/wiki/Development,_testing,_acceptance_and_production
Initializers
import { Tier } from 'shady-island'
new Tier(id: string, label: string)
Name | Type | Description |
---|---|---|
id * |
string |
The machine-readable identifier for this tier (e.g. prod). |
label * |
string |
The human-readable label for this tier (e.g. Production). |
id
Required
- Type:
string
The machine-readable identifier for this tier (e.g. prod).
label
Required
- Type:
string
The human-readable label for this tier (e.g. Production).
Methods
Name | Description |
---|---|
applyTags |
Adds the label of this tier as a tag to the provided construct. |
assignTo |
Assigns this tier to a construct. |
matches |
Compares this tier to the provided value and tests for equality. |
applyTags
public applyTags(construct: IConstruct)
construct
Required
- Type:
constructs.IConstruct
assignTo
public assignTo(construct: IConstruct)
construct
Required
- Type:
constructs.IConstruct
The construct to receive the tier assignment.
matches
public matches(other: Tier)
other
Required
- Type:
shady-island.Tier
The value to compare.
Static Functions
Name | Description |
---|---|
of |
Finds the deployment tier of the given construct. |
parse |
Return the deployment tier that corresponds to the provided value. |
of
import { Tier } from 'shady-island'
Tier.of(construct: IConstruct)
construct
Required
- Type:
constructs.IConstruct
The construct to inspect.
parse
import { Tier } from 'shady-island'
Tier.parse(value: string)
value
Required
- Type:
string
The value to parse, case-insensitive.
Properties
Name | Type | Description |
---|---|---|
id * |
string |
The machine-readable identifier for this tier (e.g. prod). |
label * |
string |
The human-readable label for this tier (e.g. Production). |
id
Required
public readonly id: string;
- Type:
string
The machine-readable identifier for this tier (e.g. prod).
label
Required
public readonly label: string;
- Type:
string
The human-readable label for this tier (e.g. Production).
Constants
Name | Type | Description |
---|---|---|
ACCEPTANCE * |
shady-island.Tier |
A tier that represents an acceptance environment. |
DEVELOPMENT * |
shady-island.Tier |
A tier that represents a development environment. |
PRODUCTION * |
shady-island.Tier |
A tier that represents a production environment. |
TESTING * |
shady-island.Tier |
A tier that represents a testing environment. |
ACCEPTANCE
- Type:
shady-island.Tier
A tier that represents an acceptance environment.
DEVELOPMENT
- Type:
shady-island.Tier
A tier that represents a development environment.
PRODUCTION
- Type:
shady-island.Tier
A tier that represents a production environment.
TESTING
- Type:
shady-island.Tier
A tier that represents a testing environment.
TierTagger
- Implements:
aws-cdk-lib.IAspect
A CDK Aspect to apply the DeploymentTier
tag to Stacks.
Initializers
import { TierTagger } from 'shady-island'
new TierTagger(tier: Tier)
Name | Type | Description |
---|---|---|
tier * |
shady-island.Tier |
The deployment tier. |
tier
Required
- Type:
shady-island.Tier
The deployment tier.
Methods
Name | Description |
---|---|
visit |
All aspects can visit an IConstruct. |
visit
public visit(node: IConstruct)
node
Required
- Type:
constructs.IConstruct
UserDataBuilder
A utility class to assist with composing instance User Data.
This class allows multiple observers in code to add lines to the same end result UserData without clobbering each other. Just like conf.d
directories with priority number prefixes, you can declare the proper execution order of your UserData commands without having to add them in that order.
Initializers
import { UserDataBuilder } from 'shady-island'
new UserDataBuilder()
| Name | Type | Description | | — | — | — |
Methods
Name | Description |
---|---|
addCommands |
Add one or more commands to the user data with a priority of 0 . |
buildUserData |
Produces the User Data script with all lines sorted in priority order. |
insertCommands |
Add one or more commands to the user data at a specific priority. |
addCommands
public addCommands(commands: string)
commands
Required
- Type:
string
The lines to add.
buildUserData
public buildUserData()
insertCommands
public insertCommands(priority: number, commands: string)
priority
Required
- Type:
number
The priority of these lines (lower executes earlier).
commands
Required
- Type:
string
The lines to add.
Static Functions
Name | Description |
---|---|
forLinux |
Returns a user data builder for GNU/Linux operating systems. |
forWindows |
Returns a user data builder for Windows operating systems. |
forLinux
import { UserDataBuilder } from 'shady-island'
UserDataBuilder.forLinux(options?: LinuxUserDataOptions)
options
Optional
The Linux UserData constructor options.
forWindows
import { UserDataBuilder } from 'shady-island'
UserDataBuilder.forWindows()
Protocols
IAssignOnLaunch
- Implemented By:
shady-island.AssignOnLaunch
,shady-island.IAssignOnLaunch
Interface for the AssignOnLaunch class.
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The IPv6-enabled VPC. |
vpcPlacement * |
aws-cdk-lib.aws_ec2.SelectedSubnets |
The chosen subnets for address assignment on ENI launch. |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The IPv6-enabled VPC.
vpcPlacement
Required
public readonly vpcPlacement: SelectedSubnets;
The chosen subnets for address assignment on ENI launch.
ICidrContext
- Implemented By:
shady-island.CidrContext
,shady-island.ICidrContext
Interface for the CidrContext class.
Properties
Name | Type | Description |
---|---|---|
vpc * |
aws-cdk-lib.aws_ec2.IVpc |
The IPv6-enabled VPC. |
vpc
Required
public readonly vpc: IVpc;
- Type:
aws-cdk-lib.aws_ec2.IVpc
The IPv6-enabled VPC.
IDatabase
-
Extends:
constructs.IConstruct
-
Implemented By:
shady-island.BaseDatabase
,shady-island.MysqlDatabase
,shady-island.PostgresqlDatabase
,shady-island.IDatabase
The definition used to create a database.
Methods
Name | Description |
---|---|
addUserAsOwner |
Declares a new database user to be assigned ownership permissions. |
addUserAsReader |
Declares a new database user to be assigned read-only permissions. |
addUserAsUnprivileged |
Declares a new database user with no permissions. |
addUserAsOwner
public addUserAsOwner(secret: ISecret)
secret
Required
The Secrets Manager secret containing credentials.
addUserAsReader
public addUserAsReader(secret: ISecret)
secret
Required
The Secrets Manager secret containing credentials.
addUserAsUnprivileged
public addUserAsUnprivileged(secret: ISecret)
secret
Required
The Secrets Manager secret containing credentials.
Properties
Name | Type | Description |
---|---|---|
node * |
constructs.Node |
The tree node. |
databaseName * |
string |
The name of the database/catalog. |
endpoint * |
aws-cdk-lib.aws_rds.Endpoint |
The cluster or instance endpoint. |
trigger * |
aws-cdk-lib.triggers.ITrigger |
The CDK Trigger that kicks off the process. |
node
Required
public readonly node: Node;
- Type:
constructs.Node
The tree node.
databaseName
Required
public readonly databaseName: string;
- Type:
string
The name of the database/catalog.
endpoint
Required
public readonly endpoint: Endpoint;
The cluster or instance endpoint.
trigger
Required
public readonly trigger: ITrigger;
The CDK Trigger that kicks off the process.
You can further customize when the trigger fires using executeAfter
.
IEncryptedFileSystem
-
Extends:
constructs.IConstruct
-
Implemented By:
shady-island.EncryptedFileSystem
,shady-island.IEncryptedFileSystem
Interface for EncryptedFileSystem.
Properties
Name | Type | Description |
---|---|---|
node * |
constructs.Node |
The tree node. |
fileSystem * |
aws-cdk-lib.aws_efs.IFileSystem |
The EFS file system. |
key * |
aws-cdk-lib.aws_kms.IKey |
The KMS encryption key. |
node
Required
public readonly node: Node;
- Type:
constructs.Node
The tree node.
fileSystem
Required
public readonly fileSystem: IFileSystem;
The EFS file system.
key
Required
public readonly key: IKey;
- Type:
aws-cdk-lib.aws_kms.IKey
The KMS encryption key.
IEncryptedLogGroup
- Implemented By:
shady-island.EncryptedLogGroup
,shady-island.IEncryptedLogGroup
A log group encrypted by a KMS customer managed key.
Properties
Name | Type | Description |
---|---|---|
key * |
aws-cdk-lib.aws_kms.IKey |
The KMS encryption key. |
logGroup * |
aws-cdk-lib.aws_logs.ILogGroup |
The log group. |
key
Required
public readonly key: IKey;
- Type:
aws-cdk-lib.aws_kms.IKey
The KMS encryption key.
logGroup
Required
public readonly logGroup: ILogGroup;
The log group.
IFargateTask
-
Extends:
aws-cdk-lib.aws_ec2.IConnectable
,constructs.IConstruct
-
Implemented By:
shady-island.FargateTask
,shady-island.IFargateTask
Interface for FargateTask.
Methods
Name | Description |
---|---|
grantRun |
Grants permission to invoke ecs:RunTask on this task’s cluster. |
grantRun
public grantRun(grantee: IGrantable)
grantee
Required
The recipient of the permissions.
Properties
Name | Type | Description |
---|---|---|
connections * |
aws-cdk-lib.aws_ec2.Connections |
The network connections associated with this resource. |
node * |
constructs.Node |
The tree node. |
awsVpcNetworkConfig * |
shady-island.FargateAwsVpcConfiguration |
Get the networkConfiguration.awsvpcConfiguration property to run this task. |
cluster * |
aws-cdk-lib.aws_ecs.ICluster |
The name of the cluster that hosts the service. |
taskDefinition * |
aws-cdk-lib.aws_ecs.FargateTaskDefinition |
The task definition that can be launched. |
connections
Required
public readonly connections: Connections;
The network connections associated with this resource.
node
Required
public readonly node: Node;
- Type:
constructs.Node
The tree node.
awsVpcNetworkConfig
Required
public readonly awsVpcNetworkConfig: FargateAwsVpcConfiguration;
Get the networkConfiguration.awsvpcConfiguration property to run this task.
cluster
Required
public readonly cluster: ICluster;
The name of the cluster that hosts the service.
taskDefinition
Required
public readonly taskDefinition: FargateTaskDefinition;
The task definition that can be launched.