-
Notifications
You must be signed in to change notification settings - Fork 4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into huijbers/always-bootstrap
- Loading branch information
Showing
22 changed files
with
1,003 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
49 changes: 49 additions & 0 deletions
49
packages/@aws-cdk/aws-iot-actions/lib/cloudwatch-logs-action.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
import * as iam from '@aws-cdk/aws-iam'; | ||
import * as iot from '@aws-cdk/aws-iot'; | ||
import * as logs from '@aws-cdk/aws-logs'; | ||
import { singletonActionRole } from './private/role'; | ||
|
||
/** | ||
* Configuration properties of an action for CloudWatch Logs. | ||
*/ | ||
export interface CloudWatchLogsActionProps { | ||
/** | ||
* The IAM role that allows access to the CloudWatch log group. | ||
* | ||
* @default a new role will be created | ||
*/ | ||
readonly role?: iam.IRole; | ||
} | ||
|
||
/** | ||
* The action to send data to Amazon CloudWatch Logs | ||
*/ | ||
export class CloudWatchLogsAction implements iot.IAction { | ||
private readonly role?: iam.IRole; | ||
|
||
/** | ||
* @param logGroup The CloudWatch log group to which the action sends data | ||
* @param props Optional properties to not use default | ||
*/ | ||
constructor( | ||
private readonly logGroup: logs.ILogGroup, | ||
props: CloudWatchLogsActionProps = {}, | ||
) { | ||
this.role = props.role; | ||
} | ||
|
||
bind(rule: iot.ITopicRule): iot.ActionConfig { | ||
const role = this.role ?? singletonActionRole(rule); | ||
this.logGroup.grantWrite(role); | ||
this.logGroup.grant(role, 'logs:DescribeLogStreams'); | ||
|
||
return { | ||
configuration: { | ||
cloudwatchLogs: { | ||
logGroupName: this.logGroup.logGroupName, | ||
roleArn: role.roleArn, | ||
}, | ||
}, | ||
}; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
export * from './cloudwatch-logs-action'; | ||
export * from './lambda-function-action'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
import * as iam from '@aws-cdk/aws-iam'; | ||
import { IConstruct, PhysicalName } from '@aws-cdk/core'; | ||
|
||
// keep this import separate from other imports to reduce chance for merge conflicts with v2-main | ||
// eslint-disable-next-line no-duplicate-imports, import/order | ||
import { Construct } from '@aws-cdk/core'; | ||
|
||
/** | ||
* Obtain the Role for the TopicRule | ||
* | ||
* If a role already exists, it will be returned. This ensures that if a rule have multiple | ||
* actions, they will share a role. | ||
* @internal | ||
*/ | ||
export function singletonActionRole(scope: IConstruct): iam.IRole { | ||
const id = 'TopicRuleActionRole'; | ||
const existing = scope.node.tryFindChild(id) as iam.IRole; | ||
if (existing) { | ||
return existing; | ||
}; | ||
|
||
const role = new iam.Role(scope as Construct, id, { | ||
roleName: PhysicalName.GENERATE_IF_NEEDED, | ||
assumedBy: new iam.ServicePrincipal('iot.amazonaws.com'), | ||
}); | ||
return role; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.