diff --git a/cloudformation.json b/cloudformation.json index 8c695c1..4893fd7 100644 --- a/cloudformation.json +++ b/cloudformation.json @@ -4,16 +4,16 @@ "RegionMap": { "us-west-2": { "S3Bucket": "leo-cli-publishbucket-mzhr7agmqo7u", - "AuthTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/auth/release/cloudformation-latest.json", - "BusTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/leo-bus/2.2.2/cloudformation.json", - "BotmonTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/botmon/2.2.1/cloudformation.json", + "AuthTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/auth/2.0.0/cloudformation-auth-1652216325999.json", + "BusTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/leo-bus/3.0.0/cloudformation-bus-1652216325999.json", + "BotmonTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/botmon/3.0.0/cloudformation-botmon-1652216325999.json", "CognitoTemplateUrl": "https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/leo-Cognito/cloudformation-latest.json" }, "us-east-1": { "S3Bucket": "leo-cli-publishbucket-abb4i613j9y9", - "AuthTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/auth/release/cloudformation-latest.json", - "BusTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/leo-bus/2.2.2/cloudformation.json", - "BotmonTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/botmon/2.2.1/cloudformation.json", + "AuthTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/auth/2.0.0/cloudformation-auth-1652216325999.json", + "BusTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/leo-bus/3.0.0/cloudformation-bus-1652216325999.json", + "BotmonTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/botmon/3.0.0/cloudformation-botmon-1652216325999.json", "CognitoTemplateUrl": "https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/leo-Cognito/cloudformation-latest.json" } } @@ -100,6 +100,27 @@ "BusTemplateUrl" ] }, + "Parameters": { + "TrustedAWSPrinciples": { + "Fn::Join": [ + ",", + { + "Ref": "TrustedAWSPrinciples" + } + ] + }, + "QueueReplicationDestinationLeoBotRoleARNs": { + "Fn::Join": [ + ",", + { + "Ref": "QueueReplicationDestinationLeoBotRoleARNs" + } + ] + }, + "QueueReplicationMapping": { + "Ref": "QueueReplicationMapping" + } + }, "TimeoutInMinutes": "60" } }, @@ -176,6 +197,110 @@ "Bus", "Cognito" ] + }, + "StackSecret": { + "Type": "AWS::SecretsManager::Secret", + "Properties": { + "Description": "{Key,Value} map of bus tables", + "Name": { + "Fn::Sub": [ + "rstreams-${resourceName}", + { + "resourceName": { + "Fn::Select": [ + "1", + { + "Fn::Split": [ + "/", + { + "Ref": "Bus" + } + ] + } + ] + } + } + ] + }, + "SecretString": { + "Fn::Sub": [ + "{\"LeoStream\":\"${leoStreamTable}\",\"LeoCron\":\"${leoCronTable}\",\"LeoEvent\":\"${leoEventTable}\",\"LeoSettings\":\"${leoSettingsTable}\",\"LeoSystem\":\"${leoSystemTable}\",\"LeoKinesisStream\":\"${leoKinesisStreamTable}\",\"LeoFirehoseStream\":\"${leoFirehoseStreamTable}\",\"LeoS3\":\"${leoS3Table}\",\"Region\":\"${AWS::Region}\"}", + { + "leoStreamTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoStream" + ] + }, + "leoCronTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoCron" + ] + }, + "leoEventTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoEvent" + ] + }, + "leoSettingsTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoSettings" + ] + }, + "leoSystemTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoSystem" + ] + }, + "leoKinesisStreamTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoKinesisStream" + ] + }, + "leoFirehoseStreamTable": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoFirehoseStream" + ] + }, + "leoS3Table": { + "Fn::GetAtt": [ + "Bus", + "Outputs.LeoS3" + ] + } + } + ] + } + } + }, + "RSFParameter": { + "Type": "AWS::SSM::Parameter", + "Properties": { + "Description": "String", + "Name": { + "Ref": "AWS::StackName" + }, + "Type": "String", + "Value": { + "Fn::Select": [ + "1", + { + "Fn::Split": [ + "/", + { + "Ref": "Bus" + } + ] + } + ] + } + } } }, "Parameters": { @@ -188,6 +313,19 @@ "InputCognitoId": { "Type": "String", "Description": "Cognito Pool Id used for request authentication. Leave Blank to have us create one" + }, + "TrustedAWSPrinciples": { + "Type": "CommaDelimitedList", + "Description": "List of AWS principles this Table trusts. (i.e. arn:aws:iam:::root) Trusted accounts can assume the role of a bot on this stack and write to it." + }, + "QueueReplicationDestinationLeoBotRoleARNs": { + "Type": "CommaDelimitedList", + "Description": "List of LeoBotRole Arn's this stack will assume for replication. The AccountId and Stack of the first ARN become the default AccountId and Stack used when defining the QueueReplicationMapping." + }, + "QueueReplicationMapping": { + "Type": "String", + "Default": "[]", + "Description": "JSON Array of Objects and/or Strings the form [\"SOURCE_QUEUE_A\", {\"SOURCE_QUEUE_B\": { \"account\": \"DEST_ACCOUNT_ID\", \"stack\": \"DEST_STACK_NAME\", \"destination\": \"DEST_QUEUE\"}}, {...}]. Omitting \"destination\" will default to the source queue name. Omitting \"account\" or \"stack\" will default to the first AccountId and Stack of the LeoBotRoleArn list. Simply listing a string will assume all defaults." } }, "Conditions": { @@ -199,5 +337,11 @@ "" ] } + }, + "Outputs": { + "LeoTemplate": { + "Description": "Leo Template", + "Value": "/leo/1.1.0/cloudformation-1659545728258.json" + } } -} +} \ No newline at end of file diff --git a/cloudformation/platform.js b/cloudformation/platform.js index cfb6d5a..08f63db 100644 --- a/cloudformation/platform.js +++ b/cloudformation/platform.js @@ -3,16 +3,16 @@ module.exports = { RegionMap: { 'us-west-2': { S3Bucket: 'leo-cli-publishbucket-mzhr7agmqo7u', - AuthTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/auth/release/cloudformation-latest.json', - BusTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/leo-bus/2.2.2/cloudformation.json', - BotmonTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/botmon/2.2.1/cloudformation.json', + AuthTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/auth/2.0.0/cloudformation-auth-1652216325999.json', + BusTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/leo-bus/3.0.0/cloudformation-bus-1652216325999.json', + BotmonTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/botmon/3.0.0/cloudformation-botmon-1652216325999.json', CognitoTemplateUrl: 'https://leo-cli-publishbucket-mzhr7agmqo7u.s3-us-west-2.amazonaws.com/leo-Cognito/cloudformation-latest.json' }, 'us-east-1': { S3Bucket: 'leo-cli-publishbucket-abb4i613j9y9', - AuthTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/auth/release/cloudformation-latest.json', - BusTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/leo-bus/2.2.2/cloudformation.json', - BotmonTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/botmon/2.2.1/cloudformation.json', + AuthTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/auth/2.0.0/cloudformation-auth-1652216325999.json', + BusTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/leo-bus/3.0.0/cloudformation-bus-1652216325999.json', + BotmonTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/botmon/3.0.0/cloudformation-botmon-1652216325999.json', CognitoTemplateUrl: 'https://leo-cli-publishbucket-abb4i613j9y9.s3.amazonaws.com/leo-Cognito/cloudformation-latest.json' } } @@ -21,6 +21,19 @@ module.exports = { InputCognitoId: { Type: 'String', Description: 'Cognito Pool Id used for request authentication. Leave Blank to have us create one' + }, + TrustedAWSPrinciples: { + Type: 'CommaDelimitedList', + Description: 'List of AWS principles this Table trusts. (i.e. arn:aws:iam:::root) Trusted accounts can assume the role of a bot on this stack and write to it.' + }, + QueueReplicationDestinationLeoBotRoleARNs: { + Type: 'CommaDelimitedList', + Description: 'List of LeoBotRole Arn\'s this stack will assume for replication. The AccountId and Stack of the first ARN become the default AccountId and Stack used when defining the QueueReplicationMapping.' + }, + QueueReplicationMapping: { + Type: 'String', + Default: '[]', + Description: 'JSON Array of Objects and/or Strings the form [\"SOURCE_QUEUE_A\", {\"SOURCE_QUEUE_B\": { \"account\": \"DEST_ACCOUNT_ID\", \"stack\": \"DEST_STACK_NAME\", \"destination\": \"DEST_QUEUE\"}}, {...}]. Omitting \"destination\" will default to the source queue name. Omitting \"account\" or \"stack\" will default to the first AccountId and Stack of the LeoBotRoleArn list. Simply listing a string will assume all defaults.' } }, Conditions: { @@ -59,6 +72,27 @@ module.exports = { 'BusTemplateUrl' ] }, + Parameters: { + TrustedAWSPrinciples: { + 'Fn::Join': [ + ',', + { + Ref: 'TrustedAWSPrinciples' + } + ] + }, + QueueReplicationDestinationLeoBotRoleARNs: { + 'Fn::Join': [ + ',', + { + Ref: 'QueueReplicationDestinationLeoBotRoleARNs' + } + ] + }, + QueueReplicationMapping: { + Ref: 'QueueReplicationMapping' + } + }, TimeoutInMinutes: '60' } }, @@ -115,6 +149,107 @@ module.exports = { } }, DependsOn: ['Auth', 'Bus', 'Cognito'] + }, + StackSecret: { + Type: 'AWS::SecretsManager::Secret', + Properties : { + Description : '{Key,Value} map of bus tables', + Name : { + 'Fn::Sub': [ + 'rstreams-${resourceName}', + { + 'resourceName': { + 'Fn::Select': [ + '1', + { + 'Fn::Split': [ + '/', + { + Ref: 'Bus' + } + ] + } + ] + } + } + ] + }, + SecretString : {'Fn::Sub': [ + '{\"LeoStream\":\"${leoStreamTable}\",\"LeoCron\":\"${leoCronTable}\",\"LeoEvent\":\"${leoEventTable}\",\"LeoSettings\":\"${leoSettingsTable}\",\"LeoSystem\":\"${leoSystemTable}\",\"LeoKinesisStream\":\"${leoKinesisStreamTable}\",\"LeoFirehoseStream\":\"${leoFirehoseStreamTable}\",\"LeoS3\":\"${leoS3Table}\",\"Region\":\"${AWS::Region}\"}', + { + 'leoStreamTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoStream' + ] + }, + 'leoCronTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoCron' + ] + }, + 'leoEventTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoEvent' + ] + }, + 'leoSettingsTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoSettings' + ] + }, + 'leoSystemTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoSystem' + ] + }, + 'leoKinesisStreamTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoKinesisStream' + ] + }, + 'leoFirehoseStreamTable': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoFirehoseStream' + ] + }, + 'leoS3Table': { + 'Fn::GetAtt': [ + 'Bus', + 'Outputs.LeoS3' + ] + } + } + ] + } + } + }, + RSFParameter: { + Type : 'AWS::SSM::Parameter', + Properties : { + Description : 'String', + Name : {Ref: 'AWS::StackName'}, + Type : 'String', + Value : { + 'Fn::Select': [ + '1', + { + 'Fn::Split': [ + '/', + { + Ref: 'Bus' + } + ] + } + ] + } + } } } }; diff --git a/package-lock.json b/package-lock.json index 5db04ca..e277f85 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "leo", - "version": "1.0.0", + "version": "1.1.0", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 97e0536..89000b6 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "leo", - "version": "1.0.1", + "version": "1.1.0", "description": "", "main": "", "scripts": {