Skip to content

Instantly share code, notes, and snippets.

@skorfmann

skorfmann/README.md

Last active May 3, 2021 08:59
Show Gist options
  • Save skorfmann/b52566f4580879fda1ab156cfc0edcfe to your computer and use it in GitHub Desktop.
Save skorfmann/b52566f4580879fda1ab156cfc0edcfe to your computer and use it in GitHub Desktop.
Download ZIP
An example for a custom provider leveraging https://github.com/lukekaalim/terraform-plugin-node-SDK/ This
Raw
README.md
Raw
main.tf
terraform {
required_providers {
s3-object-lambda = {
source = "local/cdktf/s3-object-lambda"
version = "0.1.0"
}
}
}
resource "s3-object-lambda_access_point_for_object_lambda" "access_point" {
name = "example_resource_name"
actions = ["GetObject"]
supporting_access_point = "bar"
lambda_arn = "yeah"
}
output "resource_id" {
value = s3-object-lambda_access_point_for_object_lambda.access_point.id
}
Raw
package.json
{
"name": "s3-object-lambda",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"keywords": [],
"author": "",
"license": "ISC",
"devDependencies": {
"@lukekaalim/terraform-cli": "^0.1.3"
},
"dependencies": {
"@aws-sdk/client-iam": "^3.13.1",
"@aws-sdk/client-s3-control": "^3.13.1",
"@aws-sdk/client-sts": "^3.13.1",
"@lukekaalim/terraform-plugin": "file:.yalc/@lukekaalim/terraform-plugin",
"@lukekaalim/terraform-plugin-sdk": "file:.yalc/@lukekaalim/terraform-plugin-sdk"
}
}
Raw
plugin.js
const { createPlugin } = require('@lukekaalim/terraform-plugin-sdk');
const { s3Provider } = require('./provider');
const { accessPointforObjectLambda } = require('./resources');
const s3Plugin = createPlugin(s3Provider, [accessPointforObjectLambda]);
s3Plugin.run()
Raw
provider.js
const { createProvider, createSchema } = require('@lukekaalim/terraform-plugin-sdk');
const { S3ControlClient } = require("@aws-sdk/client-s3-control");
const s3Schema = createSchema({});
const s3Provider = createProvider({
name: 's3-object-lambda',
schema: s3Schema,
configure({}) {
const client = new S3ControlClient({ region: "eu-central-1" });
return { client };
}
});
module.exports = {
s3Provider,
};
Raw
resources.js
const { createResource, createSchema, types } = require('@lukekaalim/terraform-plugin-sdk');
const {
CreateAccessPointForObjectLambdaCommand,
PutAccessPointConfigurationForObjectLambdaCommand,
DeleteAccessPointForObjectLambdaCommand,
GetAccessPointConfigurationForObjectLambdaCommand
} = require("@aws-sdk/client-s3-control");
const {
STSClient,
GetCallerIdentityCommand
} = require("@aws-sdk/client-sts")
const fileSchema = createSchema({
id: {
type: types.string,
description: 'The Unique ID of this Access Point',
computed: true
},
name: {
type: types.string,
description: 'The name of the access point',
required: true,
forceNew: true
},
supporting_access_point: {
type: types.string,
description: 'The arn of the S3 access point',
required: true
},
actions: {
type: types.list(types.string),
description: 'The allowed actions',
required: true
},
lambda_arn: {
type: types.string,
description: 'The ARN of the AWS Lambda function',
required: true
},
arn: {
type: types.string,
description: 'The ARN of the AWS Lambda function',
computed: true
},
}, 2);
const accessPointforObjectLambda = createResource({
name: 'access_point_for_object_lambda',
block: fileSchema,
version: 2,
upgrade(version, state) {
switch (version.low) {
case 1:
return { id: state.id, name: '' };
default:
return state;
}
},
async read({ client }, state) {
const foo = new GetCallerIdentityCommand({})
const iamClient = new STSClient({region: 'eu-central-1'})
const iamResult = await iamClient.send(foo)
const command = new GetAccessPointConfigurationForObjectLambdaCommand({
AccountId: iamResult.Account,
Name: state.name
})
const result = await client.send(command)
return {
...state,
supporting_access_point: result.Configuration.SupportingAccessPoint,
actions: result.Configuration.TransformationConfigurations[0].Actions,
lambda_arn: result.Configuration.TransformationConfigurations[0].ContentTransformation.AwsLambda.FunctionArn
}
},
async create({ client }, config) {
const foo = new GetCallerIdentityCommand({})
const iamClient = new STSClient({region: 'eu-central-1'})
const iamResult = await iamClient.send(foo)
const command = new CreateAccessPointForObjectLambdaCommand({
AccountId: iamResult.Account,
Name: config.name,
Configuration: {
SupportingAccessPoint: config.supporting_access_point,
TransformationConfigurations: [{
Actions: config.actions,
ContentTransformation: {
AwsLambda: {
FunctionArn: config.lambda_arn
}
}
}]
}
})
const result = await client.send(command)
return {
...config,
id: config.name,
arn: result.ObjectLambdaAccessPointArn
}
},
async update({ client }, state, config) {
const foo = new GetCallerIdentityCommand({})
const iamClient = new STSClient({region: 'eu-central-1'})
const iamResult = await iamClient.send(foo)
const command = new PutAccessPointConfigurationForObjectLambdaCommand({
AccountId: iamResult.Account,
Name: config.name,
Configuration: {
SupportingAccessPoint: config.supporting_access_point,
TransformationConfigurations: [{
Actions: config.actions,
ContentTransformation: {
AwsLambda: {
FunctionArn: config.lambda_arn
}
}
}]
}
})
await client.send(command)
return config
},
async delete({ client }, state) {
const foo = new GetCallerIdentityCommand({})
const iamClient = new STSClient({region: 'eu-central-1'})
const iamResult = await iamClient.send(foo)
const command = new DeleteAccessPointForObjectLambdaCommand({
AccountId: iamResult.Account,
Name: state.name
})
await client.send(command)
return null;
},
});
module.exports = {
accessPointforObjectLambda,
};
Raw
terraform-plugin.config.json
{
"type": "s3-object-lambda",
"namespace": "cdktf",
"entry": "plugin.js",
"version": "0.1.0"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment