feat: Add AWS CDK project and Helm charts for Beckn-Onix deployment on AWS cloud

2024-09-23 22:57:34 +05:30
parent 5d5e363ccd
commit c683ec3d74
114 changed files with 10018 additions and 0 deletions
--- a/aws-cdk/beckn-cdk/lib/rds-stack.ts
+++ b/aws-cdk/beckn-cdk/lib/rds-stack.ts
@@ -0,0 +1,84 @@
+import * as cdk from 'aws-cdk-lib';
+import * as ec2 from 'aws-cdk-lib/aws-ec2';
+import * as rds from 'aws-cdk-lib/aws-rds';
+import { Construct } from 'constructs';
+import { ConfigProps } from './config';
+import cluster from 'cluster';
+import { Secret } from 'aws-cdk-lib/aws-secretsmanager';
+
+export interface RdsStackProps extends cdk.StackProps {
+  config: ConfigProps;
+  envC: string;
+  vpc: ec2.Vpc;
+}
+
+export class RdsStack extends cdk.Stack {
+  public readonly rdsSecret: string;
+  public readonly rdsHost: string;
+  public readonly rdsPassword: string;
+
+  constructor(scope: Construct, id: string, props: RdsStackProps) {
+    super(scope, id, props);
+
+    const vpc = props.vpc;
+    const dbName = props.envC;
+    const rdsUser = props.config.RDS_USER; // take input from user / make it 
+    const rdsPassword = this.createPassword();
+    const rdsSecGrpIngress = props.config.CIDR;
+    
+    const securityGroupRDS = new ec2.SecurityGroup(this, 'RdsSecurityGroup', {
+      vpc: vpc,
+      allowAllOutbound: true,
+      description: 'Security group for Aurora PostgreSQL database',
+    });
+
+    securityGroupRDS.addIngressRule(
+      ec2.Peer.ipv4(rdsSecGrpIngress),
+      ec2.Port.tcp(5432),
+      "Allow Postgress Access"
+    );
+
+    const creds = new Secret(this, "rdsSecret", {
+      secretObjectValue: {
+        username: cdk.SecretValue.unsafePlainText(rdsUser.toString()),
+        password: cdk.SecretValue.unsafePlainText(rdsPassword.toString()),
+      },
+    });
+
+    const cluster = new rds.DatabaseCluster(this, 'AuroraCluster', {
+      engine: rds.DatabaseClusterEngine.auroraPostgres({
+        version: rds.AuroraPostgresEngineVersion.VER_14_6,
+      }),
+      credentials: rds.Credentials.fromSecret(creds),
+      instances: 1,
+      instanceProps: {
+        vpc: props.vpc,
+        vpcSubnets: {
+          subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
+        },
+        securityGroups: [securityGroupRDS],
+        instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.MEDIUM),
+      },
+      defaultDatabaseName: dbName,
+    });
+
+    this.rdsSecret = creds.secretArn;
+    this.rdsHost = cluster.clusterEndpoint.hostname;
+    this.rdsPassword = rdsPassword;
+
+    new cdk.CfnOutput(this, 'RDSPasswordOutput', {
+      value: rdsPassword,
+      exportName: `RDSPassword-${dbName}`,
+    })
+  }
+
+  //generate password function
+  private createPassword(length: number = 12): string {
+    const characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()*+,-.:;<=>?[]^_`{|}~';
+    let password = '';
+    for (let i = 0; i < length; i++) {
+      password += characters.charAt(Math.floor(Math.random() * characters.length));
+    }
+    return password;
+  }
+}