BYO database #40
Draft
BYO database #40
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…his stack in an account
…oid naming conflicts.
…se these resources have been created already with the original names and we can reuse these resources for the other Stackset instead of creating them again for each stackset. Changed the DAP client related parameter names in the AWS Systems Manager.
|
I am assuming that we will launch a separate CloudFormation stackset for each Canvas instance. In that case, we may have resource name conflict for several resources among different Cloudformation stackset because their names are semi-hardcoded. These resources are: Database Client and ListTable Function SecurityGroups For some of these AWS resources, I added ${AWS:StackName} to prevent naming conflicts between the canvas and canvas-catalog stackset. For Database Client and ListTable Function SecurityGroups, we can either: allow each stackset to create its own security groups OR |
…ql from username to schema_name. In the main function part, the value for the schema_name parameter for the create_schema() is already specified to use username for the schema_name. So using username parameter instead of schema_name in the create_schema_sql is redundant. Also using username as schema_name in the create_schema_sql query will cause issue when using create_schema() for creating instructure_dap schema because the function will never use instructure_dap as the schema name because it will be overrided by username.
…schema we used when creating new schema for user.
…ith the existing RDS cluster.
…urces because the multiple CD2 related cloudformation stacks will share a single Athena connector.
…nce, we will use different value for the SsmPathParameter instead.
…group related resources so that they get created under a certain condition. Added ListTablesFunctionSecurityGroupParameter and conditions associated to this parameter. ListTablesFunctionSecurityGroup only gets created under the condition.
…ed with it. This allows any resource referencing this security group can reference the existing security group if existed.
…up from DatabaseClientSecurityGroupParameter for AthenaPostgreSQLConnector if it already exists.
…hat falls back to DatabaseClientSecurityGroupParameter.
…plied to the DatabaseClientSecurityGroup AWS resource.
… to fix the cloudformation error.
…p and DatabaseClientEgressToExistingDatabase.
…t is not needed. Changed the condition for DatabaseClientEgressToDatabase so that it only gets creaed when your stack set needs to create DatabaseClientSecurityGroup.
…ecause it is not needed. Changed the condition for DatabaseClientEgressToDatabase so that it only gets creaed when your stack set needs to create DatabaseClientSecurityGroup." This reverts commit f66be14.
…ditions for several AWS resources to reference KMS Key ID or ARN value either from the actual KMS key resource or parameters.
…there are too many parameters for canvas-catlog in the codepipeline step that causes the error during the canvas-data-2-codepipeline cloudformation stack set udpate. Replaced these parameters by composing the KMS Arn from various parameters.
…talog under the DataKmsKey.
…es, and sync_table code so that it can reference the correct SSM parameters in case you have multiple CD2 cloudfomration stack.
…s function so that it can assign a dynamic value for the namespace.
…sk Definition to reference the ECR images from the main CD2 stack for the other canvas CD2 stack set.
…ew cd2 database user. Also included the instruction for the additional cd2 stack.
… AthenaPostgreSQLConnectorExecutionPolicy.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…s for these secrets for AthenaPostgreSQLConnectorExecutionPolicy.
…tgreSQLConnector because it is the incorrect secrets name.
…ck when you want to utilize the existing RDS database instance.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.