chore(cdk-ops): output ARN of load-access-logs

- `CdkOpsStack` outputs the ARN of `lambda/load-access-logs`. `DataWarehouse` exposes `lambda/load-access-logs`. issue codemonger-io#30
kikuomax · Oct 11, 2022 · 605f682 · 605f682
1 parent 8a58bc9
commit 605f682
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 10 deletions.
diff --git a/cdk-ops/lib/cdk-ops-stack.ts b/cdk-ops/lib/cdk-ops-stack.ts
@@ -1,4 +1,4 @@
-import { Stack, StackProps } from 'aws-cdk-lib';
+import { CfnOutput, Stack, StackProps } from 'aws-cdk-lib';
 import { Construct } from 'constructs';
 
 import { AccessLogsETL } from './access-logs-etl';
@@ -31,22 +31,31 @@ export class CdkOpsStack extends Stack {
     const pipeline = new ContentsPipeline(this, 'ContentsPipeline', {
       codemongerResources,
     });
-    const dataWarehouse = new DataWarehouse(this, 'DevelopmentDataWarehouse', {
-      latestBoto3,
-      libdatawarehouse,
-      deploymentStage: 'development',
-    });
+    const developmentDataWarehouse = new DataWarehouse(
+      this,
+      'DevelopmentDataWarehouse',
+      {
+        latestBoto3,
+        libdatawarehouse,
+        deploymentStage: 'development',
+      },
+    );
     const developmentContentsAccessLogsETL = new AccessLogsETL(
       this,
       'DevelopmentContentsAccessLogsETL',
       {
         accessLogsBucket:
           codemongerResources.developmentContentsAccessLogsBucket,
-        dataWarehouse,
+        dataWarehouse: developmentDataWarehouse,
         latestBoto3,
         libdatawarehouse,
         deploymentStage: 'development',
       },
     );
+    // Outputs
+    new CfnOutput(this, 'PopulateDevelopmentDwDatabaseLambdaArn', {
+      description: 'ARN of the Lambda function that populates the data warehouse database and tables (development)',
+      value: developmentDataWarehouse.populateDwDatabaseLambda.functionArn,
+    });
   }
 }
diff --git a/cdk-ops/lib/data-warehouse.ts b/cdk-ops/lib/data-warehouse.ts
@@ -48,6 +48,8 @@ export class DataWarehouse extends Construct {
   readonly workgroupName: string;
   /** Redshift Serverless workgroup. */
   readonly workgroup: redshift.CfnWorkgroup;
+  /** Lambda function to populate the database and tables. */
+  readonly populateDwDatabaseLambda: lambda.IFunction;
   /** Step Functions to run VACUUM over tables. */
   readonly vacuumWorkflow: sfn.IStateMachine;
 
@@ -140,7 +142,7 @@ export class DataWarehouse extends Construct {
     this.workgroup.addDependsOn(dwNamespace);
 
     // Lambda function that populates the database and tables.
-    const populateDwDatabaseLambda = new PythonFunction(
+    this.populateDwDatabaseLambda = new PythonFunction(
       this,
       'PopulateDwDatabaseLambda',
       {
@@ -169,9 +171,9 @@ export class DataWarehouse extends Construct {
     );
     // Redshift Data API uses the execution role of the Lambda function to
     // retrieve the secret.
-    this.adminSecret.grantRead(populateDwDatabaseLambda);
+    this.adminSecret.grantRead(this.populateDwDatabaseLambda);
     // TODO: too permissive?
-    populateDwDatabaseLambda.role?.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonRedshiftDataFullAccess'));
+    this.populateDwDatabaseLambda.role?.addManagedPolicy(iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonRedshiftDataFullAccess'));
 
     // Step Functions that perform VACUUM over tables.
     // - Lambda function that runs VACUUM over a given table