kalleeh / gurum-api Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
Run the below script from the ./deploy
script.
pip install aws-xray-sdk --target lambda_layers/aws-xray-sdk/python
Update the readme once complete.
We need to look at setting up a linting git hook when a commit is made.
This will help us catch errors earlier.
Maybe something along the lines of this:
https://ljvmiranda921.github.io/notebook/2018/06/21/precommits-using-black-and-flake8/
Right now CloudWatch Log Groups doesn't get tags inherited from their CloudFormation stags.
CW Logs doesn't support tag based authorization either.
Currently the Cognito IAM Roles inherited by users through Cognito Groups can read from any log group but when this is added we could easily tag the log groups and then modify the IAM Role that cognito users assume to add tag based authorization to their respective log group similar to CFN templates etc.
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html
{
"Effect": "Allow",
"Action": [
"logs:FilterLogEvents"
],
"Resource": "arn:aws:logs:[region]:[account-id]:log-group:*",
"Condition": {
"StringEquals": {"ec2:ResourceTag/gureume-groups": "team1"}
}
}
Running tests on PR, block if failing.
Automatic versioning.
Create GitHub release when merged to master
Consider updating the template_generator function to generate the templates through CDK rather than picking static templates from an S3-bucket.
This could enable easier mapping of applications to services, dynamically generating least privilege IAM policies etc.
See what missing automation steps we can add with the recent extended CloudFormation support for Cognito.
https://aws.amazon.com/about-aws/whats-new/2019/10/amazon-cognito-increases-cloudformation-support/
Documentation refers to "pip install x-ray dependencies" which can install the x-ray dependencies for python 2 version. This breaks api. Change documentation to pip3 install and see if we can verify the python x-ray package version to be 3 or raise an error otherwise.
We need to clarify the steps around creating the initial users and groups and IAM role mappings through cognito federated identities for first setup users.
We don't want to build a user management system in the API since this should use the default Cognito API's but we should provide configuration steps.
Something like;
{
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "eu-west-1:b3df4e00-5aea-4e69-8b60-85ec38731d17"
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
Since the original S3 Bucket is created manually outside the lifecycle of either the Gureume Platform or API stack currently there is no way to properly update the S3 Bucket policy.
This is a manual step that requires the copy pasting of IAM Role ARN for Create and Update Lambda functions to get GetObject-access to the bucket holding the app/pipeline/service templates.
We need to implement a way to fetch already existing parameters and configure a parameter file as part of the pipeline rather than using CodePipelines Parameter Override function since it just sets the parameters specifically configured, and doesn't reuse existing ones.
src/services/name/delete_service.py:17:0: W0611: Unused transform_utils imported as tu (unused-import)
************* Module dependencies.python.transform_utils
lambda_layers/dependencies/python/transform_utils.py:13:0: W0611: Unused import json (unused-import)
************* Module dependencies.python.stackmanager
lambda_layers/dependencies/python/stackmanager.py:335:-1: W0105: String statement has no effect (pointless-string-statement)
lambda_layers/dependencies/python/stackmanager.py:347:4: R0201: Method could be a function (no-self-use)
lambda_layers/dependencies/python/stackmanager.py:418:-1: W0105: String statement has no effect (pointless-string-statement)
lambda_layers/dependencies/python/stackmanager.py:429:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
lambda_layers/dependencies/python/stackmanager.py:429:4: R0201: Method could be a function (no-self-use)
lambda_layers/dependencies/python/stackmanager.py:439:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
lambda_layers/dependencies/python/stackmanager.py:452:4: R1710: Either all return statements in a function should return an expression, or none of them should. (inconsistent-return-statements)
************* Module dependencies.python.eventmanager
lambda_layers/dependencies/python/eventmanager.py:30:0: W0223: Method '_generate_params' is abstract in class 'StackManager' but is not overridden (abstract-method)
------------------------------------------------------------------
Your code has been rated at 9.90/10 (previous run: 9.90/10, +0.00)```
Add more dynamic support in the API for dynamic parameters and product types. Today they are somewhat hardcoded which makes it hard to extend applications, pipelines and services to new types with totally different parameters.
Add API endpoint for initialize an app. Creating a pipeline to parse service.yaml and orchestrate the other API calls accordingly.
Backend for this
kalleeh/gurum-cli#10
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.