change redis to address+port and update deps (#68)

README.md

@@ -1,5 +1,5 @@
 [![CircleCI](https://circleci.com/gh/moia-dev/bastion-host-forward/tree/master.svg?style=svg)](https://circleci.com/gh/moia-dev/bastion-host-forward/tree/master)
-[![NPM](https://flat.badgen.net/npm/v/@moia-dev/bastion-host-rds-forward)](https://www.npmjs.com/package/@moia-dev/bastion-host-rds-forward)
+[![NPM](https://flat.badgen.net/npm/v/@moia-dev/bastion-host-forward)](https://www.npmjs.com/package/@moia-dev/bastion-host-forward)
 # Bastion Host Forward
 
 This CDK Library provides custom constructs `BastionHostRDSForward` and

lib/rds.ts

@@ -70,6 +70,6 @@ export class BastionHostRDSForward extends BastionHostForward {
    * @returns the resource ARN for the the rds-db:connect action
    */
   private genDbUserArnFromRdsArn(dbIdentifier: string, dbUser: string): string {
-    return 'arn:aws:rds-db:${Token[AWS::Region.4]}:${Token[AWS::AccountId.0]}:dbuser:' + dbIdentifier + '/' + dbUser;
+    return `arn:aws:rds-db:${cdk.Stack.of(this).region}:${cdk.Stack.of(this).account}:dbuser:${dbIdentifier}/${dbUser}`;
   }
 }

lib/redis.ts

@@ -12,28 +12,20 @@
 */
 
 import * as cdk from '@aws-cdk/core';
-import * as elasticache from '@aws-cdk/aws-elasticache';
-import { BastionHostForwardBaseProps } from './bastion-host-forward-base-props';
+import { BastionHostForwardProps } from './bastion-host-forward-props';
 import { BastionHostForward } from './bastion-host-forward';
 
-export interface BastionHostRedisForwardProps extends BastionHostForwardBaseProps {
-  /*
-   * The RDS instance where the bastion host should be able to connect to
-   */
-  readonly elasticacheCluster: elasticache.CfnCacheCluster;
-}
-
 /*
  * Creates a Bastion Host to forward to a Redis Cluster
  */
 export class BastionHostRedisForward extends BastionHostForward {
-  constructor(scope: cdk.Construct, id: string, props: BastionHostRedisForwardProps) {
+  constructor(scope: cdk.Construct, id: string, props: BastionHostForwardProps) {
     super(scope, id, {
       vpc: props.vpc,
       name: props.name,
       securityGroup: props.securityGroup,
-      address: props.elasticacheCluster.attrRedisEndpointAddress,
-      port: props.elasticacheCluster.attrRedisEndpointPort
+      address: props.address,
+      port: props.port
     });
   }
 }

package.json

@@ -8,7 +8,7 @@
     "url": "https://github.com/moia-dev/bastion-host-forward"
   },
   "license": "Apache-2.0",
-  "version": "0.3.7",
+  "version": "0.4.0",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
   "scripts": {
@@ -23,7 +23,7 @@
     "targets": {}
   },
   "devDependencies": {
-    "@aws-cdk/assert": "^1.56.0",
+    "@aws-cdk/assert": "1.68.0",
     "@types/jest": "^26.0.14",
     "@types/node": "14.11.2",
     "jest": "^25.5.4",
@@ -34,19 +34,19 @@
     "tslint": "^6.1.3"
   },
   "peerDependencies": {
-    "@aws-cdk/core": "^1.56.0",
-    "@aws-cdk/aws-ec2": "^1.56.0",
-    "@aws-cdk/aws-iam": "^1.56.0",
-    "@aws-cdk/aws-rds": "^1.56.0",
-    "@aws-cdk/aws-elasticache": "^1.56.0",
+    "@aws-cdk/core": "1.68.0",
+    "@aws-cdk/aws-ec2": "1.68.0",
+    "@aws-cdk/aws-iam": "1.68.0",
+    "@aws-cdk/aws-rds": "1.68.0",
+    "@aws-cdk/aws-elasticache": "1.68.0",
     "constructs": "^3.0.3"
   },
   "dependencies": {
-    "@aws-cdk/aws-ec2": "^1.56.0",
-    "@aws-cdk/aws-elasticache": "^1.56.0",
-    "@aws-cdk/aws-iam": "^1.56.0",
-    "@aws-cdk/aws-rds": "^1.56.0",
-    "@aws-cdk/core": "^1.56.0"
+    "@aws-cdk/aws-ec2": "1.68.0",
+    "@aws-cdk/aws-elasticache": "1.68.0",
+    "@aws-cdk/aws-iam": "1.68.0",
+    "@aws-cdk/aws-rds": "1.68.0",
+    "@aws-cdk/core": "1.68.0"
   },
   "jest": {
     "moduleFileExtensions": [

test/rds.test.ts

@@ -23,7 +23,6 @@ test('Bastion Host created for normal username/password access', () => {
     const stack = new cdk.Stack(app, 'TestStack');
     const testVpc = new ec2.Vpc(stack, 'TestVpc');
     const testRds = new rds.DatabaseInstance(stack, 'TestRDS', {
-      masterUsername: 'testuser',
       engine: rds.DatabaseInstanceEngine.POSTGRES,
       instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO),
       vpc: testVpc
@@ -83,7 +82,6 @@ test('Bastion Host created with extended Role for IAM RDS Connection', () => {
     const stack = new cdk.Stack(app, 'TestStack');
     const testVpc = new ec2.Vpc(stack, 'TestVpc');
     const testRds = new rds.DatabaseInstance(stack, 'TestRDS', {
-      masterUsername: 'testuser',
       engine: rds.DatabaseInstanceEngine.POSTGRES,
       instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO),
       vpc: testVpc
@@ -215,7 +213,6 @@ test('Bastion Host with own securityGroup', () => {
     });
 
     const testRds = new rds.DatabaseInstance(stack, 'TestRDS', {
-      masterUsername: 'testuser',
       engine: rds.DatabaseInstanceEngine.POSTGRES,
       instanceType: ec2.InstanceType.of(ec2.InstanceClass.T3, ec2.InstanceSize.MICRO),
       vpc: testVpc

test/redis.test.ts

@@ -15,63 +15,24 @@ import { expect as expectCDK, haveResource } from '@aws-cdk/assert';
 import { strict as assert } from 'assert';
 import * as cdk from '@aws-cdk/core';
 import * as ec2 from '@aws-cdk/aws-ec2';
-import * as elasticache from '@aws-cdk/aws-elasticache';
 import { BastionHostRedisForward } from '../lib/redis';
 
 test('Bastion Host created for normal access', () => {
     const app = new cdk.App();
     const stack = new cdk.Stack(app, 'TestStack');
     const testVpc = new ec2.Vpc(stack, 'TestVpc');
-    const subnet = new elasticache.CfnSubnetGroup(stack, 'TestRedisSubnetGroup', {
-      description: 'example subnet group',
-      subnetIds: ['subnet-0dbf99f89456e8589', 'subnet-0b0dea47e88081c9d'],
-      cacheSubnetGroupName: 'example-redis-subgroup2',
-    });
-    const cluster = new elasticache.CfnCacheCluster(stack, 'TestRedis', {
-      cacheNodeType: 'cache.t3.micro',
-      engine: 'redis',
-      cacheSubnetGroupName: subnet.cacheSubnetGroupName,
-      numCacheNodes: 1,
-    });
     // WHEN
     new BastionHostRedisForward(stack, 'MyTestConstruct', {
       vpc: testVpc,
       name: 'MyRedisBastion',
-      elasticacheCluster: cluster,
+      address: '127.0.0.1',
+      port: '6379',
     });
 
     // THEN
     expectCDK(stack).to(haveResource('AWS::EC2::Instance', {
       UserData: {
-        'Fn::Base64': {
-          'Fn::Join': [
-            '',
-            [
-              'Content-Type: multipart/mixed; boundary=\"//\"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset=\"us-ascii\"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename=\"cloud-config.txt\"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset=\"us-ascii\"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename=\"userdata.txt\"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho \"listen database\n  bind 0.0.0.0:',
-              {
-                'Fn::GetAtt': [
-                  'TestRedis',
-                  'RedisEndpoint.Port'
-                ]
-              },
-              '\n  timeout connect 10s\n  timeout client 1m\n  timeout server 1m\n  mode tcp\n  server service ',
-              {
-                'Fn::GetAtt': [
-                  'TestRedis',
-                  'RedisEndpoint.Address'
-                ]
-              },
-              ':',
-              {
-                'Fn::GetAtt': [
-                  'TestRedis',
-                  'RedisEndpoint.Port'
-                ]
-              },
-              '\n\" > /etc/haproxy/haproxy.cfg\nservice haproxy restart\n--//'
-            ]
-          ]
-        },
+        'Fn::Base64': 'Content-Type: multipart/mixed; boundary=\"//\"\nMIME-Version: 1.0\n--//\nContent-Type: text/cloud-config; charset=\"us-ascii\"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename=\"cloud-config.txt\"\n#cloud-config\ncloud_final_modules:\n- [scripts-user, always]\n--//\nContent-Type: text/x-shellscript; charset=\"us-ascii\"\nMIME-Version: 1.0\nContent-Transfer-Encoding: 7bit\nContent-Disposition: attachment; filename=\"userdata.txt\"\n#!/bin/bash\nmount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=2 /proc\nyum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\nyum install -y haproxy\necho \"listen database\n  bind 0.0.0.0:6379\n  timeout connect 10s\n  timeout client 1m\n  timeout server 1m\n  mode tcp\n  server service 127.0.0.1:6379\n\" > /etc/haproxy/haproxy.cfg\nservice haproxy restart\n--//'
       },
       Tags: [
         {
@@ -93,24 +54,13 @@ test('Bastion Host with own securityGroup', () => {
       securityGroupName: 'MyTestSecurityGroupName',
     });
 
-    const subnet = new elasticache.CfnSubnetGroup(stack, 'TestRedisSubnetGroup', {
-      description: 'example subnet group',
-      subnetIds: ['subnet-abc', 'subnet-def'],
-      cacheSubnetGroupName: 'example-redis-subgroup2',
-    });
-    const cluster = new elasticache.CfnCacheCluster(stack, 'TestRedis', {
-      cacheNodeType: 'cache.t3.micro',
-      engine: 'redis',
-      cacheSubnetGroupName: subnet.cacheSubnetGroupName,
-      vpcSecurityGroupIds: [securityGroup.securityGroupId || ''],
-      numCacheNodes: 1,
-    });
     // WHEN
     const bastionHost = new BastionHostRedisForward(stack, 'MyTestConstruct', {
       vpc: testVpc,
       name: 'MyRedisBastion',
-      elasticacheCluster: cluster,
       securityGroup,
+      address: '127.0.0.1',
+      port: '6379',
     });
     const bastionHostSecurityGroup = bastionHost.securityGroup as ec2.SecurityGroup;
 

tsconfig.json

@@ -10,6 +10,7 @@
       "es2018"
     ],
     "module": "CommonJS",
+    "newLine": "lf",
     "noEmitOnError": true,
     "noFallthroughCasesInSwitch": true,
     "noImplicitAny": true,