fix(core): Adding more outputs to SSM (#413)

naveenkoppula · nachundu-amzn · web-flow · commit 4c4868e8c154 · 2020-10-07T10:32:25.000+05:30
Co-authored-by: nachundu &lt;nachundu@amazon.com&gt;
diff --git a/src/core/cdk/src/initial-setup.ts b/src/core/cdk/src/initial-setup.ts
@@ -538,6 +538,7 @@ export namespace InitialSetup {
             'configFilePath.$': '$.configFilePath',
             'configCommitId.$': '$.configCommitId',
             outputUtilsTableName: outputUtilsTable.tableName,
+            accountsTableName: parametersTable.tableName,
           },
         }),
         resultPath: 'DISCARD',
diff --git a/src/core/cdk/src/tasks/store-outputs-to-ssm-task.ts b/src/core/cdk/src/tasks/store-outputs-to-ssm-task.ts
@@ -44,6 +44,7 @@ export class StoreOutputsToSSMTask extends sfn.StateMachineFragment {
         'configFilePath.$': '$.configFilePath',
         'configCommitId.$': '$.configCommitId',
         'outputUtilsTableName.$': '$.outputUtilsTableName',
+        'accountsTableName.$': '$.accountsTableName',
       },
     });
 
@@ -72,6 +73,7 @@ export class StoreOutputsToSSMTask extends sfn.StateMachineFragment {
         'configFilePath.$': '$.configFilePath',
         'configCommitId.$': '$.configCommitId',
         'outputUtilsTableName.$': '$.outputUtilsTableName',
+        'accountsTableName.$': '$.accountsTableName',
       },
     });
 
diff --git a/src/core/runtime/src/create-stack-set/create-stack-set.ts b/src/core/runtime/src/create-stack-set/create-stack-set.ts
@@ -45,7 +45,6 @@ export const handler = async (input: CreateStackSetInput) => {
       OperationPreferences: {
         FailureTolerancePercentage: 100,
         MaxConcurrentPercentage: 100,
-        MaxConcurrentCount: 10,
       },
     });
     return {
diff --git a/src/core/runtime/src/save-outputs-to-ssm/elb-outputs.ts b/src/core/runtime/src/save-outputs-to-ssm/elb-outputs.ts
@@ -3,6 +3,7 @@ import { getOutput, OutputUtilGenericType, SaveOutputsInput, getIndexOutput, sav
 import { SSM } from '@aws-accelerator/common/src/aws/ssm';
 import { STS } from '@aws-accelerator/common/src/aws/sts';
 import { LoadBalancerOutputFinder, LoadBalancerOutput } from '@aws-accelerator/common-outputs/src/elb';
+import { Account, getAccountId } from '@aws-accelerator/common-outputs/src/accounts';
 
 interface OutputUtilLbType extends OutputUtilGenericType {
   account: string;
@@ -36,6 +37,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
     assumeRoleName,
     region,
     outputUtilsTableName,
+    accounts,
   } = props;
   const oldElbOutputUtils = await getIndexOutput(outputUtilsTableName, `${account.key}-${region}-lelb`, dynamodb);
   // Existing index check happens on this variable
@@ -76,6 +78,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
       type: 'nlb',
       accountKey: account.key,
       source: 'local',
+      accounts: accounts!,
     })
   ).lbs;
 
@@ -88,6 +91,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
       type: 'alb',
       accountKey: account.key,
       source: 'local',
+      accounts: accounts!,
     })
   ).lbs;
 
@@ -172,6 +176,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
       accountKey,
       source: 'remote',
       maxIndex: maxNlbIndex,
+      accounts: accounts!,
     });
     newRemoteElbOutputs.nlbs.push(...saveNlbOp.lbs);
     maxNlbIndex = saveNlbOp.currentMaxIndex!;
@@ -185,6 +190,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
       accountKey,
       source: 'remote',
       maxIndex: maxAlbIndex,
+      accounts: accounts!,
     });
     newRemoteElbOutputs.albs.push(...saveAlbOp.lbs);
     maxAlbIndex = saveAlbOp.currentMaxIndex!;
@@ -207,6 +213,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
           `/${acceleratorPrefix}/elb/nlb/${nlb.index}/name`,
           `/${acceleratorPrefix}/elb/nlb/${nlb.index}/dns`,
           `/${acceleratorPrefix}/elb/nlb/${nlb.index}/account`,
+          `/${acceleratorPrefix}/elb/nlb/${nlb.index}/arn`,
         ]),
     )
     .flatMap(s => s)
@@ -219,6 +226,7 @@ export async function saveElbOutputs(props: SaveOutputsInput) {
           `/${acceleratorPrefix}/elb/alb/${alb.index}/name`,
           `/${acceleratorPrefix}/elb/alb/${alb.index}/dns`,
           `/${acceleratorPrefix}/elb/alb/${alb.index}/account`,
+          `/${acceleratorPrefix}/elb/alb/${alb.index}/arn`,
         ]),
     )
     .flatMap(s => s)
@@ -238,11 +246,12 @@ async function saveElbOutputsImpl(props: {
   accountKey: string;
   source: 'local' | 'remote';
   maxIndex?: number;
+  accounts: Account[];
 }): Promise<{
   lbs: OutputUtilLbType[];
   currentMaxIndex?: number;
 }> {
-  const { acceleratorPrefix, lbOutputs, lbUtil, ssm, type, accountKey, source } = props;
+  const { acceleratorPrefix, lbOutputs, lbUtil, ssm, type, accountKey, source, accounts } = props;
   const lbPrefix = source === 'local' ? 'lelb' : 'elb';
   if (lbUtil.length === 0 && lbOutputs.length === 0) {
     return {
@@ -265,27 +274,51 @@ async function saveElbOutputsImpl(props: {
     } else {
       currentIndex = ++maxIndex;
     }
-    newLbUtils.push({
+
+    const lbOutput: OutputUtilLbType = {
       name: nlbOutput.name,
       index: currentIndex,
       account: accountKey,
-    });
+      parameters: ['name', 'dns', 'arn', 'account'],
+    };
     if (previousIndex < 0) {
       await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/name`, nlbOutput.displayName);
       await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/dns`, nlbOutput.dnsName);
+      await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/arn`, nlbOutput.arn);
       if (source === 'remote') {
-        await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/account`, accountKey);
+        await ssm.putParameter(
+          `/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/account`,
+          getAccountId(accounts, accountKey)!,
+        );
       }
     } else {
+      const previousParams = lbUtil[previousIndex].parameters || [];
+      if (!previousParams.includes('name')) {
+        await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/name`, nlbOutput.displayName);
+      }
+      if (!previousParams.includes('dns')) {
+        await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/dns`, nlbOutput.dnsName);
+      }
+      if (!previousParams.includes('arn')) {
+        await ssm.putParameter(`/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/arn`, nlbOutput.arn);
+      }
+      if (!previousParams.includes('account') && source === 'remote') {
+        await ssm.putParameter(
+          `/${acceleratorPrefix}/${lbPrefix}/${type}/${currentIndex}/account`,
+          getAccountId(accounts, accountKey)!,
+        );
+      }
       lbUtil.splice(previousIndex, 1);
     }
+    newLbUtils.push(lbOutput);
   }
 
   const removeNames = lbUtil
     .map(lb => [
       `/${acceleratorPrefix}/${lbPrefix}/${type}/${lb.index}/name`,
       `/${acceleratorPrefix}/${lbPrefix}/${type}/${lb.index}/dns`,
       `/${acceleratorPrefix}/${lbPrefix}/${type}/${lb.index}/account`,
+      `/${acceleratorPrefix}/${lbPrefix}/${type}/${lb.index}/arn`,
     ])
     .flatMap(s => s);
   while (removeNames.length > 0) {
diff --git a/src/core/runtime/src/save-outputs-to-ssm/firewall-outputs.ts b/src/core/runtime/src/save-outputs-to-ssm/firewall-outputs.ts
@@ -105,7 +105,7 @@ export async function saveFirewallReplacementOutputs(props: SaveOutputsInput) {
         );
       }
     } else {
-      const previousReplacements = Object.keys(outputUtils.firewalls[previousIndex].replacements);
+      const previousReplacements = outputUtils.firewalls[previousIndex].replacements;
       const currentReplacements = Object.keys(output.replacements);
       for (const replacement of currentReplacements.filter(cr => !previousReplacements.includes(cr))) {
         await ssm.putParameter(
diff --git a/src/core/runtime/src/save-outputs-to-ssm/index.ts b/src/core/runtime/src/save-outputs-to-ssm/index.ts
@@ -8,6 +8,7 @@ import { saveElbOutputs } from './elb-outputs';
 import { saveEventOutputs } from './event-outputs';
 import { saveEncryptsOutputs } from './encrypt-outputs';
 import { saveFirewallReplacementOutputs } from './firewall-outputs';
+import { loadAccounts } from './../utils/load-accounts';
 
 export interface SaveOutputsToSsmInput extends LoadConfigurationInput {
   acceleratorPrefix: string;
@@ -16,6 +17,7 @@ export interface SaveOutputsToSsmInput extends LoadConfigurationInput {
   outputsTableName: string;
   assumeRoleName: string;
   outputUtilsTableName: string;
+  accountsTableName: string;
 }
 
 const dynamodb = new DynamoDB();
@@ -33,6 +35,7 @@ export const handler = async (input: SaveOutputsToSsmInput) => {
     assumeRoleName,
     region,
     outputUtilsTableName,
+    accountsTableName,
   } = input;
   // Remove - if prefix ends with -
   const acceleratorPrefix = input.acceleratorPrefix.endsWith('-')
@@ -46,6 +49,9 @@ export const handler = async (input: SaveOutputsToSsmInput) => {
     commitId: configCommitId,
   });
 
+  // Retrive Accounts from DynamoDB
+  const accounts = await loadAccounts(accountsTableName, dynamodb);
+
   const globalRegions = config['global-options']['additional-global-output-regions'];
   const smRegion = config['global-options']['aws-org-master'].region;
 
@@ -88,6 +94,7 @@ export const handler = async (input: SaveOutputsToSsmInput) => {
     outputUtilsTableName,
     outputsTableName,
     region,
+    accounts,
   });
 
   // Store Event Outputs to SSM Parameter Store
diff --git a/src/core/runtime/src/save-outputs-to-ssm/network-outputs.ts b/src/core/runtime/src/save-outputs-to-ssm/network-outputs.ts
@@ -14,11 +14,9 @@ import { STS } from '@aws-accelerator/common/src/aws/sts';
 interface OutputUtilSubnet extends OutputUtilGenericType {
   azs: string[];
 }
-interface OutputUtilVpc {
-  name: string;
+interface OutputUtilVpc extends OutputUtilGenericType {
   subnets: OutputUtilSubnet[];
   securityGroups: OutputUtilGenericType[];
-  index: number;
   type: 'vpc' | 'lvpc';
 }
 
@@ -254,6 +252,7 @@ export async function saveNetworkOutputs(props: SaveOutputsInput) {
       `/${acceleratorPrefix}/network/${removeObject.type}/${removeObject.index}/name`,
       `/${acceleratorPrefix}/network/${removeObject.type}/${removeObject.index}/id`,
       `/${acceleratorPrefix}/network/${removeObject.type}/${removeObject.index}/cidr`,
+      `/${acceleratorPrefix}/network/${removeObject.type}/${removeObject.index}/cidr2`,
     ];
     const removeNames = [...removalSgs, ...removalSns, ...removalVpc];
     while (removeNames.length > 0) {
@@ -277,11 +276,9 @@ async function saveVpcOutputs(props: {
   const { acceleratorPrefix, account, index, outputs, resolvedVpcConfig, ssm, vpcPrefix, sgOutputs, sharedVpc } = props;
   const { accountKey, vpcConfig } = resolvedVpcConfig;
   let vpcUtil: OutputUtilVpc;
-  let updateRequired = false;
   if (props.vpcUtil) {
     vpcUtil = props.vpcUtil;
   } else {
-    updateRequired = true;
     vpcUtil = {
       index,
       name: vpcConfig.name,
@@ -299,10 +296,24 @@ async function saveVpcOutputs(props: {
     console.warn(`VPC "${vpcConfig.name}" in account "${accountKey}" is not created`);
     return;
   }
-  if (updateRequired) {
+  if (!vpcUtil.parameters) {
+    vpcUtil.parameters = [];
+  }
+  if (!vpcUtil.parameters.includes('name')) {
     await ssm.putParameter(`/${acceleratorPrefix}/network/${vpcPrefix}/${index}/name`, `${vpcOutput.vpcName}_vpc`);
+    vpcUtil.parameters.push('name');
+  }
+  if (!vpcUtil.parameters.includes('id')) {
     await ssm.putParameter(`/${acceleratorPrefix}/network/${vpcPrefix}/${index}/id`, vpcOutput.vpcId);
+    vpcUtil.parameters.push('id');
+  }
+  if (!vpcUtil.parameters.includes('cidr')) {
     await ssm.putParameter(`/${acceleratorPrefix}/network/${vpcPrefix}/${index}/cidr`, vpcOutput.cidrBlock);
+    vpcUtil.parameters.push('cidr');
+  }
+  if (!vpcUtil.parameters.includes('cidr2') && vpcConfig.cidr2) {
+    await ssm.putParameter(`/${acceleratorPrefix}/network/${vpcPrefix}/${index}/cidr2`, vpcConfig.cidr2.toCidrString());
+    vpcUtil.parameters.push('cidr2');
   }
   let subnetsConfig = vpcConfig.subnets;
   if (sharedVpc) {
@@ -338,6 +349,7 @@ async function saveVpcOutputs(props: {
       securityGroupsUtil: vpcUtil.securityGroups,
     });
   }
+  console.log(vpcUtil);
   return vpcUtil;
 }
 
@@ -432,11 +444,11 @@ export async function saveSubnets(props: {
     } else {
       currentIndex = ++subnetMaxIndex;
     }
-    updatedObjects.push({
+    const newSubnetUtil: OutputUtilSubnet = {
       index: currentIndex,
       name: subnetConfig.name,
       azs: subnetConfig.definitions.filter(sn => !sn.disabled).map(s => s.az),
-    });
+    };
     for (const subnetDef of subnetConfig.definitions.filter(sn => !sn.disabled)) {
       const subnetOutput = subnetOutputs.find(vs => vs.subnetName === subnetConfig.name && vs.az === subnetDef.az);
       if (!subnetOutput) {
@@ -458,6 +470,8 @@ export async function saveSubnets(props: {
         );
       }
     }
+
+    updatedObjects.push(newSubnetUtil);
     const removalIndex = removalObjects?.findIndex(s => s.name === subnetConfig.name);
     if (removalIndex >= 0) {
       removalObjects?.splice(removalIndex, 1);
diff --git a/src/core/runtime/src/save-outputs-to-ssm/utils.ts b/src/core/runtime/src/save-outputs-to-ssm/utils.ts
@@ -15,11 +15,13 @@ export interface SaveOutputsInput {
   assumeRoleName: string;
   region: string;
   outputUtilsTableName: string;
+  accounts?: Account[];
 }
 
 export interface OutputUtilGenericType {
   name: string;
   index: number;
+  parameters?: string[];
 }
 
 export async function getOutput(tableName: string, key: string, dynamodb: DynamoDB): Promise<StackOutput[]> {
diff --git a/src/core/runtime/src/store-stack-output-step.ts b/src/core/runtime/src/store-stack-output-step.ts
@@ -29,7 +29,7 @@ export const handler = async (input: StoreStackOutputInput) => {
   const credentials = await sts.getCredentialsForAccountAndRole(account.id, assumeRoleName);
   const cfn = new CloudFormation(credentials, region);
   const stacks = cfn.listStacksGenerator({
-    StackStatusFilter: ['CREATE_COMPLETE', 'UPDATE_COMPLETE'],
+    StackStatusFilter: ['CREATE_COMPLETE', 'UPDATE_COMPLETE', 'UPDATE_ROLLBACK_COMPLETE'],
   });
 
   const outputs: StackOutput[] = [];
diff --git a/src/deployments/cdk/src/deployments/alb/step-1.ts b/src/deployments/cdk/src/deployments/alb/step-1.ts
@@ -181,6 +181,7 @@ export function createAlb(
     hostedZoneId: balancer.hostedZoneId,
     name: albConfig.name,
     type: 'APPLICATION',
+    arn: balancer.arn,
   });
 }
 
diff --git a/src/deployments/cdk/src/deployments/rsyslog/step-2.ts b/src/deployments/cdk/src/deployments/rsyslog/step-2.ts
@@ -116,6 +116,7 @@ export function createNlb(
     hostedZoneId: balancer.hostedZoneId,
     name: 'RsyslogNLB',
     type: 'NETWORK',
+    arn: balancer.arn,
   });
 }
 
diff --git a/src/lib/cdk-constructs/src/vpc/alb.ts b/src/lib/cdk-constructs/src/vpc/alb.ts
@@ -91,4 +91,8 @@ export class ApplicationLoadBalancer extends cdk.Construct {
   get hostedZoneId(): string {
     return this.resource.attrCanonicalHostedZoneId;
   }
+
+  get arn(): string {
+    return this.resource.ref;
+  }
 }
diff --git a/src/lib/cdk-constructs/src/vpc/nlb.ts b/src/lib/cdk-constructs/src/vpc/nlb.ts
@@ -58,4 +58,8 @@ export class NetworkLoadBalancer extends cdk.Construct {
   get hostedZoneId(): string {
     return this.resource.attrCanonicalHostedZoneId;
   }
+
+  get arn(): string {
+    return this.resource.ref;
+  }
 }
diff --git a/src/lib/common-outputs/src/elb.ts b/src/lib/common-outputs/src/elb.ts
@@ -13,6 +13,7 @@ export const LoadBalancerOutput = t.interface(
     name: t.string,
     displayName: t.string,
     type: LoadBalancerType,
+    arn: t.string,
   },
   'LoadBalancerOutput',
 );

Original file line number	Diff line number	Diff line change
`@@ -105,7 +105,7 @@ export async function saveFirewallReplacementOutputs(props: SaveOutputsInput) {`
`105`	`105`	`);`
`106`	`106`	`}`
`107`	`107`	`} else {`
`108`		`- const previousReplacements = Object.keys(outputUtils.firewalls[previousIndex].replacements);`
	`108`	`+ const previousReplacements = outputUtils.firewalls[previousIndex].replacements;`
`109`	`109`	`const currentReplacements = Object.keys(output.replacements);`
`110`	`110`	`for (const replacement of currentReplacements.filter(cr => !previousReplacements.includes(cr))) {`
`111`	`111`	`await ssm.putParameter(`
Original file line number	Diff line number	Diff line change
`@@ -15,11 +15,13 @@ export interface SaveOutputsInput {`
`15`	`15`	`assumeRoleName: string;`
`16`	`16`	`region: string;`
`17`	`17`	`outputUtilsTableName: string;`
	`18`	`+ accounts?: Account[];`
`18`	`19`	`}`
`19`	`20`
`20`	`21`	`export interface OutputUtilGenericType {`
`21`	`22`	`name: string;`
`22`	`23`	`index: number;`
	`24`	`+ parameters?: string[];`
`23`	`25`	`}`
`24`	`26`
`25`	`27`	`export async function getOutput(tableName: string, key: string, dynamodb: DynamoDB): Promise<StackOutput[]> {`
Original file line number	Diff line number	Diff line change
`@@ -181,6 +181,7 @@ export function createAlb(`
`181`	`181`	`hostedZoneId: balancer.hostedZoneId,`
`182`	`182`	`name: albConfig.name,`
`183`	`183`	`type: 'APPLICATION',`
	`184`	`+ arn: balancer.arn,`
`184`	`185`	`});`
`185`	`186`	`}`
`186`	`187`