Change EventSourceMappingOptions

aws · Jan 19, 2021 · cf2bc52 · cf2bc52
1 parent 7aee52e
commit cf2bc52
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 15 deletions.
diff --git a/packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts b/packages/@aws-cdk/aws-lambda-event-sources/lib/kafka.ts
@@ -52,7 +52,7 @@ export class ManagedKafkaEventSource extends StreamEventSource<ManagedKafkaEvent
       this.enrichMappingOptions({
         eventSourceArn: this.props.clusterArn,
         startingPosition: this.props.startingPosition,
-        kafkaSecretArn: this.props.secret.secretArn,
+        sourceAccessConfigurations: [{ type: 'SASL_SCRAM_512_AUTH', uri: this.props.secret.secretArn }],
         kafkaTopic: this.props.topic,
       }),
     );
@@ -83,10 +83,11 @@ export class SelfManagedKafkaEventSource extends StreamEventSource<SelfManagedKa
     target.addEventSourceMapping(
       `KafkaEventSource:${this.props.topic}`,
       this.enrichMappingOptions({
-        kafkaBootstrapServers: this.props.bootstrapServers,
+        selfManagedEventSource: { endpoints: { kafkaBootstrapServers: this.props.bootstrapServers } },
         kafkaTopic: this.props.topic,
         startingPosition: this.props.startingPosition,
-        kafkaSecretArn: this.props.secret.secretArn,
+        // TODO: make auth type configurable, add vpc config
+        sourceAccessConfigurations: [{ type: 'SASL_SCRAM_512_AUTH', uri: this.props.secret.secretArn }],
       }),
     );
     this.props.secret.grantRead(target);

diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/test.kafka.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/test.kafka.ts
@@ -130,9 +130,7 @@ export = {
       BatchSize: 100,
       SelfManagedEventSource: {
         Endpoints: {
-          KafkaBootstrapServers: [
-            'kafka-broker:9092',
-          ],
+          KafkaBootstrapServers: bootstrapServers,
         },
       },
       StartingPosition: 'TRIM_HORIZON',
@@ -152,4 +150,4 @@ export = {
     test.done();
   },
 
-}
+}
diff --git a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts
@@ -4,6 +4,31 @@ import { IEventSourceDlq } from './dlq';
 import { IFunction } from './function-base';
 import { CfnEventSourceMapping } from './lambda.generated';
 
+/**
+ * Specific settings like the authentication protocol or the VPC components to secure access to your event source.
+ */
+export interface SourceAccessConfiguration {
+  /**
+   * The type of authentication protocol or the VPC components for your event source. For example: "SASL_SCRAM_512_AUTH".
+   * Valid values are: BASIC_AUTH | VPC_SUBNET | VPC_SECURITY_GROUP | SASL_SCRAM_512_AUTH | SASL_SCRAM_256_AUTH
+   */
+  readonly type: string,
+  /**
+   * The value for your chosen configuration in Type. For example: "URI": "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName".
+   */
+  readonly uri: string
+}
+
+/**
+ * The configuration for your self managed event source, currently only Kafka is supported
+ */
+export interface SelfManagedEventSource {
+  /**
+   * A list of server endpoints for your self managed event source
+   */
+  readonly endpoints: {kafkaBootstrapServers: string[]}
+}
+
 export interface EventSourceMappingOptions {
   /**
    * The Amazon Resource Name (ARN) of the event source. Any record added to
@@ -105,18 +130,18 @@ export interface EventSourceMappingOptions {
   readonly kafkaTopic?: string;
 
   /**
-   * The Secrets Manager secret ARN that stores your broker credentials.
+   * Specific settings like the authentication protocol or the VPC components to secure access to your event source.
    *
-   * @default - no configuration
+   * @default - none
    */
-  readonly kafkaSecretArn?: string
+  readonly sourceAccessConfigurations?: SourceAccessConfiguration[]
 
   /**
-   * A list of Kafka bootstrap servers to connect to your self managed Kafka cluster
+   * The configuration for your self managed event source
    *
    * @default - none
    */
-  readonly kafkaBootstrapServers?: string[]
+  readonly selfManagedEventSource?: SelfManagedEventSource
 }
 
 /**
@@ -212,9 +237,8 @@ export class EventSourceMapping extends cdk.Resource implements IEventSourceMapp
       maximumRetryAttempts: props.retryAttempts,
       parallelizationFactor: props.parallelizationFactor,
       topics: props.kafkaTopic !== undefined ? [props.kafkaTopic] : undefined,
-      sourceAccessConfigurations: props.kafkaSecretArn !== undefined ? [{ type: 'SASL_SCRAM_512_AUTH', uri: props.kafkaSecretArn }] : undefined,
-      // eslint-disable-next-line max-len
-      selfManagedEventSource: props.kafkaBootstrapServers !== undefined ? { endpoints: { kafkaBootstrapServers: props.kafkaBootstrapServers } } : undefined,
+      sourceAccessConfigurations: props.sourceAccessConfigurations,
+      selfManagedEventSource: props.selfManagedEventSource,
     });
     this.eventSourceMappingId = cfnEventSourceMapping.ref;
   }