U cJ!@sPddlmZmZmZmZmZmZmZ m Z m Z mZddlmZGdddeZdS)) Stack CfnOutputCfnTag RemovalPolicyAwsaws_ec2aws_iam aws_redshiftaws_secretsmanagercustom_resources) Constructcs&eZdZeeddfdd ZZS) RedshiftStackN)scope construct_idreturnc  sztj||f| tj|d|d} tj|d| d} tj|dttdtdtj dtj d tj d gd }t j |d d dt j ddtjd}tj |ddtjtjjddddddddddddd d!d"d#d$d%d&d'gd(gd)g|gd*||||tj|d+| jtjjd,jd-d.}tj|d/|||| |j|jg| d0|j| jgt d1d2d3gd4 }t!j"|d5t!j#d6d7|j|jd8t!j$%d9d:t!j&j't!j&j(d;d<}d=|j)d>}t!j"|d?t!j#d@dA|j|j*|j+|dBddCt!j$%d9d:t!j&j,tjtjjdDdEdFgd(gd)gdGd<}|j-.|||_/| |_0||_1| |_2t3|dH|j/j4dIdJt3|dKdLt5j6dM|j7dNdJt3|dO|jdPdJdS)QNZVpcId)max_azsZredshiftSecurityGroup)vpcZredshiftClusterRolezredshift.amazonaws.comzsagemaker.amazonaws.comZ#AmazonRedshiftAllCommandsFullAccessZSecretsManagerReadWriteZAmazonSageMakerFullAccess) assumed_bymanaged_policiesZRedshiftSecretPasswordzRedshift admin credentialsZRedshiftSecretT)exclude_punctuation) description secret_namegenerate_secret_stringremoval_policyZredshiftSpectrumPolicyz;Provide access between Redshift Spectrum and Lake Formationzglue:CreateDatabasezglue:DeleteDatabasezglue:GetDatabasezglue:GetDatabaseszglue:UpdateDatabasezglue:CreateTablezglue:DeleteTablezglue:BatchDeleteTablezglue:UpdateTablez glue:GetTablezglue:GetTableszglue:BatchCreatePartitionzglue:CreatePartitionzglue:DeletePartitionzglue:BatchDeletePartitionzglue:UpdatePartitionzglue:GetPartitionzglue:GetPartitionszglue:BatchGetPartitionzlakeformation:GetDataAccess*)effectactions resources)r statementsrolesZredshiftSubnetGroup) subnet_typezRedshift Subnet Group) subnet_idsrZredshiftStreamingClusterFZGrafanaDataSource )keyvalue) cluster_typenumber_of_nodesdb_namemaster_usernamemaster_user_password iam_roles node_typepublicly_accessiblecluster_subnet_group_namevpc_security_group_idstagsz aws-customZRedshiftZmodifyClusterIamRoles)ClusterIdentifierZDefaultIamRoleArnphysicalResourceStateMachine)serviceaction parametersphysical_resource_id)r) on_createpolicya CREATE EXTERNAL SCHEMA IF NOT EXISTS ext_s3 FROM DATA CATALOG DATABASE 'ext_s3' IAM_ROLE default; CREATE MODEL ml_delay_prediction FROM (SELECT * FROM ext_s3.consignment_train) TARGET probability FUNCTION fnc_delay_probability IAM_ROLE default SETTINGS ( MAX_RUNTIME 1800, --seconds S3_BUCKET 'a' ); CREATE MATERIALIZED VIEW fleet_summary AS SELECT vehicle_location, COUNT(CASE WHEN vehicle_status = 'On the move' THEN 1 END) on_the_move, COUNT(CASE WHEN vehicle_status = 'Scheduled maintenance' THEN 1 END) scheduled_maintenance, COUNT(CASE WHEN vehicle_status = 'Unscheduled maintenance' THEN 1 END) unscheduled_maintenance FROM ext_s3.fleet GROUP BY 1 ; zaws-custom-redshift-mlZ RedshiftDataZexecuteStatementZCreateRedshiftMLModel)r0ZDatabaseZDbUserZSqlZ StatementNameZ WithEventzredshift:GetClusterCredentialsz"redshift-serverless:GetCredentialszredshift-data:ExecuteStatement)rZRedshiftClusterzRedshiftCluster Endpoint)r$rZRedshiftClusterPasswordz:https://console.aws.amazon.com/secretsmanager/home?region=z#/secret?name=z,Redshift Cluster Password in Secrets ManagerZRedshiftIAMRolezRedshift Cluster IAM Role Arn)8super__init___ec2Vpc SecurityGroup_iamRoleCompositePrincipalServicePrincipal ManagedPolicyfrom_aws_managed_policy_name_smSecretSecretStringGeneratorrDESTROYPolicyStatementEffectALLOWgrant_read_write _redshiftCfnClusterSubnetGroupselect_subnets SubnetTypePRIVATE_WITH_NATr! CfnCluster secret_value unsafe_unwraprole_arnrefsecurity_group_idr_crAwsCustomResource AwsSdkCallPhysicalResourceIdofAwsCustomResourcePolicyfrom_sdk_calls ANY_RESOURCE bucket_namer'r(from_statementsnodeadd_dependency rs_clusterrs_security_grouprs_cluster_rolerrattr_endpoint_addressrREGION secret_arn)selfrrconsignment_stream s3_bucket_rawredshift_max_azsredshift_cluster_typeredshift_number_of_nodesredshift_db_nameredshift_master_usernameredshift_node_typekwargsrrcrdZrs_cluster_secretZrs_cluster_subnet_grouprbZaws_custom_default_iamsqlZaws_custom_create_model __class__[/home/ec2-user/blog/amazon-redshift-streaming-workshop/redshift_streaming/redshift_stack.pyr9sP  %          zRedshiftStack.__init__)__name__ __module__ __qualname__r strr9 __classcell__rurursrvr s r N)aws_cdkrrrrrrr:rr=r rKr rCr rV constructsr r rurururvs0