a obD@sHddlmZmZmZmZmZmZm Z m Z ddl mZGdddeZdS))Stack CfnOutput RemovalPolicyAwsaws_ec2aws_iam aws_redshiftaws_secretsmanager) Constructcs2eZdZeeddfdd ZeddZZS) RedshiftStackN)scope construct_idreturnc  stj||fi||jd}tj|d|dd}tj|d|d}tj|dt dtj d tj d gd }t j |d d dt jddtjd} tj |ddtjtjjgddgdg|gd|j} |j} | || |tj|d|jtjjdjdd} tj|d|d|d|d|d | j|j g|d!d"| j!|j"gd# |_#t$|d$|j#j%d%d&t$|d'd(t&j'd)| j(d*d&t$|d+|j d,d&dS)-Nredshift_configZVpcIdmax_azs)rZredshiftSecurityGroup)vpcZredshiftClusterRolezredshift.amazonaws.comZAmazonS3FullAccessZ#AmazonRedshiftAllCommandsFullAccess) assumed_bymanaged_policiesZRedshiftSecretPasswordzRedshift admin credentialsZRedshiftSecretT)exclude_punctuation) description secret_namegenerate_secret_stringremoval_policyZredshiftSpectrumPolicyz;Provide access between Redshift Spectrum and Lake Formation)zglue:CreateDatabasezglue:DeleteDatabasezglue:GetDatabasezglue:GetDatabaseszglue:UpdateDatabasezglue:CreateTablezglue:DeleteTablezglue:BatchDeleteTablezglue:UpdateTablez glue:GetTablezglue:GetTableszglue:BatchCreatePartitionzglue:CreatePartitionzglue:DeletePartitionzglue:BatchDeletePartitionzglue:UpdatePartitionzglue:GetPartitionzglue:GetPartitionszglue:BatchGetPartitionzlakeformation:GetDataAccess*)effectactions resources)r statementsrolesZredshiftSubnetGroup) subnet_typezRedshift Subnet Group) subnet_idsrZredshiftStreamingCluster cluster_typenumber_of_nodesdb_namemaster_username node_typeF) r!r"r#r$master_user_password iam_rolesr%publicly_accessiblecluster_subnet_group_namevpc_security_group_idsZRedshiftClusterzRedshiftCluster Endpoint)valuerZRedshiftClusterPasswordz:https://console.aws.amazon.com/secretsmanager/home?region=z#/secret?name=z,Redshift Cluster Password in Secrets ManagerZRedshiftIAMRolezRedshift Cluster IAM Role Arn))super__init__nodetry_get_context_ec2Vpc SecurityGroup_iamRoleServicePrincipal ManagedPolicyfrom_aws_managed_policy_name_smSecretSecretStringGeneratorrDESTROYPolicyStatementEffectALLOWget_customer_streamget_order_streamgrant_read_write _redshiftCfnClusterSubnetGroupselect_subnets SubnetTypePRIVATE_WITH_NATr CfnCluster secret_value to_stringrole_arnrefsecurity_group_id rs_clusterrattr_endpoint_addressrREGION secret_arn) selfr r ingestion_stackkwargsrrZrs_security_groupZrs_cluster_roleZrs_cluster_secretcustomer_stream order_streamZrs_cluster_subnet_group __class__/Users/sbeath/Documents/2. Internal/redshift-streaming-workshop/amazon-redshift-streaming-workshop/redshift_streaming/redshift_stack.pyr-s  %    zRedshiftStack.__init__cCs|jS)N)rM)rQrXrXrYget_rs_clusterszRedshiftStack.get_rs_cluster) __name__ __module__ __qualname__r strr-propertyrZ __classcell__rXrXrVrYr s r N)aws_cdkrrrrrr0rr3rrBr r8 constructsr r rXrXrXrYs(