aws-deployment-framework
aws-deployment-framework copied to clipboard
awslabs
A sample that demonstrate how to deploy Custom config rules that created with RDK via ADF pipelines
Issue #, if available:
Description of changes: This sample shows how to deploy Custom config rules create by RDK via ADF pipelines in multi account environment.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
@ntwobike nice! I had one question, did you consider the following approach to eliminate 1 pipeline:
- name: custom-config-rules ## repo name
default_providers:
source:
provider: codecommit
properties:
account_id: <deployment-account-id>
build:
provider: codebuild
properties:
image: "STANDARD_5_0"
spec_filename: "buildspec-lambda.yml"
deploy:
provider: cloudformation
targets:
- name: LambdaDeployment
regions: ....
target: <deployment-account-id>
properties:
template_filename: "template-lambda.json"
- name: ConfigRules
regions: eu-west-1
target:
- <target-accounts-to-deploy-custom-config-rules>
properties:
template_filename: "template-config-rules.json"
@Nr18 I haven't tried but as I see here there is only one build step here. I need 2 build steps to generate 2 different CFN templates on the fly for lambda and config-rules. It might be possible to consolidate the both buildspec to one file. Let me give a try and comeback to you
@ntwobike nice! I had one question, did you consider the following approach to eliminate 1 pipeline:
- name: custom-config-rules ## repo name default_providers: source: provider: codecommit properties: account_id: <deployment-account-id> build: provider: codebuild properties: image: "STANDARD_5_0" spec_filename: "buildspec-lambda.yml" deploy: provider: cloudformation targets: - name: LambdaDeployment regions: .... target: <deployment-account-id> properties: template_filename: "template-lambda.json" - name: ConfigRules regions: eu-west-1 target: - <target-accounts-to-deploy-custom-config-rules> properties: template_filename: "template-config-rules.json"
@ntwobike you will need a subfolder for example: lambda and config-rules then duplicate put the params folder and put them in those folders:
targets:
- name: LambdaDeployment
regions: ....
target: <deployment-account-id>
properties:
root_dir: lambda
template_filename: "template-lambda.json"
- name: ConfigRules
regions: eu-west-1
target:
- <target-accounts-to-deploy-custom-config-rules>
properties:
root_dir: config-rules
template_filename: "template-config-rules.json"
You can then use a tamplate.yml file that is picked up automatically (so you do not need to specify it)
Then win the buildspec you could do:
- cd ./lambda
- PYTHONPATH=../adf-build/python python ../adf-build/generate_params.py
- cd ../config-rules
- PYTHONPATH=../adf-build/python python ../adf-build/generate_params.py
Unfortunately, you need to specify the PYTHONPATH when using subfolders, see: #449 I will probably propose that the generate script resolves and includes the absolute path of the ./adf-build/python folder.
@Nr18 I have simplified the pipeline definition into one as you suggested. Nice one thanks for the suggestion. Also have updated the readme and the arch diagram as well. I didnt want the folders tho. Could you please have a look again.
👌 Nice, that's a lot simpler! The CloudFormation parameters of both templates are the same I assume? And that is the reason you can use the ./adf-build/generate_params.py in a normal way?
Hi @sbkok thanks for the review I have adapted all of suggestions. Please have a look again.
Thank you for fixing those. Unfortunately the UX of GitHub isn't the best, so I don't blame you. It looks like there are still a number of comments that are not fixed, could you check the hidden conversation and see if there are more comments/suggestions to fix?
