Skip to content

Commit

Permalink
feat(iot-actions-alpha): open search action in IoT topic rule (#28748)
Browse files Browse the repository at this point in the history
The CDK has no support to writes data to an Amazon OpenSearch Service via AWS IoT Rule. Adding the action that writes data to an Amazon OpenSearch Service to AWS IoT topic rule.

OpenSearch action for IoT Topic Rule documentation is here: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-topicrule-opensearchaction.html.

Closes #17702.

Tested by deploying my own stack and confirmed that publishing a message to IoT topic rule will successfully write data to open search service.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
GavinZZ authored Jan 23, 2024
1 parent a238590 commit 84b23cb
Show file tree
Hide file tree
Showing 14 changed files with 1,435 additions and 16 deletions.
53 changes: 37 additions & 16 deletions packages/@aws-cdk/aws-iot-actions-alpha/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -355,20 +355,41 @@ to an HTTPS endpoint when it is triggered:

```ts
const topicRule = new iot.TopicRule(this, 'TopicRule', {
sql: iot.IotSql.fromStringAsVer20160323(
"SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'",
),
});

topicRule.addAction(
new actions.HttpsAction('https://example.com/endpoint', {
confirmationUrl: 'https://example.com',
headers: [
{ key: 'key0', value: 'value0' },
{ key: 'key1', value: 'value1' },
],
auth: { serviceName: 'serviceName', signingRegion: 'us-east-1' },
}),
);
}
sql: iot.IotSql.fromStringAsVer20160323(
"SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'",
),
});

topicRule.addAction(
new actions.HttpsAction('https://example.com/endpoint', {
confirmationUrl: 'https://example.com',
headers: [
{ key: 'key0', value: 'value0' },
{ key: 'key1', value: 'value1' },
],
auth: { serviceName: 'serviceName', signingRegion: 'us-east-1' },
}),
);
```

## Write Data to Open Search Service

The code snippet below creates an AWS IoT Rule that writes data
to an Open Search Service when it is triggered:

```ts
import * as opensearch from 'aws-cdk-lib/aws-opensearchservice';
declare const domain: opensearch.Domain;

const topicRule = new iot.TopicRule(this, 'TopicRule', {
sql: iot.IotSql.fromStringAsVer20160323(
"SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'",
),
});

topicRule.addAction(new actions.OpenSearchAction(domain, {
id: 'my-id',
index: 'my-index',
type: 'my-type',
}));
```
1 change: 1 addition & 0 deletions packages/@aws-cdk/aws-iot-actions-alpha/lib/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ export * from './iotevents-put-message-action';
export * from './iot-republish-action';
export * from './kinesis-put-record-action';
export * from './lambda-function-action';
export * from './open-search-action';
export * from './s3-put-object-action';
export * from './sqs-queue-action';
export * from './sns-topic-action';
Expand Down
59 changes: 59 additions & 0 deletions packages/@aws-cdk/aws-iot-actions-alpha/lib/open-search-action.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
import * as iam from 'aws-cdk-lib/aws-iam';
import * as iot from '@aws-cdk/aws-iot-alpha';
import * as opensearch from 'aws-cdk-lib/aws-opensearchservice';
import { CommonActionProps } from './common-action-props';
import { singletonActionRole } from './private/role';

/**
* Configuration properties of an action for Open Search.
*/
export interface OpenSearchActionProps extends CommonActionProps {
/**
* The unique identifier for the document you are storing.
*/
readonly id: string;

/**
* The OpenSearch index where you want to store your data.
*/
readonly index: string;

/**
* The type of document you are storing.
*/
readonly type: string;
}

/**
* The action to write data to an Amazon OpenSearch Service domain.
*/
export class OpenSearchAction implements iot.IAction {
constructor(private readonly domain: opensearch.Domain, private readonly props: OpenSearchActionProps) {
}

/**
* @internal
*/
public _bind(rule: iot.ITopicRule): iot.ActionConfig {
const role = this.props.role ?? singletonActionRole(rule);

// According to CloudFormation documentation, we only need 'es:ESHttpPut' permission
// https://docs.aws.amazon.com/iot/latest/developerguide/opensearch-rule-action.html#opensearch-rule-action-requirements
role.addToPrincipalPolicy(new iam.PolicyStatement({
actions: ['es:ESHttpPut'],
resources: [this.domain.domainArn, `${this.domain.domainArn}/*`],
}));

return {
configuration: {
openSearch: {
endpoint: `https://${this.domain.domainEndpoint}`,
id: this.props.id,
index: this.props.index,
type: this.props.type,
roleArn: role.roleArn,
},
},
};
}
}

Large diffs are not rendered by default.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 84b23cb

Please sign in to comment.