255 lines
9.1 KiB
TypeScript
255 lines
9.1 KiB
TypeScript
import type { BaseStreamEventSourceProps } from './stream';
|
|
import { StreamEventSource } from './stream';
|
|
import type { ISecurityGroup, IVpc, SubnetSelection } from '../../aws-ec2';
|
|
import type { IKey } from '../../aws-kms';
|
|
import * as lambda from '../../aws-lambda';
|
|
import type { ISchemaRegistry } from '../../aws-lambda/lib/schema-registry';
|
|
import type * as secretsmanager from '../../aws-secretsmanager';
|
|
import type { Duration } from '../../core';
|
|
/**
|
|
* Properties for a Kafka event source
|
|
*/
|
|
export interface KafkaEventSourceProps extends BaseStreamEventSourceProps {
|
|
/**
|
|
* The Kafka topic to subscribe to
|
|
*/
|
|
readonly topic: string;
|
|
/**
|
|
* The secret with the Kafka credentials, see https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html for details
|
|
* This field is required if your Kafka brokers are accessed over the Internet
|
|
*
|
|
* @default none
|
|
*/
|
|
readonly secret?: secretsmanager.ISecret;
|
|
/**
|
|
* The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. The value must have a length between 1 and 200 and full the pattern '[a-zA-Z0-9-\/*:_+=.@-]*'.
|
|
* @see https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id
|
|
*
|
|
* @default - none
|
|
*/
|
|
readonly consumerGroupId?: string;
|
|
/**
|
|
* Add filter criteria to Event Source
|
|
* @see https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html
|
|
*
|
|
* @default - none
|
|
*/
|
|
readonly filters?: Array<{
|
|
[key: string]: any;
|
|
}>;
|
|
/**
|
|
* Add Customer managed KMS key to encrypt Filter Criteria.
|
|
* @see https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html
|
|
* By default, Lambda will encrypt Filter Criteria using AWS managed keys
|
|
* @see https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
|
|
*
|
|
* @default - none
|
|
*/
|
|
readonly filterEncryption?: IKey;
|
|
/**
|
|
* Add an on Failure Destination for this Kafka event.
|
|
*
|
|
* Supported destinations:
|
|
* - {@link KafkaDlq} - Send failed records to a Kafka topic
|
|
* - SNS topics - Send failed records to an SNS topic
|
|
* - SQS queues - Send failed records to an SQS queue
|
|
* - S3 buckets - Send failed records to an S3 bucket
|
|
*
|
|
* @default - discarded records are ignored
|
|
*/
|
|
readonly onFailure?: lambda.IEventSourceDlq;
|
|
/**
|
|
* The time from which to start reading, in Unix time seconds.
|
|
*
|
|
* @default - no timestamp
|
|
*/
|
|
readonly startingPositionTimestamp?: number;
|
|
/**
|
|
* Specific configuration settings for a Kafka schema registry.
|
|
*
|
|
* @default - none
|
|
*/
|
|
readonly schemaRegistryConfig?: ISchemaRegistry;
|
|
/**
|
|
* Configuration for logging verbosity from the event source mapping poller
|
|
*
|
|
* @default - No logging
|
|
*/
|
|
readonly logLevel?: lambda.EventSourceMappingLogLevel;
|
|
/**
|
|
* Configuration for enhanced monitoring metrics collection
|
|
*
|
|
* @default - Enhanced monitoring is disabled
|
|
*/
|
|
readonly metricsConfig?: lambda.MetricsConfig;
|
|
/***
|
|
* If the function returns an error, split the batch in two and retry.
|
|
*
|
|
* @default false
|
|
*/
|
|
readonly bisectBatchOnError?: boolean;
|
|
/**
|
|
* The maximum age of a record that Lambda sends to a function for processing.
|
|
*
|
|
* The default value is -1, which sets the maximum age to infinite.
|
|
* When the value is set to infinite, Lambda never discards old records.
|
|
* Record are valid until it expires in the event source.
|
|
*
|
|
* @default -1
|
|
*/
|
|
readonly maxRecordAge?: Duration;
|
|
/***
|
|
* Maximum number of retry attempts.
|
|
*
|
|
* Set to -1 for infinite retries (until the record expires in the event source).
|
|
*
|
|
* @default -1 (infinite retries)
|
|
*/
|
|
readonly retryAttempts?: number;
|
|
/***
|
|
* Allow functions to return partially successful responses for a batch of records.
|
|
*
|
|
* @default false
|
|
*/
|
|
readonly reportBatchItemFailures?: boolean;
|
|
}
|
|
/**
|
|
* Properties for a MSK event source
|
|
*/
|
|
export interface ManagedKafkaEventSourceProps extends KafkaEventSourceProps {
|
|
/**
|
|
* An MSK cluster construct
|
|
*/
|
|
readonly clusterArn: string;
|
|
}
|
|
/**
|
|
* The authentication method to use with SelfManagedKafkaEventSource
|
|
*/
|
|
export declare enum AuthenticationMethod {
|
|
/**
|
|
* SASL_SCRAM_512_AUTH authentication method for your Kafka cluster
|
|
*/
|
|
SASL_SCRAM_512_AUTH = "SASL_SCRAM_512_AUTH",
|
|
/**
|
|
* SASL_SCRAM_256_AUTH authentication method for your Kafka cluster
|
|
*/
|
|
SASL_SCRAM_256_AUTH = "SASL_SCRAM_256_AUTH",
|
|
/**
|
|
* BASIC_AUTH (SASL/PLAIN) authentication method for your Kafka cluster
|
|
*/
|
|
BASIC_AUTH = "BASIC_AUTH",
|
|
/**
|
|
* CLIENT_CERTIFICATE_TLS_AUTH (mTLS) authentication method for your Kafka cluster
|
|
*/
|
|
CLIENT_CERTIFICATE_TLS_AUTH = "CLIENT_CERTIFICATE_TLS_AUTH"
|
|
}
|
|
/**
|
|
* Properties for a self managed Kafka cluster event source.
|
|
* If your Kafka cluster is only reachable via VPC make sure to configure it.
|
|
*/
|
|
export interface SelfManagedKafkaEventSourceProps extends KafkaEventSourceProps {
|
|
/**
|
|
* The list of host and port pairs that are the addresses of the Kafka brokers in a "bootstrap" Kafka cluster that
|
|
* a Kafka client connects to initially to bootstrap itself. They are in the format `abc.xyz.com:xxxx`.
|
|
*/
|
|
readonly bootstrapServers: string[];
|
|
/**
|
|
* If your Kafka brokers are only reachable via VPC provide the VPC here
|
|
*
|
|
* @default none
|
|
*/
|
|
readonly vpc?: IVpc;
|
|
/**
|
|
* If your Kafka brokers are only reachable via VPC, provide the subnets selection here
|
|
*
|
|
* @default - none, required if setting vpc
|
|
*/
|
|
readonly vpcSubnets?: SubnetSelection;
|
|
/**
|
|
* If your Kafka brokers are only reachable via VPC, provide the security group here
|
|
*
|
|
* @default - none, required if setting vpc
|
|
*/
|
|
readonly securityGroup?: ISecurityGroup;
|
|
/**
|
|
* The authentication method for your Kafka cluster
|
|
*
|
|
* @default AuthenticationMethod.SASL_SCRAM_512_AUTH
|
|
*/
|
|
readonly authenticationMethod?: AuthenticationMethod;
|
|
/**
|
|
* The secret with the root CA certificate used by your Kafka brokers for TLS encryption
|
|
* This field is required if your Kafka brokers use certificates signed by a private CA
|
|
*
|
|
* @default - none
|
|
*/
|
|
readonly rootCACertificate?: secretsmanager.ISecret;
|
|
}
|
|
/**
|
|
* Use a MSK cluster as a streaming source for AWS Lambda
|
|
*
|
|
* @example
|
|
* import { ManagedKafkaEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
|
|
* import { StartingPosition, Function } from 'aws-cdk-lib/aws-lambda';
|
|
*
|
|
* // With provisioned pollers and poller group for cost optimization
|
|
* declare const myFunction: Function;
|
|
* myFunction.addEventSource(new ManagedKafkaEventSource({
|
|
* clusterArn: 'arn:aws:kafka:us-east-1:123456789012:cluster/my-cluster/abcd1234-abcd-cafe-abab-9876543210ab-4',
|
|
* topic: 'orders-topic',
|
|
* startingPosition: StartingPosition.LATEST,
|
|
* provisionedPollerConfig: {
|
|
* minimumPollers: 2,
|
|
* maximumPollers: 10,
|
|
* pollerGroupName: 'shared-kafka-pollers',
|
|
* },
|
|
* }));
|
|
*/
|
|
export declare class ManagedKafkaEventSource extends StreamEventSource {
|
|
private innerProps;
|
|
private _eventSourceMappingId?;
|
|
private _eventSourceMappingArn?;
|
|
constructor(props: ManagedKafkaEventSourceProps);
|
|
bind(target: lambda.IFunction): void;
|
|
private sourceAccessConfigurations;
|
|
/**
|
|
* The identifier for this EventSourceMapping
|
|
*/
|
|
get eventSourceMappingId(): string;
|
|
/**
|
|
* The ARN for this EventSourceMapping
|
|
*/
|
|
get eventSourceMappingArn(): string;
|
|
}
|
|
/**
|
|
* Use a self hosted Kafka installation as a streaming source for AWS Lambda.
|
|
*
|
|
* @example
|
|
* import { SelfManagedKafkaEventSource, AuthenticationMethod } from 'aws-cdk-lib/aws-lambda-event-sources';
|
|
* import { StartingPosition, Function } from 'aws-cdk-lib/aws-lambda';
|
|
* import { ISecret } from 'aws-cdk-lib/aws-secretsmanager';
|
|
*
|
|
* // With provisioned pollers and poller group for cost optimization
|
|
* declare const myFunction: Function;
|
|
* declare const kafkaCredentials: ISecret;
|
|
* myFunction.addEventSource(new SelfManagedKafkaEventSource({
|
|
* bootstrapServers: ['kafka-broker1.example.com:9092', 'kafka-broker2.example.com:9092'],
|
|
* topic: 'events-topic',
|
|
* secret: kafkaCredentials,
|
|
* startingPosition: StartingPosition.LATEST,
|
|
* authenticationMethod: AuthenticationMethod.SASL_SCRAM_512_AUTH,
|
|
* provisionedPollerConfig: {
|
|
* minimumPollers: 1,
|
|
* maximumPollers: 8,
|
|
* pollerGroupName: 'self-managed-kafka-group', // Group pollers to reduce costs
|
|
* },
|
|
* }));
|
|
*/
|
|
export declare class SelfManagedKafkaEventSource extends StreamEventSource {
|
|
private innerProps;
|
|
constructor(props: SelfManagedKafkaEventSourceProps);
|
|
bind(target: lambda.IFunction): void;
|
|
private mappingId;
|
|
private sourceAccessConfigurations;
|
|
}
|