aws-genai-llm-chatbot
116 строк · 3.7 Кб
1import * as path from "path";2import * as cdk from "aws-cdk-lib";3import { Construct } from "constructs";4import { SystemConfig } from "../../shared/types";5import { Shared } from "../../shared";6import { CreateAuroraWorkspace } from "./create-aurora-workspace";7import { RagDynamoDBTables } from "../rag-dynamodb-tables";8import * as ec2 from "aws-cdk-lib/aws-ec2";9import * as lambda from "aws-cdk-lib/aws-lambda";10import * as logs from "aws-cdk-lib/aws-logs";11import * as rds from "aws-cdk-lib/aws-rds";12import * as cr from "aws-cdk-lib/custom-resources";13import * as sfn from "aws-cdk-lib/aws-stepfunctions";14import { NagSuppressions } from "cdk-nag";15
16export interface AuroraPgVectorProps {17readonly config: SystemConfig;18readonly shared: Shared;19readonly ragDynamoDBTables: RagDynamoDBTables;20}
21
22export class AuroraPgVector extends Construct {23readonly database: rds.DatabaseCluster;24public readonly createAuroraWorkspaceWorkflow: sfn.StateMachine;25
26constructor(scope: Construct, id: string, props: AuroraPgVectorProps) {27super(scope, id);28
29const dbCluster = new rds.DatabaseCluster(this, "AuroraDatabase", {30engine: rds.DatabaseClusterEngine.auroraPostgres({31version: rds.AuroraPostgresEngineVersion.VER_15_3,32}),33removalPolicy: cdk.RemovalPolicy.DESTROY,34writer: rds.ClusterInstance.serverlessV2("ServerlessInstance"),35vpc: props.shared.vpc,36vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_ISOLATED },37iamAuthentication: true,38});39
40const databaseSetupFunction = new lambda.Function(41this,42"DatabaseSetupFunction",43{44vpc: props.shared.vpc,45code: props.shared.sharedCode.bundleWithLambdaAsset(46path.join(__dirname, "./functions/pgvector-setup")47),48runtime: props.shared.pythonRuntime,49architecture: props.shared.lambdaArchitecture,50handler: "index.lambda_handler",51layers: [props.shared.powerToolsLayer, props.shared.commonLayer],52timeout: cdk.Duration.minutes(5),53logRetention: logs.RetentionDays.ONE_WEEK,54environment: {55...props.shared.defaultEnvironmentVariables,56},57}58);59
60dbCluster.secret?.grantRead(databaseSetupFunction);61dbCluster.connections.allowDefaultPortFrom(databaseSetupFunction);62
63const databaseSetupProvider = new cr.Provider(64this,65"DatabaseSetupProvider",66{67vpc: props.shared.vpc,68onEventHandler: databaseSetupFunction,69}70);71
72const dbSetupResource = new cdk.CustomResource(73this,74"DatabaseSetupResource",75{76removalPolicy: cdk.RemovalPolicy.DESTROY,77serviceToken: databaseSetupProvider.serviceToken,78properties: {79AURORA_DB_SECRET_ID: dbCluster.secret?.secretArn as string,80},81}82);83
84dbSetupResource.node.addDependency(dbCluster);85
86const createWorkflow = new CreateAuroraWorkspace(87this,88"CreateAuroraWorkspace",89{90config: props.config,91shared: props.shared,92dbCluster: dbCluster,93ragDynamoDBTables: props.ragDynamoDBTables,94}95);96
97this.database = dbCluster;98this.createAuroraWorkspaceWorkflow = createWorkflow.stateMachine;99
100/**101* CDK NAG suppression
102*/
103NagSuppressions.addResourceSuppressions(dbCluster, [104{105id: "AwsSolutions-RDS10",106reason:107"Deletion protection disabled to allow deletion as part of the CloudFormation stack.",108},109{110id: "AwsSolutions-RDS2",111reason:112"Encryption cannot be enabled on an unencrypted DB Cluster, therefore enabling will destroy existing data. Docs provide instructions for users requiring it.",113},114]);115}116}
117