Merge branch 'main' into feature/ap/enhanced-search

Author: aaronatbissell

.editorconfig

@@ -0,0 +1,7 @@
+[*]
+charset = utf-8
+indent_style = space
+indent_size = 2
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true

.gitallowed

@@ -0,0 +1 @@
+source/packages/services/provisioning/src/things/steps/createdevicecertificateprocessor.spec.ts:.*

.prettierrc

@@ -0,0 +1,5 @@
+{
+    "singleQuote": true,
+    "semi": true,
+    "printWidth": 99
+}

README.md

@@ -34,7 +34,7 @@ Any other branches besides `main` and the release tags are considered experiment
 
 Implementing, deploying and maintaining IoT services can be significantly more complex than traditional software services due to a number of challenges faced:
 
-**Significant undifferentiated heavy lifting:**  It can take months, if not years, to build out an IoT platform.
+**Significant undifferentiated heavy lifting:**  It can take months, if not years, to build out an Facade API.
 
 **Skills gap:**  Finding product and IoT specialists is one problem, but then needing to find those same people who possess AWS knowledge is significantly harder.
 

multi-accounts/README.md

@@ -0,0 +1 @@
+The transformation scripts in this folder are used when you want to deploy `aws-connected-device-framework` in multiple account mode. It replaces some of the the parameters in cloudformation from `String` to `AWS::SSM::Parameter::Value<String>` to allow one stack to refer to another stack resources using ssm parameter store.

multi-accounts/build-s3-dist.sh

@@ -0,0 +1,124 @@
+#!/bin/bash
+#-----------------------------------------------------------------------------------------------------------------------
+#   Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance
+#  with the License. A copy of the License is located at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES
+#  OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions
+#  and limitations under the License.
+#-----------------------------------------------------------------------------------------------------------------------
+
+#
+# This assumes all of the OS-level configuration has been completed and git repo has already been cloned
+#
+# This script should be run from the repo's deployment directory
+# cd deployment
+# ./build-s3-dist.sh source-bucket-base-name solution-name version-code
+#
+# Parameters:
+#  - source-bucket-base-name: Name for the S3 bucket location where the template will source the Lambda
+#    code from. The template will append '-[region_name]' to this bucket name.
+#    For example: ./build-s3-dist.sh solutions my-solution v1.0.0
+#    The template will then expect the source code to be located in the solutions-[region_name] bucket
+#
+#  - solution-name: name of the solution for consistency
+#
+#  - version-code: version of the package
+
+# Check to see if input has been provided:
+if [ -z "$1" ] || [ -z "$2" ] || [ -z "$3" ] || [ -z "$4" ] ; then
+    echo "Please provide the base source bucket name, trademark approved solution name and version where the lambda code will eventually reside."
+    echo "For example: ./build-s3-dist.sh solutions trademarked-solution-name v1.0.0"
+    exit 1
+fi
+
+# Get reference for all important folders
+template_dir="$PWD"
+template_dist_dir="$template_dir/global-s3-assets"
+build_dist_dir="$template_dir/regional-s3-assets"
+source_dir="$template_dir/../source"
+
+echo "------------------------------------------------------------------------------"
+echo "[Init] Clean old dist, node_modules and bower_components folders"
+echo "------------------------------------------------------------------------------"
+echo "rm -rf $template_dist_dir"
+rm -rf $template_dist_dir
+echo "mkdir -p $template_dist_dir"
+mkdir -p $template_dist_dir
+echo "rm -rf $build_dist_dir"
+rm -rf $build_dist_dir
+echo "mkdir -p $build_dist_dir"
+mkdir -p $build_dist_dir
+
+
+echo "------------------------------------------------------------------------------"
+echo "[Packing] Templates"
+echo "------------------------------------------------------------------------------"
+
+# copy all the cfn templates in the source/infrastructure dir
+cp $source_dir/infrastructure/cfn-sample-tenant-component.yaml $template_dist_dir/
+# copy all the cfn templates in source/infrastructure/lambdaLayers/openssl/infrastructure
+cp $source_dir/infrastructure/lambdaLayers/openssl/infrastructure/cfn-*.yml $template_dist_dir/
+# copy all the cfn templates ending in yml in source/package/*/infrastructure
+cp $source_dir/packages/services/*/infrastructure/cfn-command-and-control.yml $template_dist_dir/
+# copy all cfn template snippets
+cp -a $source_dir/infrastructure/cloudformation/snippets/ $template_dist_dir/snippets/
+# copy all cfn templates in libraries/core
+cp $source_dir/packages/libraries/core/*/infrastructure/cfn-deployment-helper.yaml $template_dist_dir/
+
+cd "$template_dist_dir"
+# Rename all *.yaml to *.template
+for f in *.yaml; do
+    mv -- "$f" "${f%.yaml}.template"
+done
+
+# Rename all *.yml to *.template
+for f in *.yml; do
+    mv -- "$f" "${f%.yml}.template"
+done
+
+# remove non-release templates
+rm "$template_dist_dir"/cfn-auth-jwt.template
+rm "$template_dist_dir"/cfn-auth-devicecert.template
+rm "$template_dist_dir"/cfn-cdf-core*
+rm "$template_dist_dir"/cfn-bastion-host.template
+
+# override the S3 Code Uri and TemplateURL for the cfn templates to point to a S3 location
+for f in *.template; do
+    if [ -f "../transforms/${f%.*}.yaml" ]; then
+      # Below only works in yq version 3.4.1
+      yq w -i -s "../transforms/${f%.*}.yaml" "$f"
+    fi
+done
+
+cd ..
+echo "Updating code source bucket in template with $1"
+replace="s/%%BUCKET_NAME%%/$1/g"
+echo "sed -i '' -e $replace $template_dist_dir/*.template"
+sed -i '' -e $replace $template_dist_dir/*.template
+replace="s/%%SOLUTION_NAME%%/$2/g"
+echo "sed -i '' -e $replace $template_dist_dir/*.template"
+sed -i '' -e $replace $template_dist_dir/*.template
+replace="s/%%VERSION%%/$3/g"
+echo "sed -i '' -e $replace $template_dist_dir/*.template"
+sed -i '' -e $replace $template_dist_dir/*.template
+
+replace="s/%%TEMPLATE_BUCKET_NAME%%/$4/g"
+sed -i '' -e $replace $template_dist_dir/*.template
+
+
+echo "------------------------------------------------------------------------------"
+echo "[Rebuild] Package Dists"
+echo "------------------------------------------------------------------------------"
+
+# Copy and rename dists
+cd $build_dist_dir
+cp $source_dir/packages/libraries/core/deployment-helper/bundle.zip $build_dist_dir/cdf-deployment-helper.zip
+cp $source_dir/infrastructure/lambdaLayers/openssl/build/build.zip $build_dist_dir/cdf-openssl-layer.zip
+cp $source_dir/packages/services/provisioning/bundle.zip $build_dist_dir/cdf-provisioning.zip
+cp $source_dir/packages/services/command-and-control/bundle.zip $build_dist_dir/cdf-command-and-control.zip
+

multi-accounts/deploy-assets-multiple-region.bash

@@ -0,0 +1,91 @@
+#!/bin/bash
+
+set -e
+
+CDF_LOCATION=$(pwd)
+source "$CDF_LOCATION/source/infrastructure/common-deploy-functions.bash"
+
+function help_message {
+    cat << EOF
+
+NAME:
+    deploy-assets-multiple-regions.bash
+
+DESCRIPTION:
+    Deploys assets in multiple regions.
+
+MANDATORY ARGUMENTS:
+====================
+    -p (string)   Name of the Bucket Prefix
+    -b (string)   Name of the Template Bucket
+    -r (string)   List of supported regions separated by space
+    -v (string)   Version of the template
+
+OPTIONAL ARGUMENTS
+
+    ------------
+    -R (string)   AWS region.
+    -P (string)   AWS profile.
+
+DEPENDENCIES REQUIRED:
+
+    - aws-cli
+    - jq
+    - zip
+
+EOF
+}
+
+##########################################################
+######  parse and validate the provided arguments   ######
+##########################################################
+while getopts ":b:p:r:v:R:P:" opt; do
+  case $opt in
+    b  ) export TEMPLATE_BUCKET_NAME=$OPTARG;;
+    p  ) export BUCKET_NAME_PREFIX=$OPTARG;;
+    r  ) export SUPPORTED_REGIONS=$OPTARG;;
+    v  ) export SOLUTION_VERSION=$OPTARG;;
+
+    R  ) export AWS_REGION=$OPTARG;;
+    P  ) export AWS_PROFILE=$OPTARG;;
+
+    \? ) echo "Unknown option: -$OPTARG" >&2; help_message; exit 1;;
+    :  ) echo "Missing option argument for -$OPTARG" >&2; help_message; exit 1;;
+    *  ) echo "Unimplemented option: -$OPTARG" >&2; help_message; exit 1;;
+  esac
+done
+
+if [[ "$DEBUG" == "true" ]]; then
+    set -x
+fi
+
+
+IFS=' ' read -ra SUPPORTED_REGIONS_ARRAY <<< "$SUPPORTED_REGIONS"
+
+AWS_ARGS=$(buildAwsArgs "$AWS_REGION" "$AWS_PROFILE" )
+SOLUTION_NAME="aws-connected-device-framework"
+
+###########################################################################
+######  transform CDF templates to work in multi account environment ######
+###########################################################################
+cd "$CDF_LOCATION"/multi-accounts
+
+./build-s3-dist.sh "$BUCKET_NAME_PREFIX" "$SOLUTION_NAME" "$SOLUTION_VERSION" "$TEMPLATE_BUCKET_NAME"
+
+global_s3_assets="$CDF_LOCATION"/multi-accounts/global-s3-assets
+regional_s3_assets="$CDF_LOCATION"/multi-accounts/regional-s3-assets
+
+cd "$global_s3_assets"
+
+for region in "${SUPPORTED_REGIONS_ARRAY[@]}"
+do
+    artifact_key="${BUCKET_NAME_PREFIX}-${region}/$SOLUTION_NAME/$SOLUTION_VERSION"
+    aws s3 sync --acl bucket-owner-full-control $AWS_ARGS . "s3://${artifact_key}"
+done
+
+cd "$regional_s3_assets"
+for region in "${SUPPORTED_REGIONS_ARRAY[@]}"
+do
+    artifact_key="${BUCKET_NAME_PREFIX}-${region}/$SOLUTION_NAME/$SOLUTION_VERSION"
+    aws s3 sync --acl bucket-owner-full-control $AWS_ARGS . "s3://${artifact_key}"
+done