---
## id: index
title: Getting Started
# Neulabs CDK Constructs
[](https://www.npmjs.com/package/neulabs-cdk-constructs)
[](https://pypi.org/project/neulabs-cdk-constructs/)
[](https://github.com/neulabscom/neulabs-cdk-constructs/commits/main)
[](https://github.com/neulabscom/neulabs-cdk-constructs/blob/main/LICENSE)
The neulabs-cdk-constructs library contains CDK-based constructs and stacks to allow the creation of cloud infrastructure on AWS.
The purpose of the library is to expose modules that can facilitate the creation and maintenance of the infrastructure as code.
Inside you will find generic stacks that allow the creation of services by simply instantiating a class, or constructs that implement logic to facilitate the developer and many other aspects.
We decided to develop it in Typescript, using projen for repository management, and the JSII library to be able to compile the neulabs-cdk-constructs package into multiple languages.
## Usage
### Package Installation (npm)
```
yarn add neulabs-cdk-constructs
# or
npm install neulabs-cdk-constructs
```
### Package Installation (python)
```
pip install neulabs-cdk-constructs
```
### Construct APIs
[](https://constructs.dev/packages/neulabs-cdk-constructs)
## Examples
### Lambda Function with New Relic
```
import {aws_lambda as neulabs_lambda} from 'neulabs-cdk-constructs';
// Create the lambda function
this.lambdaFn = new neulabs_lambda.NewRelicFunction(this, functionName, {
stage: props.stage,
functionName: functionName,
runtime: Runtime.PYTHON_3_9,
handler: 'app.handler',
code: Code.fromAsset(path.join(__dirname, handler), {}),
layers: [baseLayer, ...(layers || [])],
environment: props.environment,
memorySize: props.memorySize || 128,
timeout: props.timeout || Duration.seconds(30),
architecture: lambda.Architecture.X86_64,
newRelicAccountId: '3540246',
newRelicLayerName: 'NewRelicPython39',
newRelicLayerVersion: 49,
newRelicwithExtensionSendLogs: true,
disableNewRelic: props.stage === 'production' ? false : true,
});
this.lambdaFn.addPowerToolsLayer(
app,
neulabs_lambda.LambdaPowerToolsLayerName.TYPESCRIPT,
neulabs_lambda.LambdaPowerToolsLayerAccountId.TYPESCRIPT,
20,
props.stage === 'production' ? false : true,
props.stage === 'production' ? 'WARGNING' : 'DEBUG'
);
```
### Create Github OIDC
AWS (Amazon Web Services) supports the use of OpenID Connect (OIDC) for identity federation. OIDC allows you to use an identity provider (such as GitHub) to authenticate users and grant them temporary security credentials to access AWS resources. Here's a brief overview of using GitHub as an identity provider with AWS OIDC:
* **Identity Provider (GitHub)**: GitHub acts as the identity provider in this setup. Users authenticate with GitHub, and GitHub issues identity tokens following the OIDC standard.
* **AWS IAM Role**: In AWS, you create an IAM (Identity and Access Management) role that specifies the permissions users should have when authenticated. This role trusts the GitHub OIDC provider.
* **GithubOIDCStack a neulabs construct**: create a new stack with three roles:
* **github-oidc-workflow-role** user used for authentication
* **cdk-oidc-deploy-role** role used for cdk deploying
* **cdk-oidc-bootsrap-role** role used for cdk bootstrap
1. Create GithubOIDCStack
```
environment = process.env.ENVIRONMENT! || 'staging';
new GithubOIDCStack(app, 'OidcStack', {
env: {
account: process.env.CDK_DEFAULT_ACCOUNT,
region: process.env.CDK_DEFAULT_REGION,
},
stage: environment,
githubUser: 'username',
githubRepository: 'repositoryName', # You can also use '*'
tokenAction: TokenActions.ALL,
cdkDeployRoleAwsManagedPolicies: ['AdministratorAccess'],
});
```
1. Use oidc role to authenticate the Github workflow
```
...
permissions:
id-token: write
contents: read
jobs:
...
deploy:
name: OIDC Auth
runs-on: ubuntu-20.04
steps:
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v1
with:
role-to-assume: arn:aws:iam::{ACCOUNT ID}:role/github-oidc-workflow-role
aws-region: {REGION}
mask-aws-account-id: no
...
```
### Create NewRelic Connection
The NewRelicStack implements the infrastructure to send metrics and logs to Newrelic through Kinesis and Cloudwatch Stream.
Once deployed you can copy the ARN of the 'NewRelicInfrastructure-Integrations' role and use it to configure Newrelic.
```
new NewRelicStack(app, 'NewrelicStack', {
env: constants.env,
stage: constants.environment,
newRelicBucketName: `newrelic-${constants.awsAccountId}-${constants.environment}`,
newRelicAccountId: newRelicAccountId,
newRelicLicenseKey: newRelicLicenseKey,
newRelicApiUrlMetrics: EndpointUrlMetrics.EU_METRICS,
newRelicApiUrlLogs: EndpointUrlLogs.EU_LOGS,
});
```
## Dev mode
### Requirements
* Node >= v16.14.0
* Yarn >= 1.22
### Setup env
```
yarn install
npx projen default
cd docs yarn install
```
## Contributors
### Rules
Read the [`CONTRIBUTING.md`](https://github.com/neulabscom/neulabs-cdk-constructs/blob/main/CONTRIBUTING.md) and [`CODE_OF_CONDUCT.md`](https://github.com/neulabscom/neulabs-cdk-constructs/blob/main/CODE_OF_CONDUCT.md) before create pull-request.
### Developers
<a href="https://github.com/neulabscom/neulabs-cdk-constructs/graphs/contributors"> <img src="https://contrib.rocks/image?repo=neulabscom/neulabs-cdk-constructs" /> </a>
## License
See the `LICENSE` file for more information.
Raw data
{
"_id": null,
"home_page": "https://github.com/neulabscom/neulabs-cdk-constructs.git",
"name": "neulabs-cdk-constructs",
"maintainer": "",
"docs_url": null,
"requires_python": "~=3.7",
"maintainer_email": "",
"keywords": "",
"author": "Neulabs<tech@neulabs.com>",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/13/b3/3445695762e2a91f12971dd82385f331963883b80ce32f284d6615ee5ca5/neulabs-cdk-constructs-0.6.1.tar.gz",
"platform": null,
"description": "---\n\n\n## id: index\ntitle: Getting Started\n\n# Neulabs CDK Constructs\n\n[](https://www.npmjs.com/package/neulabs-cdk-constructs)\n[](https://pypi.org/project/neulabs-cdk-constructs/)\n[](https://github.com/neulabscom/neulabs-cdk-constructs/commits/main)\n[](https://github.com/neulabscom/neulabs-cdk-constructs/blob/main/LICENSE)\n\nThe neulabs-cdk-constructs library contains CDK-based constructs and stacks to allow the creation of cloud infrastructure on AWS.\n\nThe purpose of the library is to expose modules that can facilitate the creation and maintenance of the infrastructure as code.\n\nInside you will find generic stacks that allow the creation of services by simply instantiating a class, or constructs that implement logic to facilitate the developer and many other aspects.\n\nWe decided to develop it in Typescript, using projen for repository management, and the JSII library to be able to compile the neulabs-cdk-constructs package into multiple languages.\n\n## Usage\n\n### Package Installation (npm)\n\n```\nyarn add neulabs-cdk-constructs\n# or\nnpm install neulabs-cdk-constructs\n```\n\n### Package Installation (python)\n\n```\npip install neulabs-cdk-constructs\n```\n\n### Construct APIs\n\n[](https://constructs.dev/packages/neulabs-cdk-constructs)\n\n## Examples\n\n### Lambda Function with New Relic\n\n```\nimport {aws_lambda as neulabs_lambda} from 'neulabs-cdk-constructs';\n\n\n // Create the lambda function\n this.lambdaFn = new neulabs_lambda.NewRelicFunction(this, functionName, {\n stage: props.stage,\n functionName: functionName,\n runtime: Runtime.PYTHON_3_9,\n handler: 'app.handler',\n code: Code.fromAsset(path.join(__dirname, handler), {}),\n layers: [baseLayer, ...(layers || [])],\n environment: props.environment,\n memorySize: props.memorySize || 128,\n timeout: props.timeout || Duration.seconds(30),\n architecture: lambda.Architecture.X86_64,\n newRelicAccountId: '3540246',\n newRelicLayerName: 'NewRelicPython39',\n newRelicLayerVersion: 49,\n newRelicwithExtensionSendLogs: true,\n disableNewRelic: props.stage === 'production' ? false : true,\n });\n\n this.lambdaFn.addPowerToolsLayer(\n app,\n neulabs_lambda.LambdaPowerToolsLayerName.TYPESCRIPT,\n neulabs_lambda.LambdaPowerToolsLayerAccountId.TYPESCRIPT,\n 20,\n props.stage === 'production' ? false : true,\n props.stage === 'production' ? 'WARGNING' : 'DEBUG'\n );\n```\n\n### Create Github OIDC\n\nAWS (Amazon Web Services) supports the use of OpenID Connect (OIDC) for identity federation. OIDC allows you to use an identity provider (such as GitHub) to authenticate users and grant them temporary security credentials to access AWS resources. Here's a brief overview of using GitHub as an identity provider with AWS OIDC:\n\n* **Identity Provider (GitHub)**: GitHub acts as the identity provider in this setup. Users authenticate with GitHub, and GitHub issues identity tokens following the OIDC standard.\n* **AWS IAM Role**: In AWS, you create an IAM (Identity and Access Management) role that specifies the permissions users should have when authenticated. This role trusts the GitHub OIDC provider.\n* **GithubOIDCStack a neulabs construct**: create a new stack with three roles:\n\n * **github-oidc-workflow-role** user used for authentication\n * **cdk-oidc-deploy-role** role used for cdk deploying\n * **cdk-oidc-bootsrap-role** role used for cdk bootstrap\n\n1. Create GithubOIDCStack\n\n```\nenvironment = process.env.ENVIRONMENT! || 'staging';\n\nnew GithubOIDCStack(app, 'OidcStack', {\n env: {\n account: process.env.CDK_DEFAULT_ACCOUNT,\n region: process.env.CDK_DEFAULT_REGION,\n },\n stage: environment,\n githubUser: 'username',\n githubRepository: 'repositoryName', # You can also use '*'\n tokenAction: TokenActions.ALL,\n cdkDeployRoleAwsManagedPolicies: ['AdministratorAccess'],\n});\n```\n\n1. Use oidc role to authenticate the Github workflow\n\n```\n...\n\npermissions:\n id-token: write\n contents: read\n\njobs:\n ...\n deploy:\n name: OIDC Auth\n runs-on: ubuntu-20.04\n steps:\n - name: Configure aws credentials\n uses: aws-actions/configure-aws-credentials@v1\n with:\n role-to-assume: arn:aws:iam::{ACCOUNT ID}:role/github-oidc-workflow-role\n aws-region: {REGION}\n mask-aws-account-id: no\n ...\n```\n\n### Create NewRelic Connection\n\nThe NewRelicStack implements the infrastructure to send metrics and logs to Newrelic through Kinesis and Cloudwatch Stream.\nOnce deployed you can copy the ARN of the 'NewRelicInfrastructure-Integrations' role and use it to configure Newrelic.\n\n```\n new NewRelicStack(app, 'NewrelicStack', {\n env: constants.env,\n stage: constants.environment,\n newRelicBucketName: `newrelic-${constants.awsAccountId}-${constants.environment}`,\n newRelicAccountId: newRelicAccountId,\n newRelicLicenseKey: newRelicLicenseKey,\n newRelicApiUrlMetrics: EndpointUrlMetrics.EU_METRICS,\n newRelicApiUrlLogs: EndpointUrlLogs.EU_LOGS,\n });\n```\n\n## Dev mode\n\n### Requirements\n\n* Node >= v16.14.0\n* Yarn >= 1.22\n\n### Setup env\n\n```\nyarn install\n\nnpx projen default\n\ncd docs yarn install\n```\n\n## Contributors\n\n### Rules\n\nRead the [`CONTRIBUTING.md`](https://github.com/neulabscom/neulabs-cdk-constructs/blob/main/CONTRIBUTING.md) and [`CODE_OF_CONDUCT.md`](https://github.com/neulabscom/neulabs-cdk-constructs/blob/main/CODE_OF_CONDUCT.md) before create pull-request.\n\n### Developers\n\n<a href=\"https://github.com/neulabscom/neulabs-cdk-constructs/graphs/contributors\"> <img src=\"https://contrib.rocks/image?repo=neulabscom/neulabs-cdk-constructs\" /> </a>\n\n## License\n\nSee the `LICENSE` file for more information.\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "neulabs-cdk-constructs",
"version": "0.6.1",
"project_urls": {
"Homepage": "https://github.com/neulabscom/neulabs-cdk-constructs.git",
"Source": "https://github.com/neulabscom/neulabs-cdk-constructs.git"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f2a5e7021e2c4c4a23ad38454b86b5a9cece6e1d31ec72908d0d5ce8dcd42bf7",
"md5": "1a6274eea748aafa446a6d6160a56d58",
"sha256": "50a88e2f70dee54cc7ec1cac43407ac2f6ab58f56c200b996473ce6703c89875"
},
"downloads": -1,
"filename": "neulabs_cdk_constructs-0.6.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1a6274eea748aafa446a6d6160a56d58",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "~=3.7",
"size": 355385,
"upload_time": "2023-10-02T11:55:42",
"upload_time_iso_8601": "2023-10-02T11:55:42.205810Z",
"url": "https://files.pythonhosted.org/packages/f2/a5/e7021e2c4c4a23ad38454b86b5a9cece6e1d31ec72908d0d5ce8dcd42bf7/neulabs_cdk_constructs-0.6.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "13b33445695762e2a91f12971dd82385f331963883b80ce32f284d6615ee5ca5",
"md5": "e90e6b20455cb9392ea815c758417565",
"sha256": "178cc4377d1ccce58387f250b2ed229bbe44aef69122285864fdc74c9221ec2c"
},
"downloads": -1,
"filename": "neulabs-cdk-constructs-0.6.1.tar.gz",
"has_sig": false,
"md5_digest": "e90e6b20455cb9392ea815c758417565",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "~=3.7",
"size": 352746,
"upload_time": "2023-10-02T11:55:43",
"upload_time_iso_8601": "2023-10-02T11:55:43.702317Z",
"url": "https://files.pythonhosted.org/packages/13/b3/3445695762e2a91f12971dd82385f331963883b80ce32f284d6615ee5ca5/neulabs-cdk-constructs-0.6.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-10-02 11:55:43",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "neulabscom",
"github_project": "neulabs-cdk-constructs",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "neulabs-cdk-constructs"
}
JSON
