feat(rds): database proxy (#8476)

closes #8475 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Jul 1, 2020 · e0e5e03 · e0e5e03
1 parent 7f432ff
commit e0e5e03
Show file tree

Hide file tree

Showing 10 changed files with 1,258 additions and 0 deletions.
diff --git a/packages/@aws-cdk/aws-rds/README.md b/packages/@aws-cdk/aws-rds/README.md
@@ -189,3 +189,29 @@ new DatabaseCluster(this, 'dbcluster', {
     s3ExportBuckets: [ exportBucket ]
 });
 ```
+
+### Creating a Database Proxy
+
+Amazon RDS Proxy sits between your application and your relational database to efficiently manage
+connections to the database and improve scalability of the application. Learn more about at [Amazon RDS Proxy](https://aws.amazon.com/rds/proxy/)
+
+The following code configures an RDS Proxy for a `DatabaseInstance`.
+
+```ts
+import * as cdk from '@aws-cdk/core';
+import * as ec2 from '@aws-cdk/aws-ec2';
+import * as rds from '@aws-cdk/aws-rds';
+import * as secrets from '@aws-cdk/aws-secretsmanager';
+
+const vpc: ec2.IVpc = ...;
+const securityGroup: ec2.ISecurityGroup = ...;
+const secret: secrets.ISecret = ...;
+const dbInstance: rds.IDatabaseInstance = ...;
+
+const proxy = dbInstance.addProxy('proxy', {
+    connectionBorrowTimeout: cdk.Duration.seconds(30),
+    maxConnectionsPercent: 50,
+    secret,
+    vpc,
+});
+```
diff --git a/packages/@aws-cdk/aws-rds/lib/cluster-ref.ts b/packages/@aws-cdk/aws-rds/lib/cluster-ref.ts
@@ -2,6 +2,7 @@ import * as ec2 from '@aws-cdk/aws-ec2';
 import * as secretsmanager from '@aws-cdk/aws-secretsmanager';
 import { IResource } from '@aws-cdk/core';
 import { Endpoint } from './endpoint';
+import { DatabaseProxy, DatabaseProxyOptions } from './proxy';
 
 /**
  * Create a clustered database with a given number of instances.
@@ -33,6 +34,11 @@ export interface IDatabaseCluster extends IResource, ec2.IConnectable, secretsma
    * Endpoints which address each individual replica.
    */
   readonly instanceEndpoints: Endpoint[];
+
+  /**
+   * Add a new db proxy to this cluster.
+   */
+  addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy;
 }
 
 /**

diff --git a/packages/@aws-cdk/aws-rds/lib/cluster.ts b/packages/@aws-cdk/aws-rds/lib/cluster.ts
@@ -9,6 +9,7 @@ import { DatabaseSecret } from './database-secret';
 import { Endpoint } from './endpoint';
 import { ClusterParameterGroup, IParameterGroup } from './parameter-group';
 import { BackupProps, DatabaseClusterEngine, InstanceProps, Login, RotationMultiUserOptions } from './props';
+import { DatabaseProxy, DatabaseProxyOptions, ProxyTarget } from './proxy';
 import { CfnDBCluster, CfnDBInstance, CfnDBSubnetGroup } from './rds.generated';
 
 /**
@@ -239,6 +240,16 @@ abstract class DatabaseClusterBase extends Resource implements IDatabaseCluster
    */
   public abstract readonly connections: ec2.Connections;
 
+  /**
+   * Add a new db proxy to this cluster.
+   */
+  public addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy {
+    return new DatabaseProxy(this, id, {
+      proxyTarget: ProxyTarget.fromCluster(this),
+      ...options,
+    });
+  }
+
   /**
    * Renders the secret attachment target specifications.
    */

diff --git a/packages/@aws-cdk/aws-rds/lib/index.ts b/packages/@aws-cdk/aws-rds/lib/index.ts
@@ -6,6 +6,7 @@ export * from './database-secret';
 export * from './endpoint';
 export * from './option-group';
 export * from './instance';
+export * from './proxy';
 
 // AWS::RDS CloudFormation Resources:
 export * from './rds.generated';

diff --git a/packages/@aws-cdk/aws-rds/lib/instance.ts b/packages/@aws-cdk/aws-rds/lib/instance.ts
@@ -11,6 +11,7 @@ import { Endpoint } from './endpoint';
 import { IOptionGroup } from './option-group';
 import { IParameterGroup } from './parameter-group';
 import { DatabaseClusterEngine, RotationMultiUserOptions } from './props';
+import { DatabaseProxy, DatabaseProxyOptions, ProxyTarget } from './proxy';
 import { CfnDBInstance, CfnDBInstanceProps, CfnDBSubnetGroup } from './rds.generated';
 
 /**
@@ -46,6 +47,11 @@ export interface IDatabaseInstance extends IResource, ec2.IConnectable, secretsm
    */
   readonly instanceEndpoint: Endpoint;
 
+  /**
+   * Add a new db proxy to this instance.
+   */
+  addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy;
+
   /**
    * Defines a CloudWatch event rule which triggers for instance events. Use
    * `rule.addEventPattern(pattern)` to specify a filter.
@@ -111,6 +117,16 @@ export abstract class DatabaseInstanceBase extends Resource implements IDatabase
    */
   public abstract readonly connections: ec2.Connections;
 
+  /**
+   * Add a new db proxy to this instance.
+   */
+  public addProxy(id: string, options: DatabaseProxyOptions): DatabaseProxy {
+    return new DatabaseProxy(this, id, {
+      proxyTarget: ProxyTarget.fromInstance(this),
+      ...options,
+    });
+  }
+
   /**
    * Defines a CloudWatch event rule which triggers for instance events. Use
    * `rule.addEventPattern(pattern)` to specify a filter.