in packages/constructs/L3/dataops/dataops-project-l3-construct/lib/dataops-project-l3-construct.ts [520:632]
private createDataZoneEnvironment(
projectBucket: IBucket,
mdaaProject: MdaaDatazoneProject,
datazoneManageAccessRole: IRole,
datazoneUserRole: IRole,
): CfnEnvironment {
const subBucketLocation = projectBucket.s3UrlForObject('/data/datazone');
// Create the database
const subDatabaseName = this.props.naming.resourceName('datazone-sub');
const subDatabase = new CfnDatabase(this.scope, `datazone-sub-database`, {
catalogId: this.account,
databaseInput: {
name: subDatabaseName,
description: 'For consuming Datazone subscripts',
locationUri: subBucketLocation,
},
});
const subDatabaseLFProps: DatabaseLakeFormationProps = {
createSuperGrantsForDataAdminRoles: true,
};
const dataLakeEnvProps: CfnEnvironmentProps = {
domainIdentifier: mdaaProject.project.domainIdentifier,
environmentProfileIdentifier: '',
name: this.props.naming.resourceName(),
projectIdentifier: mdaaProject.project.attrId,
};
const datazoneEnv = new CfnEnvironment(this, 'datalake-env', dataLakeEnvProps);
datazoneEnv.addPropertyOverride('EnvironmentAccountIdentifier', this.account);
datazoneEnv.addPropertyOverride('EnvironmentAccountRegion', this.region);
datazoneEnv.addPropertyOverride('EnvironmentBlueprintId', mdaaProject.domainCustomEnvBlueprintId);
datazoneEnv.addPropertyOverride('EnvironmentRoleArn', datazoneUserRole.roleArn);
this.createDatabaseLakeFormationConstruct(
'datazone-sub',
subDatabaseName,
subDatabase,
subDatabaseLFProps,
true,
datazoneManageAccessRole,
subBucketLocation,
);
const athenaActionProps: CfnEnvironmentActionsProps = {
name: 'Query data',
description: 'Amazon Athena',
domainIdentifier: mdaaProject.project.domainIdentifier,
environmentIdentifier: datazoneEnv.attrId,
parameters: {
// uri: `https://${this.region}.console.aws.amazon.com/athena/home#/query-editor/domain/${datazoneEnv.attrDomainId}/domainRegion/${this.region}/environment/${datazoneEnv.attrId}`
uri: `https://us-east-1.console.aws.amazon.com/athena/home?region=${this.region}#/query-editor`,
},
};
new CfnEnvironmentActions(this, 'athena-env-action', athenaActionProps);
const glueEtlActionProps: CfnEnvironmentActionsProps = {
name: 'View Glue ETL jobs',
description: 'AWS Glue ETL',
domainIdentifier: mdaaProject.project.domainIdentifier,
environmentIdentifier: datazoneEnv.attrId,
parameters: {
uri: `https://${this.region}.console.aws.amazon.com/gluestudio/home?region=${this.region}#/jobs`,
},
};
new CfnEnvironmentActions(this, 'glue-etl-env-action', glueEtlActionProps);
const glueCatalogActionProps: CfnEnvironmentActionsProps = {
name: 'View Glue Catalogs',
description: 'AWS Glue Catalog',
domainIdentifier: mdaaProject.project.domainIdentifier,
environmentIdentifier: datazoneEnv.attrId,
parameters: {
uri: `https://${this.region}.console.aws.amazon.com/glue/home?region=${this.region}#/v2/data-catalog/tables`,
},
};
new CfnEnvironmentActions(this, 'glue-catalog-env-action', glueCatalogActionProps);
const s3BucketActionProps: CfnEnvironmentActionsProps = {
name: 'Project S3 Data',
description: 'Amazon S3',
domainIdentifier: mdaaProject.project.domainIdentifier,
environmentIdentifier: datazoneEnv.attrId,
parameters: {
uri: `https://${this.region}.console.aws.amazon.com/s3/buckets/${projectBucket}/data/`,
},
};
new CfnEnvironmentActions(this, 's3-env-action', s3BucketActionProps);
const consoleActionProps: CfnEnvironmentActionsProps = {
name: 'View AWS Console',
description: 'AWS Console',
domainIdentifier: mdaaProject.project.domainIdentifier,
environmentIdentifier: datazoneEnv.attrId,
parameters: {
uri: 'https://console.aws.amazon.com/',
},
};
new CfnEnvironmentActions(this, 'console-env-action', consoleActionProps);
const userManagedPolicy = this.createDatazoneUserManagedPolicy(projectBucket);
userManagedPolicy.attachToRole(datazoneUserRole);
this.createDatazoneSubscriptionTarget(
datazoneEnv,
mdaaProject,
datazoneUserRole,
datazoneManageAccessRole,
subDatabaseName,
);
return datazoneEnv;
}