AWS CDK constructs for ImmuKV - Immutable key-value store using S3 versioning

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for sd-yip from gravatar.com sd-yip

Unverified details

These details have not been verified by PyPI
Meta
  • License: OSI Approved (MIT)
  • Author: ImmuKV Contributors
  • Requires: Python ~=3.9
Classifiers
Report project as malware

Project description

cdk-immukv

AWS CDK constructs for deploying ImmuKV infrastructure.

Installation

TypeScript/JavaScript

npm install cdk-immukv

Python

pip install cdk-immukv

Usage

Basic Setup

TypeScript

import * as cdk from "aws-cdk-lib";
import { ImmuKV } from "cdk-immukv";

const app = new cdk.App();
const stack = new cdk.Stack(app, "MyStack");

new ImmuKV(stack, "ImmuKV", {
  bucketName: "my-immukv-bucket",
  s3Prefix: "myapp/",
});

Python

import aws_cdk as cdk
from cdk_immukv import ImmuKV

app = cdk.App()
stack = cdk.Stack(app, "MyStack")

ImmuKV(stack, "ImmuKV",
    bucket_name="my-immukv-bucket",
    s3_prefix="myapp/",
)

S3 Event Notifications

You can optionally configure S3 event notifications to trigger when log entries are created. This supports Lambda functions, SNS topics, and SQS queues.

All notification destinations can be configured using the onLogEntryCreated property. Destinations can be in the same stack or different stacks - the Construct pattern handles this cleanly.

TypeScript - Lambda Trigger

import * as cdk from "aws-cdk-lib";
import * as lambda from "aws-cdk-lib/aws-lambda";
import * as s3n from "aws-cdk-lib/aws-s3-notifications";
import { ImmuKV } from "cdk-immukv";

const app = new cdk.App();
const stack = new cdk.Stack(app, "MyStack");

// Create a Lambda function
const processorFn = new lambda.Function(stack, "LogProcessor", {
  runtime: lambda.Runtime.PYTHON_3_11,
  handler: "index.handler",
  code: lambda.Code.fromAsset("lambda"),
});

// Configure ImmuKV to trigger the Lambda on log entry creation
new ImmuKV(stack, "ImmuKV", {
  bucketName: "my-immukv-bucket",
  onLogEntryCreated: new s3n.LambdaDestination(processorFn),
});

TypeScript - SNS Topic

import * as cdk from "aws-cdk-lib";
import * as sns from "aws-cdk-lib/aws-sns";
import * as s3n from "aws-cdk-lib/aws-s3-notifications";
import { ImmuKV } from "cdk-immukv";

const app = new cdk.App();
const stack = new cdk.Stack(app, "MyStack");

// Create SNS topic
const topic = new sns.Topic(stack, "LogEntryTopic");

// Configure ImmuKV to publish to SNS on log entry creation
new ImmuKV(stack, "ImmuKV", {
  bucketName: "my-immukv-bucket",
  onLogEntryCreated: new s3n.SnsDestination(topic),
});

TypeScript - SQS Queue

import * as cdk from "aws-cdk-lib";
import * as sqs from "aws-cdk-lib/aws-sqs";
import * as s3n from "aws-cdk-lib/aws-s3-notifications";
import { ImmuKV } from "cdk-immukv";

const app = new cdk.App();
const stack = new cdk.Stack(app, "MyStack");

// Create SQS queue
const queue = new sqs.Queue(stack, "LogEntryQueue");

// Configure ImmuKV to send to SQS on log entry creation
new ImmuKV(stack, "ImmuKV", {
  bucketName: "my-immukv-bucket",
  onLogEntryCreated: new s3n.SqsDestination(queue),
});

Python - Lambda Trigger

import aws_cdk as cdk
from aws_cdk import aws_lambda as lambda_
from aws_cdk.aws_s3_notifications import LambdaDestination
from cdk_immukv import ImmuKV

app = cdk.App()
stack = cdk.Stack(app, "MyStack")

# Create Lambda function
processor_fn = lambda_.Function(stack, "LogProcessor",
    runtime=lambda_.Runtime.PYTHON_3_11,
    handler="index.handler",
    code=lambda_.Code.from_asset("lambda"),
)

# Configure ImmuKV with Lambda trigger
ImmuKV(stack, "ImmuKV",
    bucket_name="my-immukv-bucket",
    on_log_entry_created=LambdaDestination(processor_fn),
)

API

The ImmuKV construct accepts the following properties:

  • bucketName (optional): Name for the S3 bucket. If not specified, an auto-generated bucket name will be used.
  • s3Prefix (optional): Prefix for S3 keys
  • onLogEntryCreated (optional): S3 notification destination for log entry events
  • logVersionRetention (optional): Duration to retain old log versions
  • logVersionsToRetain (optional): Number of old log versions to retain
  • keyVersionRetention (optional): Duration to retain old key object versions
  • keyVersionsToRetain (optional): Number of old key versions to retain per key
  • useKmsEncryption (optional): Enable KMS encryption instead of S3-managed encryption (default: false)
  • oidcProviders (optional): Array of OIDC identity providers for web identity federation. Each provider has an issuerUrl (e.g., 'https://accounts.google.com') and clientIds (audiences to trust). When specified, creates IAM OIDC providers and a federated IAM role.
  • oidcReadOnly (optional): Whether federated users get read-only access instead of read-write (default: false)

ImmuKV Class

The ImmuKV construct exposes the following public properties:

  • bucket: The S3 bucket used for ImmuKV storage
  • readWritePolicy: IAM managed policy for read/write access
  • readOnlyPolicy: IAM managed policy for read-only access
  • federatedRole (optional): The IAM role for OIDC-federated users, created when oidcProviders is specified

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for sd-yip from gravatar.com sd-yip

Unverified details

These details have not been verified by PyPI
Meta
  • License: OSI Approved (MIT)
  • Author: ImmuKV Contributors
  • Requires: Python ~=3.9
Classifiers

Release history Release notifications | RSS feed

0.1.30

0.1.29

0.1.28

0.1.27

0.1.26

0.1.25

0.1.24

0.1.23

This version

0.1.22

0.1.21

0.1.20

0.1.19

0.1.18

0.1.17

0.1.16

0.1.15

0.1.14

0.1.13

0.1.12

0.1.11

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cdk_immukv-0.1.22.tar.gz (37.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cdk_immukv-0.1.22-py3-none-any.whl (36.1 kB view details)

Uploaded Python 3

File details

Details for the file cdk_immukv-0.1.22.tar.gz.

File metadata

  • Download URL: cdk_immukv-0.1.22.tar.gz
  • Upload date:
  • Size: 37.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for cdk_immukv-0.1.22.tar.gz
Algorithm Hash digest
SHA256 21da3d5c7ca8ed2a9f548ec215fef87fb7be2d0970d0881ec7c3787189850ce1
MD5 dab70bc53aa414dc223c678da46f6b9c
BLAKE2b-256 02461e075eb4b90a085b00a3c87611ebea34e50c29924f6c97fe87c154872d42

See more details on using hashes here.

Provenance

The following attestation bundles were made for cdk_immukv-0.1.22.tar.gz:

Publisher: build.yml on Portfoligno/immukv

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file cdk_immukv-0.1.22-py3-none-any.whl.

File metadata

  • Download URL: cdk_immukv-0.1.22-py3-none-any.whl
  • Upload date:
  • Size: 36.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for cdk_immukv-0.1.22-py3-none-any.whl
Algorithm Hash digest
SHA256 bf66c9eb646c0709767dba2d738e0e47382d2ff7c6d4be1844ec06efa0cf7a84
MD5 f959c72a9c7069e9606a55235e3f0877
BLAKE2b-256 8df3d29e5790d9066a4621c768b650e5a79bf1eb14c0dd56007c3f9c536637e2

See more details on using hashes here.

Provenance

The following attestation bundles were made for cdk_immukv-0.1.22-py3-none-any.whl:

Publisher: build.yml on Portfoligno/immukv

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page