From 73d98c455ddc3cbaa3f02ae62c843acf353adf85 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Mon, 4 Sep 2023 12:18:49 +0100 Subject: [PATCH 01/14] infra for data product metadata creation endpoint and lambda --- terraform/environments/data-platform/api.tf | 37 +++++++++++++++- .../application_variables.auto.tfvars.json | 6 +++ terraform/environments/data-platform/iam.tf | 42 +++++++++++++++++++ .../environments/data-platform/lambda.tf | 36 +++++++++++++++- .../environments/data-platform/locals.tf | 1 + .../environments/data-platform/variables.tf | 6 ++- 6 files changed, 125 insertions(+), 3 deletions(-) diff --git a/terraform/environments/data-platform/api.tf b/terraform/environments/data-platform/api.tf index 490b5956cda..c028a7172b3 100644 --- a/terraform/environments/data-platform/api.tf +++ b/terraform/environments/data-platform/api.tf @@ -186,4 +186,39 @@ resource "aws_api_gateway_integration" "get_glue_metadata" { "integration.request.querystring.database" = "method.request.querystring.database", "integration.request.querystring.table" = "method.request.querystring.table" } -} \ No newline at end of file +} + + +# create data product metadata API endpoint + +resource "aws_api_gateway_resource" "create_data_product_metadata" { + parent_id = aws_api_gateway_rest_api.data_platform.root_resource_id + path_part = "register_data_product" + rest_api_id = aws_api_gateway_rest_api.data_platform.id +} + +resource "aws_api_gateway_method" "create_data_product_metadata_put" { + authorization = "CUSTOM" + authorizer_id = aws_api_gateway_authorizer.authorizer.id + http_method = "POST" + resource_id = aws_api_gateway_resource.create_data_product_metadata.id + rest_api_id = aws_api_gateway_rest_api.data_platform.id + + request_parameters = { + "method.request.header.Authorization" = true + "method.request.querystring.metadata" = true, + } +} + +resource "aws_api_gateway_integration" "create_data_product_metadata_to_lambda" { + http_method = aws_api_gateway_method.create_data_product_metadata_put.http_method + resource_id = aws_api_gateway_resource.create_data_product_metadata.id + rest_api_id = aws_api_gateway_rest_api.data_platform.id + integration_http_method = "POST" + type = "AWS_PROXY" + uri = module.data_product_create_metadata_lambda.lambda_function_invoke_arn + + request_parameters = { + "integration.request.querystring.metadata" = "method.request.querystring.metadata" + } +} diff --git a/terraform/environments/data-platform/application_variables.auto.tfvars.json b/terraform/environments/data-platform/application_variables.auto.tfvars.json index 5a89fc3cea3..3375c03e1b0 100644 --- a/terraform/environments/data-platform/application_variables.auto.tfvars.json +++ b/terraform/environments/data-platform/application_variables.auto.tfvars.json @@ -28,5 +28,11 @@ "test": "1.1.1", "preproduction": "1.1.1", "production": "1.1.1" + }, + "create_metadata_versions": { + "development": "1.0.0", + "test": "1.0.0", + "preproduction": "1.0.0", + "production": "1.0.0" } } diff --git a/terraform/environments/data-platform/iam.tf b/terraform/environments/data-platform/iam.tf index 1e32fa990da..9d981dab040 100644 --- a/terraform/environments/data-platform/iam.tf +++ b/terraform/environments/data-platform/iam.tf @@ -227,3 +227,45 @@ data "aws_iam_policy_document" "data_platform_product_bucket_policy_document" { } } + +# api gateway create data product metdata permissions +data "aws_iam_policy_document" "iam_policy_document_for_create_metadata_lambda" { + statement { + sid = "GetPutDataObject" + effect = "Allow" + actions = ["s3:GetObject", "s3:PutObject"] + resources = [ + "${module.s3-bucket.bucket.arn}/metadata/*", + "${module.s3-bucket.bucket.arn}data_product_metadata_spec/*" + ] + } + + statement { + sid = "ListBucket" + effect = "Allow" + actions = ["s3:ListBucket"] + resources = [module.s3-bucket.bucket.arn, "${module.s3-bucket.bucket.arn}/*"] + } + + statement { + sid = "AllowLambdaToCreateLogGroup" + effect = "Allow" + actions = [ + "logs:CreateLogGroup" + ] + resources = [ + format("arn:aws:logs:eu-west-2:%s:*", data.aws_caller_identity.current.account_id) + ] + } + statement { + sid = "AllowLambdaToWriteLogsToGroup" + effect = "Allow" + actions = [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ] + resources = [ + format("arn:aws:logs:eu-west-2:%s:*", data.aws_caller_identity.current.account_id) + ] + } +} diff --git a/terraform/environments/data-platform/lambda.tf b/terraform/environments/data-platform/lambda.tf index ee7acac841b..02a3cecb3d3 100644 --- a/terraform/environments/data-platform/lambda.tf +++ b/terraform/environments/data-platform/lambda.tf @@ -129,7 +129,7 @@ module "data_product_athena_load_lambda" { policy_json = data.aws_iam_policy_document.athena_load_lambda_function_policy.json function_name = "data_product_athena_load_${local.environment}" create_role = true - reserved_concurrent_executions = 1 + reserved_concurrent_executions = 100 image_uri = "374269020027.dkr.ecr.eu-west-2.amazonaws.com/data-platform-athena-load-lambda-ecr-repo:${local.athena_load_version}" timeout = 600 @@ -151,3 +151,37 @@ module "data_product_athena_load_lambda" { } } + + +module "data_product_create_metadata_lambda" { + source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function?ref=v2.0.1" + application_name = "data_product_create_metadata" + tags = local.tags + description = "Lambda to create the first version of a json metadata file for a data product" + role_name = "data_product_metadata_lambda_role_${local.environment}" + policy_json = data.aws_iam_policy_document.iam_policy_document_for_create_metadata_lambda.json + function_name = "data_product_create_metadata_${local.environment}" + create_role = true + reserved_concurrent_executions = 1 + + image_uri = "374269020027.dkr.ecr.eu-west-2.amazonaws.com/data-platform-create-metadata-lambda-ecr-repo:${local.create_metadata_version}" + timeout = 600 + tracing_mode = "Active" + memory_size = 128 + + environment_variables = { + ENVIRONMENT = local.environment + BUCKET_NAME = module.s3-bucket.bucket.id + } + + allowed_triggers = { + + AllowExecutionFromAPIGateway = { + action = "lambda:InvokeFunction" + function_name = "data_product_create_metadata_${local.environment}" + principal = "apigateway.amazonaws.com" + source_arn = "arn:aws:execute-api:${local.region}:${local.account_id}:${aws_api_gateway_rest_api.data_platform.id}/*/${aws_api_gateway_method.create_data_product_metadata_put.http_method}${aws_api_gateway_resource.create_data_product_metadata.path}" + } + } + +} diff --git a/terraform/environments/data-platform/locals.tf b/terraform/environments/data-platform/locals.tf index 592f3c878b4..a7b7ca9c824 100644 --- a/terraform/environments/data-platform/locals.tf +++ b/terraform/environments/data-platform/locals.tf @@ -29,4 +29,5 @@ locals { get_glue_metadata_version = lookup(var.get_glue_metadata_versions, local.environment) presigned_url_version = lookup(var.presigned_url_versions, local.environment) athena_load_version = lookup(var.athena_load_versions, local.environment) + create_metadata_version = lookup(var.create_metadata_versions, local.environment) } diff --git a/terraform/environments/data-platform/variables.tf b/terraform/environments/data-platform/variables.tf index 6ba7b75334a..b7ced537242 100644 --- a/terraform/environments/data-platform/variables.tf +++ b/terraform/environments/data-platform/variables.tf @@ -16,4 +16,8 @@ variable "presigned_url_versions" { variable "athena_load_versions" { type = map(any) -} \ No newline at end of file +} + +variable "create_metadata_versions" { + type = map(any) +} From ca7cfd73a5f90d2cf3a1838997106a82e3b9e3c1 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Mon, 4 Sep 2023 13:23:38 +0100 Subject: [PATCH 02/14] fmt --- terraform/environments/data-platform/api.tf | 6 +++--- terraform/environments/data-platform/iam.tf | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/terraform/environments/data-platform/api.tf b/terraform/environments/data-platform/api.tf index c028a7172b3..b286f72e27a 100644 --- a/terraform/environments/data-platform/api.tf +++ b/terraform/environments/data-platform/api.tf @@ -205,8 +205,8 @@ resource "aws_api_gateway_method" "create_data_product_metadata_put" { rest_api_id = aws_api_gateway_rest_api.data_platform.id request_parameters = { - "method.request.header.Authorization" = true - "method.request.querystring.metadata" = true, + "method.request.header.Authorization" = true + "method.request.querystring.metadata" = true, } } @@ -219,6 +219,6 @@ resource "aws_api_gateway_integration" "create_data_product_metadata_to_lambda" uri = module.data_product_create_metadata_lambda.lambda_function_invoke_arn request_parameters = { - "integration.request.querystring.metadata" = "method.request.querystring.metadata" + "integration.request.querystring.metadata" = "method.request.querystring.metadata" } } diff --git a/terraform/environments/data-platform/iam.tf b/terraform/environments/data-platform/iam.tf index 9d981dab040..a0c58668eb1 100644 --- a/terraform/environments/data-platform/iam.tf +++ b/terraform/environments/data-platform/iam.tf @@ -231,9 +231,9 @@ data "aws_iam_policy_document" "data_platform_product_bucket_policy_document" { # api gateway create data product metdata permissions data "aws_iam_policy_document" "iam_policy_document_for_create_metadata_lambda" { statement { - sid = "GetPutDataObject" - effect = "Allow" - actions = ["s3:GetObject", "s3:PutObject"] + sid = "GetPutDataObject" + effect = "Allow" + actions = ["s3:GetObject", "s3:PutObject"] resources = [ "${module.s3-bucket.bucket.arn}/metadata/*", "${module.s3-bucket.bucket.arn}data_product_metadata_spec/*" @@ -243,7 +243,7 @@ data "aws_iam_policy_document" "iam_policy_document_for_create_metadata_lambda" statement { sid = "ListBucket" effect = "Allow" - actions = ["s3:ListBucket"] + actions = ["s3:ListBucket"] resources = [module.s3-bucket.bucket.arn, "${module.s3-bucket.bucket.arn}/*"] } From e4220bb9aa08d8282b1652ec44b94424965c190c Mon Sep 17 00:00:00 2001 From: LavMatt Date: Tue, 5 Sep 2023 08:11:44 +0100 Subject: [PATCH 03/14] add json schema file for data product metadata --- .../moj_data_product_metadata_spec.json | 102 ++++++++++++++++++ terraform/environments/data-platform/s3.tf | 10 +- 2 files changed, 111 insertions(+), 1 deletion(-) create mode 100644 terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json diff --git a/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json b/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json new file mode 100644 index 00000000000..5f1ae77374f --- /dev/null +++ b/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json @@ -0,0 +1,102 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema", + "type": "object", + "title": "Data Product Metadata", + "description": "Specification for MoJ Data Platform Data Product metadata", + "required": [ + "name", + "description", + "domain", + "dataProductOwner", + "dataProductOwnerDisplayName", + "email", + "status", + "dpiaRequired" + ], + "properties": { + "name": { + "type": "string", + "description": "The name of the Data Product. Must contain only lowercase letters, numbers, and the underscore character.", + "pattern": "^[a-z0-9_]+$" + }, + "description": { + "type": "string", + "description": "Detailed description about what functional area this Data Product is representing, what purpose it has and business related information." + }, + "domain": { + "type": "string", + "description": "The identifier of the domain this Data Product belongs to. Should be one of HQ, HMPPS, OPG, LAA, HMCTS, CICA, or Platforms" + }, + "dataProductOwner": { + "type": "string", + "description": "Data Product owner, the unique identifier of the actual user that owns, manages, and receives notifications about the Data Product. To make it technology independent it is usually the email address of the owner.", + "examples": [ + "jane.doe@justice.gov.uk" + ] + }, + "dataProductOwnerDisplayName": { + "type": "string", + "description": "The human-readable version of dataProductOwner" + }, + "dataProductMaintainer": { + "type": "string", + "description": "Secondary party who is able to approve DPIA access requests, but who may or may not be legally responsible for the data" + }, + "dataProductMaintainerDisplayName": { + "type": "string", + "description": "The human-readable version of dataProductMaintainer" + }, + "email": { + "type": "string", + "description": "point of contact between consumers and maintainers of the Data Product. It could be the owner or a distribution list, but must be reliable and responsive." + }, + "status": { + "type": "string", + "description": "this is an enum representing the status of this version of the Data Product. Allowed values are: [draft|published|retired]. This is a metadata that communicates the overall status of the Data Product but is not reflected to the actual deployment status.", + "enum": ["draft", "published", "retired"] + }, + "dpiaRequired": { + "type": "boolean", + "description": "Bool for if a data privacy impact assessment (dpia) is required to access this data product" + }, + "dpiaLocation": { + "type": "string", + "description": "Data Privacy Impact Assessment (DPIA) file s3 location for this data product. Generated by data platform." + }, + "retentionPeriod": { + "type": "integer", + "description": "Retention period of the data in this data product in days." + }, + "tags": { + "type": "object", + "description": "Additional tags to add.", + "examples": [{"sandbox" : true}] + }, + "version": { + "type": "string", + "description": "Data product version of form [major].[minor]. Generated by data platform." + }, + "id": { + "type": "string", + "description": "Data product unique id. Generated by data platform.", + "examples": ["dp:civil-courts-data:v1.1"] + }, + "lastUpdated": { + "type": "string", + "description": "Last data upload date to this data product. Generated by data platform." + }, + "creationDate": { + "type": "string", + "description": "Creation date of the data product. Generated by data platform." + }, + "s3Location": { + "type": "string", + "description": "S3 path to data in this data product. Generated by data platform." + }, + "rowCount": { + "type": "object", + "description": "Total row count of all tables in the data product, as a heuristic. Generated by data platform." + } + }, + "additionalProperties": false +} \ No newline at end of file diff --git a/terraform/environments/data-platform/s3.tf b/terraform/environments/data-platform/s3.tf index bd6d85c8849..aa5fdf0ac9f 100644 --- a/terraform/environments/data-platform/s3.tf +++ b/terraform/environments/data-platform/s3.tf @@ -121,4 +121,12 @@ module "s3_athena_query_results_bucket" { #tfsec:ignore:aws-s3-enable-versioning resource "aws_s3_bucket_notification" "bucket_notification" { bucket = module.s3-bucket.bucket.id eventbridge = true -} \ No newline at end of file +} + +# load the json schema for data product metadata +resource "aws_s3_object" "object" { + bucket = module.s3-bucket.bucket.id + key = "data_product_metadata_spec/v1.0.0/moj_data_product_metadata_spec.json" + source = "data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json" + etag = filemd5("data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json") +} From 85135a5110dc4cdad8a8f64915346052ed25dd97 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Tue, 5 Sep 2023 08:14:47 +0100 Subject: [PATCH 04/14] include correct settings to upload file to bucket --- terraform/environments/data-platform/s3.tf | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/terraform/environments/data-platform/s3.tf b/terraform/environments/data-platform/s3.tf index aa5fdf0ac9f..a289f384fea 100644 --- a/terraform/environments/data-platform/s3.tf +++ b/terraform/environments/data-platform/s3.tf @@ -125,8 +125,10 @@ resource "aws_s3_bucket_notification" "bucket_notification" { # load the json schema for data product metadata resource "aws_s3_object" "object" { - bucket = module.s3-bucket.bucket.id - key = "data_product_metadata_spec/v1.0.0/moj_data_product_metadata_spec.json" - source = "data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json" - etag = filemd5("data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json") + bucket = module.s3-bucket.bucket.id + key = "data_product_metadata_spec/v1.0.0/moj_data_product_metadata_spec.json" + source = "data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json" + etag = filemd5("data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json") + acl = "bucket-owner-full-control" + server_side_encryption = "AES256" } From 089ea04a5bcfdd69abee9d7ae960bfddf6fa6767 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Wed, 6 Sep 2023 15:17:21 +0100 Subject: [PATCH 05/14] updated create_metadata version --- .../data-platform/application_variables.auto.tfvars.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/environments/data-platform/application_variables.auto.tfvars.json b/terraform/environments/data-platform/application_variables.auto.tfvars.json index 3375c03e1b0..fe0d992e573 100644 --- a/terraform/environments/data-platform/application_variables.auto.tfvars.json +++ b/terraform/environments/data-platform/application_variables.auto.tfvars.json @@ -30,9 +30,9 @@ "production": "1.1.1" }, "create_metadata_versions": { - "development": "1.0.0", - "test": "1.0.0", - "preproduction": "1.0.0", - "production": "1.0.0" + "development": "1.0.1", + "test": "1.0.1", + "preproduction": "1.0.1", + "production": "1.0.1" } } From ccb3dbdef948fa1a1afada8ba5eaa0f862991287 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Wed, 6 Sep 2023 15:35:07 +0100 Subject: [PATCH 06/14] add more required permissions for metadata lambda to policy --- terraform/environments/data-platform/iam.tf | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/terraform/environments/data-platform/iam.tf b/terraform/environments/data-platform/iam.tf index a0c58668eb1..3a25dbf951b 100644 --- a/terraform/environments/data-platform/iam.tf +++ b/terraform/environments/data-platform/iam.tf @@ -236,7 +236,16 @@ data "aws_iam_policy_document" "iam_policy_document_for_create_metadata_lambda" actions = ["s3:GetObject", "s3:PutObject"] resources = [ "${module.s3-bucket.bucket.arn}/metadata/*", - "${module.s3-bucket.bucket.arn}data_product_metadata_spec/*" + "${module.s3-bucket.bucket.arn}/data_product_metadata_spec/*" + ] + } + + statement { + sid = "PutDataObject" + effect = "Allow" + actions = ["s3:PutObject"] + resources = [ + "${module.s3-bucket.bucket.arn}/logs/*" ] } From f840cca060a9fecc3ac3569aee105373c0546d91 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Thu, 7 Sep 2023 08:58:25 +0100 Subject: [PATCH 07/14] updating triggers for deployment --- terraform/environments/data-platform/api.tf | 14 ++++++++++---- terraform/environments/data-platform/lambda.tf | 2 +- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/terraform/environments/data-platform/api.tf b/terraform/environments/data-platform/api.tf index b286f72e27a..3a9c65912d8 100644 --- a/terraform/environments/data-platform/api.tf +++ b/terraform/environments/data-platform/api.tf @@ -15,14 +15,20 @@ resource "aws_api_gateway_deployment" "deployment" { # resources will show a difference after the initial implementation. # It will stabilize to only change when resources change afterwards. redeployment = sha1(jsonencode([ - aws_api_gateway_resource.upload_data.id, + aws_api_gateway_resource.upload_data, aws_api_gateway_resource.get_glue_metadata, - aws_api_gateway_method.upload_data_get.id, + aws_api_gateway_resource.docs, + aws_api_gateway_resource.create_data_product_metadata, + aws_api_gateway_method.upload_data_get, + aws_api_gateway_method.docs, + aws_api_gateway_method.get_glue_metadata, + aws_api_gateway_method.create_data_product_metadata_post, aws_api_gateway_integration.docs_to_lambda, aws_api_gateway_integration.upload_data_to_lambda, aws_api_gateway_integration.proxy_to_lambda, aws_api_gateway_integration.docs_lambda_root, aws_api_gateway_integration.get_glue_metadata, + aws_api_gateway_integration.create_data_product_metadata_to_lambda ])) } @@ -197,7 +203,7 @@ resource "aws_api_gateway_resource" "create_data_product_metadata" { rest_api_id = aws_api_gateway_rest_api.data_platform.id } -resource "aws_api_gateway_method" "create_data_product_metadata_put" { +resource "aws_api_gateway_method" "create_data_product_metadata_post" { authorization = "CUSTOM" authorizer_id = aws_api_gateway_authorizer.authorizer.id http_method = "POST" @@ -211,7 +217,7 @@ resource "aws_api_gateway_method" "create_data_product_metadata_put" { } resource "aws_api_gateway_integration" "create_data_product_metadata_to_lambda" { - http_method = aws_api_gateway_method.create_data_product_metadata_put.http_method + http_method = aws_api_gateway_method.create_data_product_metadata_post.http_method resource_id = aws_api_gateway_resource.create_data_product_metadata.id rest_api_id = aws_api_gateway_rest_api.data_platform.id integration_http_method = "POST" diff --git a/terraform/environments/data-platform/lambda.tf b/terraform/environments/data-platform/lambda.tf index 02a3cecb3d3..d06f99e6fd1 100644 --- a/terraform/environments/data-platform/lambda.tf +++ b/terraform/environments/data-platform/lambda.tf @@ -180,7 +180,7 @@ module "data_product_create_metadata_lambda" { action = "lambda:InvokeFunction" function_name = "data_product_create_metadata_${local.environment}" principal = "apigateway.amazonaws.com" - source_arn = "arn:aws:execute-api:${local.region}:${local.account_id}:${aws_api_gateway_rest_api.data_platform.id}/*/${aws_api_gateway_method.create_data_product_metadata_put.http_method}${aws_api_gateway_resource.create_data_product_metadata.path}" + source_arn = "arn:aws:execute-api:${local.region}:${local.account_id}:${aws_api_gateway_rest_api.data_platform.id}/*/${aws_api_gateway_method.create_data_product_metadata_post.http_method}${aws_api_gateway_resource.create_data_product_metadata.path}" } } From 9a0b4646033832cfbbac4c69f87257b4d22972ee Mon Sep 17 00:00:00 2001 From: Matt <38562764+LavMatt@users.noreply.github.com> Date: Thu, 7 Sep 2023 10:37:03 +0100 Subject: [PATCH 08/14] Update application_variables.auto.tfvars.json --- .../data-platform/application_variables.auto.tfvars.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/environments/data-platform/application_variables.auto.tfvars.json b/terraform/environments/data-platform/application_variables.auto.tfvars.json index fe0d992e573..e3f1dadcd8e 100644 --- a/terraform/environments/data-platform/application_variables.auto.tfvars.json +++ b/terraform/environments/data-platform/application_variables.auto.tfvars.json @@ -30,9 +30,9 @@ "production": "1.1.1" }, "create_metadata_versions": { - "development": "1.0.1", - "test": "1.0.1", - "preproduction": "1.0.1", - "production": "1.0.1" + "development": "1.0.2", + "test": "1.0.2", + "preproduction": "1.0.2", + "production": "1.0.2" } } From c2de0fe2b5a084c99534a59d51a42e87adbc0dfa Mon Sep 17 00:00:00 2001 From: Matt <38562764+LavMatt@users.noreply.github.com> Date: Thu, 7 Sep 2023 12:44:53 +0100 Subject: [PATCH 09/14] upversion create_metadata --- .../data-platform/application_variables.auto.tfvars.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/environments/data-platform/application_variables.auto.tfvars.json b/terraform/environments/data-platform/application_variables.auto.tfvars.json index e3f1dadcd8e..dace07d90a3 100644 --- a/terraform/environments/data-platform/application_variables.auto.tfvars.json +++ b/terraform/environments/data-platform/application_variables.auto.tfvars.json @@ -30,9 +30,9 @@ "production": "1.1.1" }, "create_metadata_versions": { - "development": "1.0.2", - "test": "1.0.2", - "preproduction": "1.0.2", - "production": "1.0.2" + "development": "1.0.3", + "test": "1.0.3", + "preproduction": "1.0.3", + "production": "1.0.3" } } From 495b7688ade473cd3791c0db87dc134f12d2c5eb Mon Sep 17 00:00:00 2001 From: LavMatt Date: Thu, 7 Sep 2023 13:59:57 +0100 Subject: [PATCH 10/14] change request property of metadata --- terraform/environments/data-platform/api.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/data-platform/api.tf b/terraform/environments/data-platform/api.tf index 3a9c65912d8..3cb02d087d4 100644 --- a/terraform/environments/data-platform/api.tf +++ b/terraform/environments/data-platform/api.tf @@ -212,7 +212,7 @@ resource "aws_api_gateway_method" "create_data_product_metadata_post" { request_parameters = { "method.request.header.Authorization" = true - "method.request.querystring.metadata" = true, + "method.request.body.metadata" = true, } } @@ -225,6 +225,6 @@ resource "aws_api_gateway_integration" "create_data_product_metadata_to_lambda" uri = module.data_product_create_metadata_lambda.lambda_function_invoke_arn request_parameters = { - "integration.request.querystring.metadata" = "method.request.querystring.metadata" + "integration.request.body.metadata" = "method.request.body.metadata" } } From 540483887936446bc09713640afed47d9048994f Mon Sep 17 00:00:00 2001 From: LavMatt Date: Thu, 7 Sep 2023 14:12:36 +0100 Subject: [PATCH 11/14] revert back request property of metadata --- terraform/environments/data-platform/api.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/environments/data-platform/api.tf b/terraform/environments/data-platform/api.tf index 3cb02d087d4..3a9c65912d8 100644 --- a/terraform/environments/data-platform/api.tf +++ b/terraform/environments/data-platform/api.tf @@ -212,7 +212,7 @@ resource "aws_api_gateway_method" "create_data_product_metadata_post" { request_parameters = { "method.request.header.Authorization" = true - "method.request.body.metadata" = true, + "method.request.querystring.metadata" = true, } } @@ -225,6 +225,6 @@ resource "aws_api_gateway_integration" "create_data_product_metadata_to_lambda" uri = module.data_product_create_metadata_lambda.lambda_function_invoke_arn request_parameters = { - "integration.request.body.metadata" = "method.request.body.metadata" + "integration.request.querystring.metadata" = "method.request.querystring.metadata" } } From 275dcb5143dd407cb9a71bbfa16dc56b4d0da991 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Thu, 7 Sep 2023 15:38:55 +0100 Subject: [PATCH 12/14] changing schema to adhere to openapi for swagger --- .../moj_data_product_metadata_spec.json | 33 +++++++++++-------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json b/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json index 5f1ae77374f..7e57240af98 100644 --- a/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json +++ b/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json @@ -17,38 +17,43 @@ "name": { "type": "string", "description": "The name of the Data Product. Must contain only lowercase letters, numbers, and the underscore character.", - "pattern": "^[a-z0-9_]+$" + "pattern": "^[a-z0-9_]+$", + "example": "my_data_product" }, "description": { "type": "string", - "description": "Detailed description about what functional area this Data Product is representing, what purpose it has and business related information." + "description": "Detailed description about what functional area this Data Product is representing, what purpose it has and business related information.", + "example": "this data product hold lots of useful information I want to share with those who may have use for it." }, "domain": { "type": "string", - "description": "The identifier of the domain this Data Product belongs to. Should be one of HQ, HMPPS, OPG, LAA, HMCTS, CICA, or Platforms" + "description": "The identifier of the domain this Data Product belongs to. Should be one of HQ, HMPPS, OPG, LAA, HMCTS, CICA, or Platforms", + "example": "HMPPS" }, "dataProductOwner": { "type": "string", "description": "Data Product owner, the unique identifier of the actual user that owns, manages, and receives notifications about the Data Product. To make it technology independent it is usually the email address of the owner.", - "examples": [ - "jane.doe@justice.gov.uk" - ] + "example": "jane.doe@justice.gov.uk" }, "dataProductOwnerDisplayName": { "type": "string", - "description": "The human-readable version of dataProductOwner" + "description": "The human-readable version of dataProductOwner", + "example": "Jane Doe" }, "dataProductMaintainer": { "type": "string", - "description": "Secondary party who is able to approve DPIA access requests, but who may or may not be legally responsible for the data" + "description": "Secondary party who is able to approve DPIA access requests, but who may or may not be legally responsible for the data", + "example": "example.information.asset.owner@justice.gov.uk" }, "dataProductMaintainerDisplayName": { "type": "string", - "description": "The human-readable version of dataProductMaintainer" + "description": "The human-readable version of dataProductMaintainer", + "example": "Jonny Data" }, "email": { "type": "string", - "description": "point of contact between consumers and maintainers of the Data Product. It could be the owner or a distribution list, but must be reliable and responsive." + "description": "point of contact between consumers and maintainers of the Data Product. It could be the owner or a distribution list, but must be reliable and responsive.", + "example": "jane.doe@justice.gov.uk" }, "status": { "type": "string", @@ -57,7 +62,8 @@ }, "dpiaRequired": { "type": "boolean", - "description": "Bool for if a data privacy impact assessment (dpia) is required to access this data product" + "description": "Bool for if a data privacy impact assessment (dpia) is required to access this data product", + "example": true }, "dpiaLocation": { "type": "string", @@ -65,12 +71,13 @@ }, "retentionPeriod": { "type": "integer", - "description": "Retention period of the data in this data product in days." + "description": "Retention period of the data in this data product in days.", + "example": 3650 }, "tags": { "type": "object", "description": "Additional tags to add.", - "examples": [{"sandbox" : true}] + "example": {"sandbox" : true} }, "version": { "type": "string", From 5a064058288b44c3960fdbc360e44c3c5d4d71d0 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Thu, 7 Sep 2023 15:49:41 +0100 Subject: [PATCH 13/14] changing schema to adhere to openapi for swagger --- .../v1.0.0/moj_data_product_metadata_spec.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json b/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json index 7e57240af98..5a85f3e196c 100644 --- a/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json +++ b/terraform/environments/data-platform/data-product-metadata-json-schema/v1.0.0/moj_data_product_metadata_spec.json @@ -86,7 +86,7 @@ "id": { "type": "string", "description": "Data product unique id. Generated by data platform.", - "examples": ["dp:civil-courts-data:v1.1"] + "example": "dp:civil-courts-data:v1.1" }, "lastUpdated": { "type": "string", From e2d1a7f7a8f320879a90f7d8ee552e52c5ab75d2 Mon Sep 17 00:00:00 2001 From: LavMatt Date: Fri, 8 Sep 2023 08:15:38 +0100 Subject: [PATCH 14/14] correct indent --- terraform/environments/data-platform/iam.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/environments/data-platform/iam.tf b/terraform/environments/data-platform/iam.tf index 3a25dbf951b..a636b9ad312 100644 --- a/terraform/environments/data-platform/iam.tf +++ b/terraform/environments/data-platform/iam.tf @@ -240,7 +240,7 @@ data "aws_iam_policy_document" "iam_policy_document_for_create_metadata_lambda" ] } - statement { + statement { sid = "PutDataObject" effect = "Allow" actions = ["s3:PutObject"]