NRL-1187 update glue script to format data, update infrastructure for athena

Author: jackleary

terraform/account-wide-infrastructure/modules/athena/athena.tf

@@ -1,15 +1,15 @@
-resource "aws_athena_database" "reporting-db" {
-  name = var.database
+# resource "aws_athena_database" "reporting-db" {
+#   name = var.database
 
-  bucket = var.target_bucket_name
+#   bucket = var.target_bucket_name
 
-  encryption_configuration {
-    encryption_option = "SSE_KMS"
-    kms_key           = aws_kms_key.athena.arn
-  }
+#   encryption_configuration {
+#     encryption_option = "SSE_KMS"
+#     kms_key           = aws_kms_key.athena.arn
+#   }
 
-  force_destroy = true
-}
+#   force_destroy = true
+# }
 
 resource "aws_athena_workgroup" "athena" {
   name = "${var.name_prefix}-athena-wg"

terraform/account-wide-infrastructure/modules/athena/outputs.tf

@@ -6,6 +6,6 @@ output "bucket" {
   value = aws_s3_bucket.athena
 }
 
-output "database" {
-  value = aws_athena_database.reporting-db
-}
+# output "database" {
+#   value = aws_athena_database.reporting-db
+# }

terraform/account-wide-infrastructure/modules/glue/glue.tf

@@ -1,16 +1,16 @@
 # Create Glue Data Catalog Database
-resource "aws_glue_catalog_database" "raw_log_database" {
-  name         = "${var.name_prefix}-raw_log"
-  location_uri = "${aws_s3_bucket.source-data-bucket.id}/"
+resource "aws_glue_catalog_database" "log_database" {
+  name         = "${var.name_prefix}-reporting"
+  location_uri = "${aws_s3_bucket.target-data-bucket.id}/logs/"
 }
 
 # Create Glue Crawler
-resource "aws_glue_crawler" "raw_log_crawler" {
-  name          = "${var.name_prefix}-raw-log-crawler"
-  database_name = aws_glue_catalog_database.raw_log_database.name
+resource "aws_glue_crawler" "log_crawler" {
+  name          = "${var.name_prefix}-log-crawler"
+  database_name = aws_glue_catalog_database.log_database.name
   role          = aws_iam_role.glue_service_role.name
   s3_target {
-    path = "${aws_s3_bucket.source-data-bucket.id}/"
+    path = "${aws_s3_bucket.target-data-bucket.id}/logs/"
   }
   schema_change_policy {
     delete_behavior = "LOG"
@@ -22,11 +22,11 @@ resource "aws_glue_crawler" "raw_log_crawler" {
     }
   })
 }
-resource "aws_glue_trigger" "raw_log_trigger" {
+resource "aws_glue_trigger" "log_trigger" {
   name = "${var.name_prefix}-org-report-trigger"
   type = "ON_DEMAND"
   actions {
-    crawler_name = aws_glue_crawler.raw_log_crawler.name
+    crawler_name = aws_glue_crawler.log_crawler.name
   }
 }
 
@@ -49,9 +49,9 @@ resource "aws_glue_job" "glue_job" {
     "--enable-auto-scaling"             = "true"
     "--enable-continous-cloudwatch-log" = "true"
     "--datalake-formats"                = "delta"
-    "--source-path"                     = "s3://${aws_s3_bucket.source-data-bucket.id}/" # Specify the source S3 path
-    "--destination-path"                = "s3://${aws_s3_bucket.target-data-bucket.id}/" # Specify the destination S3 path
-    "--job-name"                        = "poc-glue-job"
+    "--source_path"                     = "s3://${aws_s3_bucket.target-data-bucket.id}/"     # Specify the source S3 path
+    "--target_path"                     = "s3://${aws_s3_bucket.target-data-bucket.id}/logs" # Specify the destination S3 path
+    "--job_name"                        = "poc-glue-job"
     "--enable-continuous-log-filter"    = "true"
     "--enable-metrics"                  = "true"
     "--extra-py-files"                  = "s3://${aws_s3_bucket.code-bucket.id}/src.zip"

terraform/account-wide-infrastructure/modules/glue/iam.tf

@@ -15,7 +15,57 @@ resource "aws_iam_role" "glue_service_role" {
   })
 }
 
+data "aws_iam_policy_document" "glue_service" {
+  statement {
+    actions = [
+      "s3:AbortMultipartUpload",
+      "s3:GetBucketLocation",
+      "s3:GetObject",
+      "s3:ListBucket",
+      "s3:ListBucketMultipartUploads",
+      "s3:PutObject",
+      "s3:DeleteObject",
+    ]
+
+    resources = compact([
+      aws_s3_bucket.source-data-bucket.arn,
+      "${aws_s3_bucket.source-data-bucket.arn}/*",
+      aws_s3_bucket.target-data-bucket.arn,
+      "${aws_s3_bucket.target-data-bucket.arn}/*",
+      aws_s3_bucket.code-bucket.arn,
+      "${aws_s3_bucket.code-bucket.arn}/*",
+    ])
+    effect = "Allow"
+  }
+
+  statement {
+    actions = [
+      "kms:DescribeKey",
+      "kms:GenerateDataKey*",
+      "kms:Encrypt",
+      "kms:ReEncrypt*",
+      "kms:Decrypt",
+    ]
+
+    resources = [
+      aws_kms_key.glue.arn,
+    ]
+
+    effect = "Allow"
+  }
+}
+
+resource "aws_iam_policy" "glue_service" {
+  name   = "${var.name_prefix}-glue"
+  policy = data.aws_iam_policy_document.glue_service.json
+}
+
 resource "aws_iam_role_policy_attachment" "glue_service" {
-  role       = aws_iam_role.glue_service_role.id
-  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
+  role       = aws_iam_role.glue_service_role.name
+  policy_arn = aws_iam_policy.glue_service.arn
 }
+
+# resource "aws_iam_role_policy_attachment" "glue_service" {
+#   role       = aws_iam_role.glue_service_role.id
+#   policy_arn = "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
+# }

terraform/account-wide-infrastructure/modules/glue/s3.tf

@@ -174,6 +174,7 @@ data "archive_file" "python" {
 
 resource "aws_s3_object" "zip" {
   bucket = aws_s3_bucket.code-bucket.bucket
-  key    = "main.py"
-  source = "${path.module}/files/src.zip"
+  key    = "src.zip"
+  source = data.archive_file.python.output_path
+  etag   = filemd5(data.archive_file.python.output_path)
 }

terraform/account-wide-infrastructure/modules/glue/src/main.py

@@ -1,25 +1,24 @@
 import sys
 
 from awsglue.utils import getResolvedOptions
+from pipeline import LogPipeline
 from pyspark.context import SparkContext
-from src.pipeline import LogPipeline
-from src.transformations import placeholder
+from transformations import logSchema, placeholder
 
 # Get arguments from AWS Glue job
-args = getResolvedOptions(
-    sys.argv, ["JOB_NAME", "SOURCE_PATH", "TARGET_PATH", "PARTITION_COLS"]
-)
+args = getResolvedOptions(sys.argv, ["job_name", "source_path", "target_path"])
 
 # Start Glue context
 sc = SparkContext()
 
-partition_cols = args["PARTITION_COLS"].split(",") if "PARTITION_COLS" in args else []
+partition_cols = args["partition_cols"].split(",") if "partition_cols" in args else []
 
 # Initialize ETL process
 etl_job = LogPipeline(
     spark_context=sc,
-    source_path=args["SOURCE_PATH"],
-    target_path=args["TARGET_PATH"],
+    source_path=args["source_path"],
+    target_path=args["target_path"],
+    schema=logSchema,
     partition_cols=partition_cols,
     transformations=[placeholder],
 )

terraform/account-wide-infrastructure/modules/glue/src/pipeline.py

@@ -1,4 +1,4 @@
-from src.instances import GlueContextSingleton, LoggerSingleton
+from instances import GlueContextSingleton, LoggerSingleton
 
 
 class LogPipeline:
@@ -7,7 +7,8 @@ def __init__(
         spark_context,
         source_path,
         target_path,
-        partition_cols=None,
+        schema,
+        partition_cols=[],
         transformations=[],
     ):
         """Initialize Glue context, Spark session, logger, and paths"""
@@ -16,6 +17,7 @@ def __init__(
         self.logger = LoggerSingleton().logger
         self.source_path = source_path
         self.target_path = target_path
+        self.schema = schema
         self.partition_cols = partition_cols
         self.transformations = transformations
 
@@ -36,7 +38,7 @@ def run(self):
     def extract(self):
         """Extract JSON data from S3"""
         self.logger.info(f"Extracting data from {self.source_path} as JSON")
-        return self.spark.read.json(self.source_path)
+        return self.spark.read.schema(self.schema).json(self.source_path)
 
     def transform(self, dataframe):
         """Apply a list of transformations on the dataframe"""

terraform/account-wide-infrastructure/modules/glue/src/transformations.py

@@ -1 +1,62 @@
-def placeholder(): ...
+from pyspark.sql.types import (
+    BooleanType,
+    StringType,
+    StructField,
+    StructType,
+    TimestampType,
+)
+
+logSchema = StructType(
+    [
+        StructField("time", TimestampType(), True),
+        StructField("index", StringType(), True),
+        StructField("host", StringType(), True),
+        StructField("source", StringType(), True),
+        StructField(
+            "event",
+            StructType(
+                [
+                    StructField("level", StringType(), True),
+                    StructField("location", StringType(), True),
+                    StructField("message", StringType(), True),
+                    StructField("timestamp", TimestampType(), True),
+                    StructField("service", StringType(), True),
+                    StructField("cold_start", BooleanType(), True),
+                    StructField("function_name", StringType(), True),
+                    StructField("function_memory_size", StringType(), True),
+                    StructField("function_arn", StringType(), True),
+                    StructField("function_request_id", StringType(), True),
+                    StructField("correlation_id", StringType(), True),
+                    StructField("method", StringType(), True),
+                    StructField("path", StringType(), True),
+                    StructField(
+                        "headers",
+                        StructType(
+                            [
+                                StructField("accept", StringType(), True),
+                                StructField("accept-encoding", StringType(), True),
+                                StructField("Authorization", StringType(), True),
+                                StructField("Host", StringType(), True),
+                                StructField(
+                                    "NHSD-Connection-Metadata", StringType(), True
+                                ),
+                                StructField("NHSD-Correlation-Id", StringType(), True),
+                                StructField("User-Agent", StringType(), True),
+                                StructField("X-Forwarded-For", StringType(), True),
+                                StructField("X-Request-Id", StringType(), True),
+                            ]
+                        ),
+                        True,
+                    ),
+                    StructField("log_reference", StringType(), True),
+                    StructField("xray_trace_id", StringType(), True),
+                ]
+            ),
+            True,
+        ),
+    ]
+)
+
+
+def placeholder(df):
+    return df