Database Resource Discovery and Automatic Connection Creation.
Create IAM Policy
HoopAWSConnect
must be created in your AWS account.
It will grant the necessary permissions to the IAM user or role that will be used for the integration.JSON
and paste the policy below
HoopAWSConnect
Create IAM User
hoop-aws-connect
HoopAWSConnect
created in first stepHoop AWS Connect
Invite AWS Account
Accept the Invitation
Create IAM Policy
HoopAWSConnect
must be created in your AWS account.JSON
and paste the policy below
HoopAWSConnect
Create IAM Role
HoopAWSConnect
created in the previous stepHoopOrganizationAccountAccessRole
HoopOrganizationAccountAccessRole
because the name is hard-coded in the integration.
In future releases, we may allow users to provide a custom role name.INTEGRATION_AWS_INSTANCE_ROLE_ALLOW=true
HoopAWSConnect
.
See the step above to create the IAM role.
hoop-aws-connect-sg-<db-instance-identifier>
hoop.dev/gateway=<api-hostname>
<connection-name-prefix>-ro
<connection-name-prefix>-rw
<connection-name-prefix>-ddl
ENGINE | READ ONLY | READ WRITE | DDL |
---|---|---|---|
Postgres | SELECT | SELECT, INSERT, UPDATE, DELETE | SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER |
MySQL | SELECT | SELECT, INSERT, UPDATE, DELETE | SELECT, INSERT, UPDATE, DELETE, ALTER, CREATE, DROP |
SQL Server | db_datareader | db_datareader, db_datawriter | db_datareader, db_datawriter, db_ddladmin |
GET /api/dbroles/:id
.
In the final step of the job it’s possible to send Webhooks to an external system for integration purporses.
The Webhook provider must be configured to send the message properly. The payload is the same structure of the endpoint GET /api/dbroles/:id
.
event_payload
attribute.hoop-hooks/aws-connect-post-exec.runbook.py
must exist in your git repository to trigger the hookhoop-hooks/aws-connect-post-exec.runbook.py
Request Object
HOOP_AWS_CONNECT_REQUEST
Response Object
HOOP_AWS_CONNECT_REQUEST