The following table shows the full list of possible inputs. There's a brief description of the usage of the input and if the input is a requirement.
| Inputs | Description | Required? |
|---|---|---|
| ApplicationName | Name of the Application running the Maskopy process. | Yes |
| CostCenter | Cost center of the AGS running the Maskopy process. | Yes |
| RdsSnapshotIdentifier | Snapshot ID of the snapshot that will be used. | Yes, unless RDSInstanceIdentifier is provided |
| RdsFinalSnapshotIdentifier | Final Obfuscated snapshot name. It should start with lower case AGS. If not provided, will take default value. Constraints: Must contain from 1 to 255 letters, numbers, or hyphensCan't include underscores and can't end with a hyphen or contain two consecutive hyphens |
No. The default value will be client_ags-db_name-timestamp. |
| RdsInstanceType | DB Instance class. | No |
| DestinationEnv | Destination environment in lowercase. | Yes |
| ObfuscateRunMode | The aws resource where application provided obfuscation scripts run. Currently supported values: fargate, none Default: fargate |
Yes |
| ObfuscationScriptPath | S3 location of bootstrap script and application provided obfuscation script. Format: Bucket-Name/Folder |
Yes, unless ObfuscationRunMode is set to "none" and DestinationEnv is set to "dev" |
| RdsOptionGroup | Name of an existing Options group in destination environment to be used for the final snapshot. | Not needed in Postgres scenario. Required for Oracle. |
| RdsParameterGroup | Name of an existing DB Parameter group in destination environment to be used for the final snapshot. | No |
| BuildTimestamp | Build timestamp to identify the step function. If running manually, make sure this value is unique. | Yes |
| PresignedUrl | URL generated by caller to authorize caller. If running manually, you can generate the presigned URL in python:URL=$(python -c "import boto3; print boto3.client('sts').generate_presigned_url('get_caller_identity')") |
Yes |
| DbName | Name of database to connect to in order to obfuscate | Yes |
| SqlScriptList | List of SQL files to be executed in task. | Yes |
| RdsInstanceIdentifier | Name of a database to find snapshots from for Maskopy execution. RdsSnapshotIdentifier takes precendence. Supports both RDS PostgresQL and Aurora PostgresQL. | No |
| TaskDefinitionCPU | CPU units to be used in fargate task. Default: 1024, valid values: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html#fargate-tasks-size |
No |
| TaskDefinitionMemory | Amount of memory used in fargate task. Default: 2048, valid values: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html#fargate-tasks-size |
No |
| CustomTaskImage | Image to be used by task. | No |
The following table shows the full list of possible outputs. There's a brief description of each output.
| Outputs | Description |
|---|---|
| Engine | Type of Engine and version |
| CheckInputs | Name of first snapshot to use |
| CreatedSnapshots | List of created snapshots |
| CreatedSnapshots[].SnapshotName | Name of created snapshot copy in source environment |
| CreatedSnapshots[].SnapshotARN | ARN of created snapshot copy in source environment |
| CreatedSnapshots[].InstanceIdentifier | Name of original RDS of snapshot |
| CreatedSnapshots[].Tags | List of tags added to created snapshot |
| CreatedSnapshots[].RdsParameterGroup | RDS Parameter Group to be used in RDS instance |
| SnapshotsAvailable | Boolean used to check the availability state of created snapshot |
| SharedSnapshots | Boolean used to check if created snapshot was shared to target environment |
| CreatedDestinationSnapshots[].SnapshotName | Name of created snapshot copy in target environment |
| CreatedDestinationSnapshots[].SnapshotARN | ARN of created snapshot copy in target environment |
| CreatedDestinationSnapshots[].InstanceIdentifier | Name of original RDS of snapshot |
| CreatedDestinationSnapshots[].Tags | List of tags added to created snapshot |
| DestinationSnapshotsAvailable | Boolean used to check the availability state of created target snapshot |
| DestinationRestoredDatabases | Name of temporary RDS instance in target environment |
| DestinationRestoredDatabasesComplete | Boolean used to check the availability state of created snapshot |
| fargate | Object that contains name of fargate cluster and task definition |
| ECSRunTask | Output of completed task |
| CreatedFinalSnapshots | List of created final snapshots in source environment |
| FinalSnapshotAvailable | Boolean used to check the availability state of created final snapshot |
| CleanupAndTagging | Object that contains cleanup step status and message to be sent by SQS |
| Publish | Output of completed SQS task |
The following tables shows the full list of possible exceptions thrown by MasKopy.
| Exceptions | Description |
|---|---|
| MaskopyAccessException | Exception raised when IAM role or user is not able to access the resource due to authorization error. |
| MaskopyDBInstanceStatusException | Exception raised when RDS is not in an available state. |
| MaskopyHTTPException | Exception raised when HTTP request returns a 4xx or 5xx error. |
| MaskopyResourceException | Exception raised when IAM role or user is not able to access the resource. |
| MaskopyResourceNotFoundException | Exception raised when IAM role or user is not able to access the resource since the resource does not exist. |
| MaskopyTimeoutException | Exception raised when HTTP request times out. |
| MaskopyThrottlingException | Exception raised when AWS request returns a Throttling exception. |
{
"Engine": {
"Type": "string",
"Version": "string"
},
"CheckInputs": {
"firstSnapshotIdentifier": "string"
},
"CreatedSnapshots": [
{
"SnapshotName": "string",
"SnapshotARN": "string",
"InstanceIdentifier": "string",
"Tags": [
{
"Key": "ApplicationName",
"Value": "MASKOPY"
},
{
"Key": "Cost Center",
"Value": "string"
}
],
"RdsParameterGroup": "string"
}
],
"SnapshotsAvailable": true|false,
"SharedSnapshots": true|false,
"CreatedDestinationSnapshots": [
{
"SnapshotName": "string",
"InstanceIdentifier": "string",
"SnapshotARN": "string",
"SnapshotTags": [
{
"Key": "ApplicationName",
"Value": "MASKOPY"
},
{
"Key": "Cost Center",
"Value": "string"
}
]
}
],
"DestinationSnapshotsAvailable": true|false,
"DestinationRestoredDatabases": [
"string"
],
"DestinationRestoredDatabasesComplete": true|false,
"fargate": {
"ClusterName": "MASKOPY-FARGATE-CLUSTER",
"TaskDefinition": "string"
},
"ECSRunTask": {
"Attachments": [
{
"Details": [
{
"Name": "subnetId",
"Value": "string"
},
{
"Name": "networkInterfaceId",
"Value": "string"
},
{
"Name": "macAddress",
"Value": "string"
},
{
"Name": "privateIPv4Address",
"Value": "string"
}
],
"Id": "string",
"Status": "string",
"Type": "eni"
}
],
"ClusterArn": "string",
"Connectivity": "string",
"ConnectivityAt": 123,
"Containers": [
{
"ContainerArn": "string",
"Cpu": "string",
"ExitCode": 123,
"GpuIds": [],
"Image": "string",
"ImageDigest": "string",
"LastStatus": "string",
"Memory": "string",
"Name": "string",
"NetworkBindings": [],
"NetworkInterfaces": [
{
"AttachmentId": "string",
"PrivateIpv4Address": "string"
}
],
"RuntimeId": "string",
"TaskArn": "string"
}
],
"Cpu": "string",
"CreatedAt": 123,
"DesiredStatus": "string",
"ExecutionStoppedAt": 123,
"Group": "string",
"InferenceAccelerators": [],
"LastStatus": "string",
"LaunchType": "FARGATE",
"Memory": "string",
"Overrides": {
"ContainerOverrides": [
{
"Command": [],
"Environment": [],
"Name": "string",
"ResourceRequirements": []
}
],
"InferenceAcceleratorOverrides": []
},
"PlatformVersion": "string",
"PullStartedAt": 123,
"PullStoppedAt": 123,
"StartedAt": 123,
"StartedBy": "string",
"StopCode": "string",
"StoppedAt": 123,
"StoppedReason": "string",
"StoppingAt": 123,
"Tags": [],
"TaskArn": "string",
"TaskDefinitionArn": "string",
"Version": 123
},
"CreatedFinalSnapshots": [
{
"SnapshotName": "string"
}
],
"FinalSnapshotAvailable": true|false,
"CleanupAndTagging": [
{
"Success": true|false
},
{
"Message": "string"
}
],
"Publish": {
"MD5OfMessageBody": "string",
"MessageId": "string",
"SdkHttpMetadata": {
"HttpHeaders": {
"Content-Length": "string",
"Content-Type": "string",
"Date": datetime(2019, 1, 1),
"x-amzn-RequestId": "string"
},
"HttpStatusCode": 123
},
"SdkResponseMetadata": {
"RequestId": "string"
}
}
}