package com.amazonaws.athena.connector.integ.stacks;

import com.amazonaws.athena.connector.integ.data.ConnectorPackagingAttributes;
import com.amazonaws.athena.connector.integ.data.ConnectorStackAttributes;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.amazon.awscdk.core.CfnParameter;
import software.amazon.awscdk.core.Construct;
import software.amazon.awscdk.core.Duration;
import software.amazon.awscdk.core.Stack;
import software.amazon.awscdk.services.athena.CfnDataCatalog;
import software.amazon.awscdk.services.iam.Effect;
import software.amazon.awscdk.services.iam.PolicyDocument;
import software.amazon.awscdk.services.iam.PolicyStatement;
import software.amazon.awscdk.services.iam.Role;
import software.amazon.awscdk.services.iam.ServicePrincipal;
import software.amazon.awscdk.services.lambda.CfnParametersCodeProps;
import software.amazon.awscdk.services.lambda.Code;
import software.amazon.awscdk.services.lambda.Function;
import software.amazon.awscdk.services.lambda.Runtime;

/* loaded from: input_file:com/amazonaws/athena/connector/integ/stacks/ConnectorStack.class */
public class ConnectorStack extends Stack {
    private static final Logger logger = LoggerFactory.getLogger(ConnectorStack.class);
    private static final String LAMBDA_SPILL_BUCKET_TAG = "spill_bucket";
    private final String s3Bucket;
    private final String s3Key;
    private final String functionHandler;
    private final String functionName;
    private final Optional<PolicyDocument> connectorAccessPolicy;
    private final Map<String, String> environmentVariables;
    private final String spillBucket;

    /* loaded from: input_file:com/amazonaws/athena/connector/integ/stacks/ConnectorStack$Builder.class */
    public static class Builder {
        private Construct scope;
        private String id;
        private String functionName;
        private Optional<PolicyDocument> connectorAccessPolicy;
        private Map<String, String> environmentVariables;
        private ConnectorPackagingAttributes connectorPackagingAttributes;

        public Builder withAttributes(ConnectorStackAttributes connectorStackAttributes) {
            this.scope = connectorStackAttributes.getScope();
            this.id = connectorStackAttributes.getId();
            this.functionName = connectorStackAttributes.getLambdaFunctionName();
            this.connectorAccessPolicy = connectorStackAttributes.getConnectorAccessPolicy();
            this.environmentVariables = connectorStackAttributes.getEnvironmentVariables();
            this.connectorPackagingAttributes = connectorStackAttributes.getConnectorPackagingAttributes();
            return this;
        }

        public Stack build() {
            ConnectorStack connectorStack = new ConnectorStack(this);
            connectorStack.initialize();
            return connectorStack;
        }
    }

    public ConnectorStack(Builder builder) {
        super(builder.scope, builder.id);
        this.s3Bucket = builder.connectorPackagingAttributes.getS3Bucket();
        this.s3Key = builder.connectorPackagingAttributes.getS3Key();
        this.functionHandler = builder.connectorPackagingAttributes.getLambdaFunctionHandler();
        this.functionName = builder.functionName;
        this.connectorAccessPolicy = builder.connectorAccessPolicy;
        this.environmentVariables = builder.environmentVariables;
        this.spillBucket = this.environmentVariables.get(LAMBDA_SPILL_BUCKET_TAG);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initialize() {
        logger.info("Initializing stack: {}", getClass().getSimpleName());
        createAthenaDataCatalog(createLambdaFunction());
    }

    private Function createLambdaFunction() {
        return lambdaFunctionBuilder().build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Function.Builder lambdaFunctionBuilder() {
        return Function.Builder.create(this, "LambdaConnector").functionName(this.functionName).role(createIamRole()).code(Code.fromCfnParameters(CfnParametersCodeProps.builder().bucketNameParam(CfnParameter.Builder.create(this, "BucketName").defaultValue(this.s3Bucket).build()).objectKeyParam(CfnParameter.Builder.create(this, "BucketKey").defaultValue(this.s3Key).build()).build())).handler(this.functionHandler).runtime(new Runtime("java11")).memorySize(3008).timeout(Duration.seconds(900)).environment(this.environmentVariables);
    }

    private void createAthenaDataCatalog(Function function) {
        athenaDataCatalogBuilder(function.getFunctionArn()).build();
    }

    protected CfnDataCatalog.Builder athenaDataCatalogBuilder(String str) {
        return CfnDataCatalog.Builder.create(this, "AthenaDataCatalog").name(this.functionName).type("LAMBDA").parameters(ImmutableMap.of("function", str));
    }

    private Role createIamRole() {
        return iamRoleBuilder().build();
    }

    protected Role.Builder iamRoleBuilder() {
        HashMap hashMap = new HashMap();
        setAccessPolicies(hashMap);
        return Role.Builder.create(this, "ConnectorConfigRole").assumedBy(ServicePrincipal.Builder.create("lambda.amazonaws.com").build()).inlinePolicies(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setAccessPolicies(Map<String, PolicyDocument> map) {
        map.put("GlueAthenaS3AccessPolicy", getGlueAthenaS3AccessPolicy());
        map.put("S3SpillBucketAccessPolicy", getS3SpillBucketAccessPolicy());
        this.connectorAccessPolicy.ifPresent(policyDocument -> {
            map.put("ConnectorAccessPolicy", policyDocument);
        });
    }

    private PolicyDocument getGlueAthenaS3AccessPolicy() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("glue:GetTableVersions");
        arrayList.add("glue:GetPartitions");
        arrayList.add("glue:GetTables");
        arrayList.add("glue:GetTableVersion");
        arrayList.add("glue:GetDatabases");
        arrayList.add("glue:GetTable");
        arrayList.add("glue:GetPartition");
        arrayList.add("glue:GetDatabase");
        arrayList.add("athena:GetQueryExecution");
        arrayList.add("s3:ListAllMyBuckets");
        return PolicyDocument.Builder.create().statements(ImmutableList.of(PolicyStatement.Builder.create().actions(arrayList).resources(ImmutableList.of("*")).effect(Effect.ALLOW).build())).build();
    }

    private PolicyDocument getS3SpillBucketAccessPolicy() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("s3:GetObject");
        arrayList.add("s3:ListBucket");
        arrayList.add("s3:GetBucketLocation");
        arrayList.add("s3:GetObjectVersion");
        arrayList.add("s3:PutObject");
        arrayList.add("s3:PutObjectAcl");
        arrayList.add("s3:GetLifecycleConfiguration");
        arrayList.add("s3:PutLifecycleConfiguration");
        arrayList.add("s3:DeleteObject");
        return PolicyDocument.Builder.create().statements(ImmutableList.of(PolicyStatement.Builder.create().actions(arrayList).resources(ImmutableList.of(String.format("arn:aws:s3:::%s", this.spillBucket), String.format("arn:aws:s3:::%s/*", this.spillBucket))).effect(Effect.ALLOW).build())).build();
    }

    public static Stack buildWithAttributes(ConnectorStackAttributes connectorStackAttributes) {
        return builder().withAttributes(connectorStackAttributes).build();
    }

    public static Builder builder() {
        return new Builder();
    }
}
