-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathscript-v1.sql
282 lines (228 loc) · 8.72 KB
/
script-v1.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
---------------------------------- v 0.1 ----------------------------------
-- FEDERALS
-- Having or relating to a system of government in which several states form a unity but remain independent in internal affairs.
-- AEVO, ASSL, ASAP ...
drop table federals;
CREATE TABLE federals (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT UNIQUE,
full_name TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO federals(name, full_name) VALUES ('AVALOQ', 'Avaloq Group');
-- CLOUD_PROVIDERS
-- List of Cloud Providers
-- AWS, GCP, OCI, AZURE etc ...
drop table cloud_providers;
CREATE TABLE cloud_providers (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT UNIQUE,
full_name TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO cloud_providers(name, full_name) VALUES ('AWS', 'Amazon Web Services');
INSERT INTO cloud_providers(name, full_name) VALUES ('OCI', 'Oracle Cloud Infrastructure');
INSERT INTO cloud_providers(name, full_name) VALUES ('GCP', 'Google Cloud');
INSERT INTO cloud_providers(name, full_name) VALUES ('AZURE', 'Microsoft Azure');
-- CLOUD ESTATES
-- This are relation of the Federals at the heighest Level
-- Management Account to Accomodate Resident
-- Equivalent to AWS Organization/OCI Parent Tenency
-- Federals can have multiple Cloud Estates with Cloud Providers
-- Though it is understood, it may be single or couple of estates for each Federal entries
drop table cloud_estates;
CREATE TABLE cloud_estates (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT UNIQUE,
description TEXT,
federal TEXT REFERENCES federals(name) ON DELETE CASCADE,
cloud_provider TEXT REFERENCES cloud_providers(name) ON DELETE CASCADE,
federal_email_address TEXT,
-- CLOUD ESTATE ID IS THE TOP LEVEL ID EG ORGANIZATION ID IN WHICH CHILD ACCOUNTS/RESIDENTS ARE BREWED
cloud_estate_cid TEXT UNIQUE,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO cloud_estates(name, description, federal, cloud_provider, cloud_estate_cid) VALUES ('AVALOQ-AWS-ESTATE', 'AWS Cloud Estate for AVALOQ', 'AVALOQ', 'AWS', '-- ORG ID CREATED BY MANAGEMENT USER DURING INITIAL SIGIN IN--');
-- CLOUD ESTATE POLICY
-- THE POLICIES DECTATED BY FEDERAL LEVEL
-- NEED TO BE APPLIED TO ALL RESIDENTS/CHILD ACCOUNTS
-- EXAMPLE TAG POLICY
drop table cloud_estate_policies;
CREATE TABLE cloud_estate_policies (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT,
description TEXT,
cloud_estate TEXT REFERENCES cloud_estates(name) ON DELETE CASCADE,
policy_type TEXT,
-- ARN of the POLICY CREATED by the Management Account
policy_cid TEXT,
policy_json JSON,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO cloud_estate_policies(name, description, cloud_estate, policy_type, policy_cid, policy_json) VALUES ('AEVO-AWS-ESTATE-TAG', 'TAG POLICY FROM FEDERAL LEVEL', 'AEVO-AWS_ESTATE', 'TAG', '--ARN--', 'JSON');
-- EXAMPLE OF TAG JSON
/* {
"tags": {
"CostCenter": {
"tag_key": {
"@@assign": "CostCenter",
"@@operators_allowed_for_child_policies": [
"@@none"
]
}
}
}
}
*/
drop table renters;
CREATE TABLE renters (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT UNIQUE,
full_name TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO renters(name, full_name) VALUES ('AEVO', 'Avaloq Evolution');
INSERT INTO renters(name, full_name) VALUES ('ASSL', 'Avaloq Sourcing CH');
INSERT INTO renters(name, full_name) VALUES ('ASAP', 'Avaloq Sourcing AP');
INSERT INTO renters(name, full_name) VALUES ('APLH', 'Aplha Bank AG');
drop table classes;
CREATE TABLE classes (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT UNIQUE,
description TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
)
INSERT INTO classes(name, description) VALUES ('free', 'The service is deployed into a free-tier account.');
INSERT INTO classes(name, description) VALUES ('trial', 'The service represents a sponsored proof-of-concept and has to abide to budget restrictions.');
INSERT INTO classes(name, description) VALUES ('payg', 'Provisioning resources immedeately increases the cloud bill.');
INSERT INTO classes(name, description) VALUES ('commit', 'The service budget is planned ahead and resources are accounted against a credit commitment.');
drop table stages;
CREATE TABLE stages (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT UNIQUE,
description TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO stages(name, description) VALUES ('development', 'The service is still under development.');
INSERT INTO stages(name, description) VALUES ('uat', 'The service is in user acceptance testing, data is not persisted.');
INSERT INTO stages(name, description) VALUES ('production', 'The service is in production and has to comply with the securty and compliance guidelines.');
-- RESIDENTS TABLE HOLDS MULTIPLE RESIDENT IN THE SPECIFIED CLOUD ESTATE
-- BUSINESS WISE IT HOLDS AWS CHILD ACCOUNTS/ OCI COMPARTMENTS WHERE THE WHOLE ECO-SYSTEM CAN BE BUILT
-- THE CLOUD ESTATE WHERE THE RESIDENT LIVES IS THE UNDERSTANDING BETWEEN THE FEDERAL AND CLOUD PROVIDER
-- THE POLICIES DECTATED BY FEDERAL LEVEL
-- NEED TO BE APPLIED TO ALL RESIDENTS/CHILD ACCOUNTS
-- EXAMPLE TAG POLICY
drop table residents;
CREATE TABLE residents (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name VARCHAR(32) UNIQUE,
description TEXT,
purchase_order TEXT,
email_address TEXT,
renter TEXT REFERENCES renters(name),
cloud_provider TEXT REFERENCES cloud_providers(name),
-- CHILD ACCOUNT ID EG AWS
resident_cid TEXT,
-- ORGANIZATION ID/CLOUD ESTATE CID
cloud_estate TEXT REFERENCES cloud_estates(name) ,
cloud_estate_cid TEXT REFERENCES cloud_estates(cloud_estate_cid),
cloud_estate_policies TEXT[],
class TEXT REFERENCES classes(name),
stage TEXT REFERENCES stages(name),
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
ALTER TABLE residents ALTER COLUMN name TYPE character varying(64);
-- RESIDENT ARE INSERTED BY VENDING MACHINES
-- INSERT INTO residents(name, description, purchase_order_id, email_address, client, cloud_provider, resident_cid, cloud_estate_cid, class, stage)
-- VALUES ('AEVO_VEND1', 'The First Vending Machine', 'PO-123456', '[email protected]', 'AEVO', 'AWS', '--ACCOUNT-ID--', '--ORG ESTATE ID', 'free', 'development');
drop table users;
CREATE TABLE users (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name VARCHAR(32) UNIQUE,
description TEXT,
resident TEXT REFERENCES residents(name) ON DELETE CASCADE,
user_cid TEXT,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
}
ALTER TABLE users ALTER COLUMN name TYPE character varying(64);
-- USERS ARE INSERTED BY VENDING MACHINES
CREATE TABLE tag_families (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
name TEXT NOT NULL UNIQUE,
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO tag_families (name) VALUES ('FINANCE')
drop table tags;
CREATE TABLE tags (
id SERIAL,
uuid uuid DEFAULT uuid_generate_v4 (),
tag JSON,
tag_family TEXT REFERENCES tag_families(name) ON DELETE CASCADE
created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
created_by TEXT,
updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
updated_by TEXT,
PRIMARY KEY(id)
);
INSERT INTO tags (tag, tag_family)
VALUES ('[
{
"Key": "Environment",
"Value": "Production"
},
{
"Key": "Team",
"Value": "Engineering"
}
]', 'FINANCE');