add typescript code for secrets

typescript/src/resources/deploy-lambda.ts

@@ -37,7 +37,7 @@ import { ClusterPolicyPermissions, ClusterPolicyPermissionsProperties } from "./
 import { Token, TokenProperties } from "./tokens";
 import { Experiment, ExperimentProperties } from "./mlflow";
 import { RegisteredModel, RegisteredModelProps } from "./mlflow/registeredModel";
-import { ServicePrincipal, ServicePrincipalProperties } from "./service-principals";
+import { ServicePrincipal, ServicePrincipalProperties, ServicePrincipalSecrets, ServicePrincipalSecretsProperties } from "./service-principals";
 
 
 export interface CustomDeployLambdaProps {
@@ -286,6 +286,13 @@ export abstract class IDatabricksDeployLambda extends Construct {
         });
     }
 
+    public createServicePrincipalSecrets(scope: Construct, id: string, props: ServicePrincipalSecretsProperties): ServicePrincipalSecrets {
+        return new ServicePrincipalSecrets(scope, id, {
+            ...props,
+            serviceToken: this.serviceToken
+        });
+    }
+
 }
 
 export class DatabricksDeployLambdaImport extends IDatabricksDeployLambda {

typescript/src/resources/index.ts

@@ -31,3 +31,4 @@ export * from "./unity-catalog";
 export * from "./tokens";
 export * from "./mlflow";
 export * from "./service-principals";
+export * from "./service-principals/servicePrincipalSecrets";

typescript/src/resources/service-principals/index.ts

@@ -1 +1,2 @@
-export * from "./servicePrincipal";
+export * from "./servicePrincipal";
+export * from "./servicePrincipalSecrets";

typescript/src/resources/service-principals/servicePrincipalSecrets.ts

@@ -0,0 +1,23 @@
+import { CustomResource } from "aws-cdk-lib";
+import { Construct } from "constructs";
+
+
+export interface ServicePrincipalSecretsProperties {
+    service_principal_id: number
+}
+
+export interface ServicePrincipalSecretsProps extends ServicePrincipalSecretsProperties {
+    readonly serviceToken: string
+}
+
+export class ServicePrincipalSecrets extends CustomResource {
+    constructor(scope: Construct, id: string, props: ServicePrincipalSecretsProps) {
+        super(scope, id, {
+            serviceToken: props.serviceToken,
+            properties: {
+                action: "service-principal-secrets",
+                service_principal_id: props.service_principal_id,
+            }
+        });
+    }
+}

typescript/tests/resources/service-principals/servicePrincipalSecrets.test.ts

@@ -0,0 +1,27 @@
+import { Template } from "aws-cdk-lib/assertions";
+import * as cdk from "aws-cdk-lib";
+import { DatabricksDeployLambda, ServicePrincipalSecrets } from "../../../../typescript/src";
+
+
+describe("ServicePrincipalSecrets", () => {
+    test("RegisteredModel Custom Resource synthesizes the way we expect", () => {
+        const app = new cdk.App();
+        const databricksStack = new cdk.Stack(app, "DatabricksStack");
+        const deployLambda = DatabricksDeployLambda.fromServiceToken(databricksStack, "DeployLambda", "some-arn");
+        new ServicePrincipalSecrets(databricksStack, "ServicePrincipalSecrets", {
+            service_principal_id: 1234,
+            serviceToken: deployLambda.serviceToken.toString(),
+        });
+
+        const template = Template.fromStack(databricksStack);
+
+        template.hasResourceProperties("AWS::CloudFormation::CustomResource",
+            {
+
+                "ServiceToken": "some-arn",
+                "action": "service-principal-secrets",
+                "service_principal_id": 1234,
+            });
+    });
+});
+