ifra refactoring

Author: Yuriy Bezsonov

.kiro/specs/infra/design.md

@@ -131,7 +131,9 @@ public class WorkshopStack extends Stack {
 **Database**: Configures RDS Aurora PostgreSQL cluster with universal "workshop-" naming convention
 **CodeBuild**: Creates CodeBuild project for AWS service-linked role creation
 **Lambda**: Reusable construct for consistent Lambda function creation with inline Python code
-**PerformanceAnalysis**: Creates S3 bucket, Lambda functions, and API Gateway for thread dump and profiling analysis
+**WorkshopBucket**: Creates shared S3 bucket and SSM parameter for workshop data (uses prefix)
+**ThreadAnalysis**: Creates thread dump Lambda and API Gateway for thread analysis (uses prefix)
+**JvmAnalysis**: Creates ECR repository and Pod Identity role for jvm-analysis-service (app-specific naming)
 **Unicorn**: Creates ECR repository and IAM roles for workshop applications (uses unicorn* naming for workshop content compatibility)
 
 #### CDK Construct Naming Convention
@@ -147,26 +149,70 @@ This convention eliminates CloudFormation logical ID duplication and ensures mai
 
 #### AWS Resource Naming Convention
 
-All AWS resources follow a consistent "workshop-" prefix pattern for operational clarity:
+All AWS resources follow a consistent prefix pattern for operational clarity. The prefix is defined as a simple String constant at the beginning of WorkshopStack constructor (defaults to "workshop").
 
-**Lambda Functions:**
-- `workshop-codebuild-start` - CodeBuild start trigger
-- `workshop-codebuild-report` - CodeBuild completion handler
-- `workshop-ide-prefixlist` - CloudFront prefix list lookup
-- `workshop-ide-launcher` - EC2 instance launcher with failover
-- `workshop-ide-password` - Password retrieval from Secrets Manager
-- `workshop-database-setup` - Database schema initialization
+**Configurable Prefix Pattern:**
+```java
+public class WorkshopStack extends Stack {
+    public WorkshopStack(final Construct scope, final String id, final StackProps props) {
+        super(scope, id, props);
+
+        // Resource naming prefix - change this to customize all resource names
+        String prefix = "workshop";
+
+        // Configuration values - get template type from CDK context (build time)
+        String templateType = ...
+
+        // Pass prefix to all constructs
+        var ide = new Ide(this, "Ide", Ide.IdeProps.builder()
+            .prefix(prefix)
+            .vpc(vpc.getVpc())
+            .build());
+    }
+}
+```
+
+**Lambda Functions (with default "workshop" prefix):**
+- `{prefix}-codebuild-start` - CodeBuild start trigger
+- `{prefix}-codebuild-report` - CodeBuild completion handler
+- `{prefix}-ide-prefixlist` - CloudFront prefix list lookup
+- `{prefix}-ide-launcher` - EC2 instance launcher with failover
+- `{prefix}-ide-password` - Password retrieval from Secrets Manager
+- `{prefix}-database-setup` - Database schema initialization
 
 **CodeBuild Projects:**
-- `workshop-setup` - Workshop environment setup and service-linked role creation
+- `{prefix}-setup` - Workshop environment setup and service-linked role creation
 
 **CloudWatch Log Groups:**
-- `workshop-ide-bootstrap-{timestamp}` - IDE bootstrap logs with unique timestamps
-- `/aws/lambda/workshop-*` - All Lambda function logs grouped by prefix
-- `/aws/codebuild/workshop-setup` - CodeBuild execution logs
+- `{prefix}-ide-bootstrap-{timestamp}` - IDE bootstrap logs with unique timestamps
+- `/aws/lambda/{prefix}-*` - All Lambda function logs grouped by prefix
+- `/aws/codebuild/{prefix}-setup` - CodeBuild execution logs
+
+**Exceptions (app-specific naming):**
+- **Unicorn construct**: Uses "unicorn*" naming for workshop application compatibility
+- **JvmAnalysis construct**: Uses "jvm-analysis-*" naming for profiling service resources
+
+**Constructs using prefix:**
+- Vpc, Ide, CodeBuild, Database, Eks, WorkshopBucket, ThreadAnalysis
+
+**Constructs with app-specific naming (no prefix):**
+- Unicorn (unicorn*), JvmAnalysis (jvm-analysis-*)
+
+**Usage:**
+```bash
+# Default prefix ("workshop")
+npm run generate
+
+# Custom prefix - edit WorkshopStack.java:
+#   String prefix = "alice";
+# Then regenerate:
+npm run generate
+```
 
 This naming convention enables:
-- **Easy filtering** in AWS Console and CLI using `workshop-*` patterns
+- **Easy filtering** in AWS Console and CLI using `{prefix}-*` patterns
+- **Simple customization** by editing one string constant
+- **Reusable templates** by regenerating with different prefix
 - **Operational management** through consistent resource identification
 - **Cost tracking** and monitoring of workshop-related resources
 - **Automated cleanup** and maintenance scripts
@@ -592,6 +638,26 @@ public class BuildConfig {
 *For any* EKS cluster and database creation, they should depend only on VPC and deploy in parallel without unnecessary dependencies
 **Validates: Requirements 19.1, 19.2, 19.3**
 
+### Property 26: Configurable Prefix Pattern
+*For any* AWS resource created by Vpc, Ide, CodeBuild, Database, or Eks constructs, it should use the prefix string defined in WorkshopStack constructor for all resource names
+**Validates: Requirements 22.1, 22.2, 22.3, 22.4, 22.5**
+
+### Property 27: Prefix Exception for App-Specific Constructs
+*For any* resource created by Unicorn or JvmAnalysis constructs, it should use its own naming convention independent of the WorkshopStack prefix
+**Validates: Requirements 22.6, 22.7**
+
+### Property 28: WorkshopBucket Shared Resources
+*For any* WorkshopBucket construct, it should create S3 bucket and SSM parameter using the prefix pattern for shared resource discovery
+**Validates: Requirements 23.1, 23.2, 23.3**
+
+### Property 29: ThreadAnalysis Infrastructure Naming
+*For any* ThreadAnalysis construct, it should use the prefix pattern for all Lambda, API Gateway, IAM role, and security group resources
+**Validates: Requirements 24.1, 24.2, 24.3, 24.4, 24.5**
+
+### Property 30: JvmAnalysis App-Specific Naming
+*For any* JvmAnalysis construct, it should use "jvm-analysis-*" naming for ECR repository and Pod Identity role
+**Validates: Requirements 25.1, 25.2, 25.3**
+
 ## Error Handling
 
 ### Script Error Handling Strategy

.kiro/specs/infra/requirements.md

@@ -295,3 +295,50 @@ This document specifies the requirements for creating a new AWS workshop infrast
 4. WHEN bootstrap logging is configured, THE system SHALL use "workshop-ide-bootstrap-{timestamp}" pattern for unique log group names
 5. WHEN AWS resources are named, THE system SHALL follow the pattern "workshop-{component}-{function}" for operational consistency
 
+### Requirement 22
+
+**User Story:** As a workshop developer, I want configurable resource name prefixes defined in WorkshopStack, so that I can easily customize all resource names by changing a single string constant and regenerating templates.
+
+#### Acceptance Criteria
+
+1. WHEN WorkshopStack constructor begins, THE system SHALL define a prefix String constant at the very beginning (default "workshop")
+2. WHEN prefix is defined, THE system SHALL pass it to all construct Props builders that create AWS resources
+3. WHEN constructs create AWS resources, THE system SHALL use the prefix for all resource names following pattern "{prefix}-{component}-{function}"
+4. WHEN templates need different prefixes, THE developer SHALL edit the prefix string in WorkshopStack.java and run `npm run generate`
+5. WHEN CloudFormation template is generated, THE system SHALL have all resource names fully resolved with the prefix value (no runtime parameters)
+6. WHEN Unicorn construct creates resources, THE system SHALL use its own "unicorn*" naming convention (exception for app-specific compatibility)
+7. WHEN JvmAnalysis construct creates resources, THE system SHALL use "jvm-analysis-*" naming convention (exception for app-specific resources)
+
+
+
+### Requirement 23
+
+**User Story:** As a workshop developer, I want shared workshop resources in a dedicated construct, so that S3 bucket and SSM parameter can be reused across multiple features.
+
+#### Acceptance Criteria
+
+1. WHEN WorkshopBucket construct is created, THE system SHALL create an S3 bucket with name pattern `{prefix}-bucket-{account}-{region}-{timestamp}`
+2. WHEN WorkshopBucket construct is created, THE system SHALL create an SSM parameter `{prefix}-bucket-name` for bucket name discovery
+3. WHEN WorkshopBucket is used by other constructs, THE system SHALL pass the bucket reference for permissions and configuration
+
+### Requirement 24
+
+**User Story:** As a workshop developer, I want thread dump analysis in a dedicated construct, so that thread dump Lambda and API Gateway are clearly separated from other analysis features.
+
+#### Acceptance Criteria
+
+1. WHEN ThreadAnalysis construct is created, THE system SHALL use prefix for all resource names (infrastructure pattern)
+2. WHEN ThreadAnalysis creates Lambda, THE system SHALL name it `{prefix}-thread-dump-lambda`
+3. WHEN ThreadAnalysis creates API Gateway, THE system SHALL name it `{prefix}-thread-dump-api`
+4. WHEN ThreadAnalysis creates IAM role, THE system SHALL name it `{prefix}-thread-dump-lambda-role`
+5. WHEN ThreadAnalysis creates security group, THE system SHALL name it `{prefix}-thread-dump-lambda-sg`
+
+### Requirement 25
+
+**User Story:** As a workshop developer, I want JVM profiling analysis in a dedicated construct, so that ECR repository and Pod Identity role are clearly separated as app-specific resources.
+
+#### Acceptance Criteria
+
+1. WHEN JvmAnalysis construct is created, THE system SHALL use app-specific naming (no prefix)
+2. WHEN JvmAnalysis creates ECR repository, THE system SHALL name it `jvm-analysis-service`
+3. WHEN JvmAnalysis creates Pod Identity role, THE system SHALL name it `jvm-analysis-service-eks-pod-role`

.kiro/specs/infra/tasks.md

@@ -603,3 +603,110 @@
   - No EKS, Database, PerformanceAnalysis, or Unicorn resources ✅
   - _Requirements: 1.2, 1.3, 5.4_
 
+
+
+## Configurable Prefix Pattern (500.x)
+
+- [x] 500.1 Add prefix constant to WorkshopStack
+  - Add `String prefix = "workshop";` at the very beginning of WorkshopStack constructor (before configuration values) ✅
+  - Pass prefix to all construct Props builders (Vpc, Ide, CodeBuild, Database, Eks) ✅
+  - Do NOT pass prefix to Unicorn or JvmAnalysis (they have their own naming) ✅
+  - _Requirements: 22.1, 22.2, 22.6, 22.7_
+
+- [x] 500.2 Update Vpc construct for configurable prefix
+  - Add prefix parameter to VpcProps ✅
+  - Update VPC name to use `{prefix}-vpc` pattern ✅
+  - _Requirements: 22.2, 22.3_
+
+- [x] 500.3 Update Ide construct for configurable prefix
+  - Add prefix parameter to IdeProps ✅
+  - Update Lambda function names: `{prefix}-ide-launcher`, `{prefix}-ide-password`, `{prefix}-ide-prefixlist` ✅
+  - Update CloudWatch log group: `{prefix}-ide-bootstrap-{timestamp}` ✅
+  - Update security group names to use prefix ✅
+  - Update instance profile name to use prefix ✅
+  - Update password secret name to use prefix ✅
+  - _Requirements: 22.2, 22.3_
+
+- [x] 500.4 Update CodeBuild construct for configurable prefix
+  - Add prefix parameter to CodeBuildProps ✅
+  - Update CodeBuild project name: `{prefix}-setup` ✅
+  - Update Lambda function names: `{prefix}-codebuild-start`, `{prefix}-codebuild-report` ✅
+  - _Requirements: 22.2, 22.3_
+
+- [x] 500.5 Update Database construct for configurable prefix
+  - Add prefix parameter to DatabaseProps ✅
+  - Update cluster name: `{prefix}-db-cluster` ✅
+  - Update instance name: `{prefix}-db-writer` ✅
+  - Update secrets names: `{prefix}-db-secret`, `{prefix}-db-password-secret` ✅
+  - Update parameter store: `{prefix}-db-connection-string` ✅
+  - Update security group name to use prefix ✅
+  - _Requirements: 22.2, 22.3_
+
+- [x] 500.6 Update Eks construct for configurable prefix
+  - Add prefix parameter to EksProps ✅
+  - Update cluster name: `{prefix}-eks` ✅
+  - _Requirements: 22.2, 22.3_
+
+- [x] 500.7 Update bootstrap scripts for configurable prefix
+  - Pass PREFIX environment variable from CDK to UserData ✅
+  - Update userdata.sh to use PREFIX for log group names ✅
+  - Update bootstrap.sh to use PREFIX for secret name lookup ✅
+  - Update eks.sh to use PREFIX for cluster name and SecretProviderClass ✅
+  - Update monitoring.sh and analysis.sh to use PREFIX ✅
+  - _Requirements: 22.2, 22.3_
+
+- [x] 500.8 Test and validate configurable prefix
+  - Generate template with default prefix: `npm run generate` ✅
+  - Verify all resources (except Unicorn and JvmAnalysis) use "workshop-" prefix ✅
+  - Verify generated CloudFormation template has all names resolved (no parameters) ✅
+  - _Requirements: 22.4, 22.5_
+
+
+## PerformanceAnalysis Refactoring (600.x)
+
+- [x] 600.1 Create WorkshopBucket construct
+  - Create infra/cdk/src/main/java/sample/com/constructs/WorkshopBucket.java ✅
+  - Add prefix parameter to WorkshopBucketProps ✅
+  - Create S3 bucket: `{prefix}-bucket-{account}-{region}-{timestamp}` ✅
+  - Create SSM parameter: `{prefix}-bucket-name` ✅
+  - Expose bucket and parameter as getters ✅
+  - _Requirements: 23.1, 23.2, 23.3_
+
+- [x] 600.2 Create ThreadAnalysis construct
+  - Create infra/cdk/src/main/java/sample/com/constructs/ThreadAnalysis.java ✅
+  - Add prefix parameter to ThreadAnalysisProps ✅
+  - Create thread dump Lambda: `{prefix}-thread-dump-lambda` ✅
+  - Create API Gateway: `{prefix}-thread-dump-api` ✅
+  - Create Lambda role: `{prefix}-thread-dump-lambda-role` ✅
+  - Create security group: `{prefix}-thread-dump-lambda-sg` ✅
+  - Create log group: `/aws/lambda/{prefix}-thread-dump-lambda` ✅
+  - Accept WorkshopBucket reference for S3 permissions ✅
+  - _Requirements: 24.1, 24.2, 24.3, 24.4, 24.5_
+
+- [x] 600.3 Create JvmAnalysis construct
+  - Create infra/cdk/src/main/java/sample/com/constructs/JvmAnalysis.java ✅
+  - Create ECR repository: `jvm-analysis-service` (no prefix) ✅
+  - Create Pod Identity role: `jvm-analysis-service-eks-pod-role` (no prefix) ✅
+  - Accept WorkshopBucket reference for S3 permissions ✅
+  - _Requirements: 25.1, 25.2, 25.3_
+
+- [x] 600.4 Update WorkshopStack for new constructs
+  - Add prefix to WorkshopBucket, ThreadAnalysis creation ✅
+  - Create WorkshopBucket first (shared resource) ✅
+  - Pass WorkshopBucket to ThreadAnalysis and JvmAnalysis ✅
+  - Pass WorkshopBucket to Unicorn (replaces performanceAnalysis.getWorkshopBucket()) ✅
+  - Remove PerformanceAnalysis construct usage ✅
+  - _Requirements: 22.2, 23.3_
+
+- [x] 600.5 Delete PerformanceAnalysis construct
+  - Delete infra/cdk/src/main/java/sample/com/constructs/PerformanceAnalysis.java ✅
+  - Verify all functionality moved to new constructs ✅
+  - _Requirements: 23.1, 24.1, 25.1_
+
+- [x] 600.6 Test and validate refactoring
+  - Generate template: `npm run generate` ✅
+  - Verify WorkshopBucket resources use prefix ✅
+  - Verify ThreadAnalysis resources use prefix ✅
+  - Verify JvmAnalysis resources use app-specific naming (no prefix) ✅
+  - Verify Unicorn still receives bucket reference ✅
+  - _Requirements: 22.5, 23.3, 24.1, 25.1_

infra/cdk/README.md

@@ -1,18 +1,26 @@
-# Welcome to your CDK Java project!
+# Workshop Infrastructure
 
-This is a blank project for CDK development with Java.
+CDK project for generating CloudFormation templates for AWS workshops.
 
-The `cdk.json` file tells the CDK Toolkit how to execute your app.
+## Quick Start
 
-It is a [Maven](https://maven.apache.org/) based project, so you can open this project with any Maven compatible Java IDE to build and run tests.
+```bash
+# Generate all CloudFormation templates
+npm run generate
 
-## Useful commands
+# Sync templates to workshop directories
+npm run sync
+```
 
- * `mvn package`     compile and run tests
- * `cdk ls`          list all stacks in the app
- * `cdk synth`       emits the synthesized CloudFormation template
- * `cdk deploy`      deploy this stack to your default AWS account/region
- * `cdk diff`        compare deployed stack with current state
- * `cdk docs`        open CDK documentation
+## Customization
 
-Enjoy!
+Edit `WorkshopStack.java` to change the resource naming prefix:
+```java
+String prefix = "workshop";  // Change to customize all resource names
+```
+
+Then regenerate templates with `npm run generate`.
+
+## Details
+
+See `.kiro/specs/infra/` for complete requirements, design, and implementation details.