WIP

Yuriy Bezsonov · Yuriy Bezsonov · commit d0876c05f980 · 2025-12-14T16:17:44.000+01:00
diff --git a/.kiro/specs/infra/design.md b/.kiro/specs/infra/design.md
@@ -102,6 +102,32 @@ All CDK constructs follow a consistent naming pattern to ensure clean CloudForma
 
 This convention eliminates CloudFormation logical ID duplication and ensures maintainable resource naming.
 
+#### AWS Resource Naming Convention
+
+All AWS resources follow a consistent "workshop-" prefix pattern for operational clarity:
+
+**Lambda Functions:**
+- `workshop-codebuild-start` - CodeBuild start trigger
+- `workshop-codebuild-report` - CodeBuild completion handler
+- `workshop-ide-prefixlist` - CloudFront prefix list lookup
+- `workshop-ide-launcher` - EC2 instance launcher with failover
+- `workshop-ide-password` - Password retrieval from Secrets Manager
+- `workshop-database-setup` - Database schema initialization
+
+**CodeBuild Projects:**
+- `workshop-setup` - Workshop environment setup and service-linked role creation
+
+**CloudWatch Log Groups:**
+- `workshop-ide-bootstrap-{timestamp}` - IDE bootstrap logs with unique timestamps
+- `/aws/lambda/workshop-*` - All Lambda function logs grouped by prefix
+- `/aws/codebuild/workshop-setup` - CodeBuild execution logs
+
+This naming convention enables:
+- **Easy filtering** in AWS Console and CLI using `workshop-*` patterns
+- **Operational management** through consistent resource identification
+- **Cost tracking** and monitoring of workshop-related resources
+- **Automated cleanup** and maintenance scripts
+
 ### Lambda Function Architecture
 
 #### Design Rationale
diff --git a/.kiro/specs/infra/requirements.md b/.kiro/specs/infra/requirements.md
@@ -24,6 +24,7 @@ This document specifies the requirements for creating a new AWS workshop infrast
 - **Modular_Scripts**: Architecture where bootstrap functionality is separated into focused scripts (UserData → bootstrap → vscode → base)
 - **CDK_Naming_Convention**: Consistent pattern for CDK construct resource naming that produces clean CloudFormation logical IDs following {ConstructName}{ResourceType} format
 - **EKS_IDE_Integration**: Architecture pattern where EKS cluster shares security groups and IAM roles with IDE environment for seamless kubectl access
+- **Workshop_Naming_Convention**: Consistent resource naming pattern using "workshop-" prefix followed by component and function names for operational clarity and management
 
 ## Requirements
 
@@ -282,3 +283,15 @@ This document specifies the requirements for creating a new AWS workshop infrast
 4. WHEN EKS cluster integrates with IDE, THE system SHALL share security groups and IAM roles through proper construct interfaces
 5. WHEN construct naming is applied consistently, THE system SHALL ensure all resources follow the same naming convention across VPC, IDE, Database, EKS, and CodeBuild constructs
 
+### Requirement 21
+
+**User Story:** As a workshop developer, I want consistent logging and resource naming with a universal "workshop-" prefix, so that all workshop-related resources are easily identifiable, filterable, and manageable in AWS services.
+
+#### Acceptance Criteria
+
+1. WHEN Lambda functions are created, THE system SHALL use "workshop-" prefix followed by component and function name (e.g., "workshop-ide-launcher", "workshop-database-setup")
+2. WHEN CodeBuild projects are created, THE system SHALL use "workshop-" prefix for project names (e.g., "workshop-setup")
+3. WHEN CloudWatch log groups are created, THE system SHALL use "workshop-" prefix for consistent grouping and filtering
+4. WHEN bootstrap logging is configured, THE system SHALL use "workshop-ide-bootstrap-{timestamp}" pattern for unique log group names
+5. WHEN AWS resources are named, THE system SHALL follow the pattern "workshop-{component}-{function}" for operational consistency
+
diff --git a/.kiro/specs/infra/tasks.md b/.kiro/specs/infra/tasks.md
@@ -373,6 +373,16 @@
   - Applied consistent naming convention: construct name + resource type (e.g., Ide + PasswordSecret = IdePasswordSecret)
   - _Requirements: 1.1, 5.6_
 
+- [x] 11.28 Implement consistent "workshop-" naming convention for all AWS resources
+  - Updated Lambda function names to use "workshop-" prefix: "setup-codebuild-start" → "workshop-codebuild-start", "ide-ec2-launcher" → "workshop-ide-launcher"
+  - Updated CodeBuild project name: "workshop-codebuild" → "workshop-setup" for consistency
+  - Updated Database Lambda: "workshop-db-setup" → "workshop-database-setup" for clarity
+  - Updated IDE Lambda functions: "ide-cloudfront-prefix-lookup" → "workshop-ide-prefixlist", dynamic password function → "workshop-ide-password"
+  - Updated bootstrap log group: "ide-bootstrap-{timestamp}" → "workshop-ide-bootstrap-{timestamp}" for consistent grouping
+  - Applied universal "workshop-{component}-{function}" naming pattern across all AWS resources
+  - Enabled easy filtering and management of workshop resources in AWS console and CLI
+  - _Requirements: 21.1, 21.2, 21.3, 21.4, 21.5_
+
 ## Java-on-AWS Migration (100.x)
 
 - [x] 100.1 Analyze java-on-aws workshop requirements
diff --git a/infra/cdk/src/main/java/sample/com/WorkshopStack.java b/infra/cdk/src/main/java/sample/com/WorkshopStack.java
@@ -59,7 +59,7 @@ public WorkshopStack(final Construct scope, final String id, final StackProps pr
         // CodeBuild for workshop setup
         CodeBuild codeBuild = new CodeBuild(this, "CodeBuild",
             CodeBuild.CodeBuildProps.builder()
-                .projectName("workshop-codebuild")
+                .projectName("workshop-setup")
                 .vpc(vpc.getVpc())
                 .environmentVariables(Map.of(
                     "TEMPLATE_TYPE", templateType,
diff --git a/infra/cdk/src/main/java/sample/com/constructs/CodeBuild.java b/infra/cdk/src/main/java/sample/com/constructs/CodeBuild.java
@@ -131,12 +131,12 @@ public CodeBuild(final Construct scope, final String id, final CodeBuildProps pr
 
         // Create start build Lambda function
         var startLambda = new Lambda(this, "StartLambda",
-            "/lambda/codebuild-start.py", "setup-codebuild-start", Duration.minutes(2), lambdaRole);
+            "/lambda/codebuild-start.py", "workshop-codebuild-start", Duration.minutes(2), lambdaRole);
         Function startBuildFunction = startLambda.getFunction();
 
         // Create report build Lambda function
         var reportLambda = new Lambda(this, "ReportLambda",
-            "/lambda/codebuild-report.py", "setup-codebuild-report", Duration.minutes(2), lambdaRole);
+            "/lambda/codebuild-report.py", "workshop-codebuild-report", Duration.minutes(2), lambdaRole);
         Function reportBuildFunction = reportLambda.getFunction();
 
         // Create EventBridge rule for build completion
diff --git a/infra/cdk/src/main/java/sample/com/constructs/Database.java b/infra/cdk/src/main/java/sample/com/constructs/Database.java
@@ -114,7 +114,7 @@ public Database(final Construct scope, final String id, final IVpc vpc) {
             .code(Code.fromInline(loadFile("/lambda/database-setup.py")))
             .handler("index.lambda_handler")
             .runtime(Runtime.PYTHON_3_13)
-            .functionName("workshop-db-setup")
+            .functionName("workshop-database-setup")
             .timeout(Duration.minutes(3))
             .vpc(vpc)
             .securityGroups(List.of(databaseSecurityGroup))
diff --git a/infra/cdk/src/main/java/sample/com/constructs/Ide.java b/infra/cdk/src/main/java/sample/com/constructs/Ide.java
@@ -170,7 +170,7 @@ public Ide(final Construct scope, final String id, final IdeProps props) {
 
         // Create CloudFront prefix list lookup Lambda function
         var prefixListLookup = new Lambda(this, "PrefixListLookup",
-            "/lambda/cloudfront-prefix-lookup.py", "ide-cloudfront-prefix-lookup", Duration.minutes(3), lambdaRole);
+            "/lambda/cloudfront-prefix-lookup.py", "workshop-ide-prefixlist", Duration.minutes(3), lambdaRole);
         var prefixListFunction = prefixListLookup.getFunction();
 
         // Add EC2 permissions for prefix list lookup
@@ -269,7 +269,7 @@ public Ide(final Construct scope, final String id, final IdeProps props) {
 
         // Create instance launcher Lambda with multi-AZ and multi-instance-type failover
         var instanceLauncher = new Lambda(this, "InstanceLauncher",
-            "/lambda/ec2-launcher.py", "ide-ec2-launcher", Duration.minutes(5), lambdaRole);
+            "/lambda/ec2-launcher.py", "workshop-ide-launcher", Duration.minutes(5), lambdaRole);
         var instanceLauncherFunction = instanceLauncher.getFunction();
 
         // Create EC2 instance via Custom Resource with intelligent failover
@@ -378,7 +378,7 @@ private String getIdePassword(String instanceName) {
                 .handler("index.lambda_handler")
                 .runtime(Runtime.PYTHON_3_13)
                 .timeout(Duration.minutes(3))
-                .functionName(instanceName + "-password-exporter")
+                .functionName("workshop-ide-password")
                 .build();
 
             ideSecretsManagerPassword.grantRead(passwordFunction);
diff --git a/infra/cdk/src/main/resources/userdata.sh b/infra/cdk/src/main/resources/userdata.sh
@@ -11,7 +11,7 @@ export TEMPLATE_TYPE="${TEMPLATE_TYPE}"
 export WAIT_CONDITION_HANDLE_URL="${WAIT_CONDITION_HANDLE_URL}"
 
 # Setup logging
-LOG_GROUP_NAME="ide-bootstrap-$(date +%Y%m%d-%H%M%S)"
+LOG_GROUP_NAME="workshop-ide-bootstrap-$(date +%Y%m%d-%H%M%S)"
 echo "Bootstrap logs will be written to CloudWatch log group: $LOG_GROUP_NAME"
 
 # Install CloudWatch agent for logging
diff --git a/infra/cfn/base-stack.yaml b/infra/cfn/base-stack.yaml
@@ -459,7 +459,7 @@ Resources:
                       responseData = {'Error': tb_err}
                   finally:
                       cfnresponse.send(event, context, status, responseData, 'CustomResourcePhysicalID')
-      FunctionName: ide-cloudfront-prefix-lookup
+      FunctionName: workshop-ide-prefixlist
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -696,7 +696,7 @@ Resources:
                   responseData = {'Error': tb_err}
 
               cfnresponse.send(event, context, status, responseData, physical_id)
-      FunctionName: ide-ec2-launcher
+      FunctionName: workshop-ide-launcher
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -714,30 +714,19 @@ Resources:
         Fn::GetAtt:
           - IdeInstanceLauncherFunction803C5A2A
           - Arn
-      InstanceName: ide
-      IamInstanceProfileArn:
-        Fn::GetAtt:
-          - IdeInstanceProfile61B92038
-          - Arn
-      VolumeSize: "50"
       SubnetIds:
         Fn::Join:
           - ""
           - - Ref: VpcPublicSubnet1Subnet8E8DEDC0
             - ","
             - Ref: VpcPublicSubnet2SubnetA811849C
-      SecurityGroupIds:
-        Fn::Join:
-          - ""
-          - - Fn::GetAtt:
-                - IdeSecurityGroup73B02454
-                - GroupId
-            - ","
-            - Fn::GetAtt:
-                - IdeInternalSecurityGroupB0A5D76B
-                - GroupId
-      ImageId:
-        Ref: SsmParameterValueawsserviceamiamazonlinuxlatestal2023amikernel61x8664C96584B6F00A464EAD1953AFF4B05118Parameter
+      VolumeSize: "50"
+      IamInstanceProfileArn:
+        Fn::GetAtt:
+          - IdeInstanceProfile61B92038
+          - Arn
+      InstanceName: ide
+      InstanceTypes: m5.xlarge,m6i.xlarge,t3.xlarge
       UserData:
         Fn::Base64:
           Fn::Join:
@@ -763,7 +752,7 @@ Resources:
                 "
 
                 # Setup logging
-                LOG_GROUP_NAME="ide-bootstrap-$(date +%Y%m%d-%H%M%S)"
+                LOG_GROUP_NAME="workshop-ide-bootstrap-$(date +%Y%m%d-%H%M%S)"
                 echo "Bootstrap logs will be written to CloudWatch log group: $LOG_GROUP_NAME"
 
                 # Install CloudWatch agent for logging
@@ -871,7 +860,18 @@ Resources:
                 "
                     exit 1
                 fi
-      InstanceTypes: m5.xlarge,m6i.xlarge,t3.xlarge
+      ImageId:
+        Ref: SsmParameterValueawsserviceamiamazonlinuxlatestal2023amikernel61x8664C96584B6F00A464EAD1953AFF4B05118Parameter
+      SecurityGroupIds:
+        Fn::Join:
+          - ""
+          - - Fn::GetAtt:
+                - IdeSecurityGroup73B02454
+                - GroupId
+            - ","
+            - Fn::GetAtt:
+                - IdeInternalSecurityGroupB0A5D76B
+                - GroupId
     UpdateReplacePolicy: Delete
     DeletionPolicy: Delete
   IdeEipAssociationDFF81215:
@@ -1042,7 +1042,7 @@ Resources:
                   responseData = {'Error': tb_err}
 
               cfnresponse.send(event, context, status, responseData, physical_id)
-      FunctionName: ide-password-exporter
+      FunctionName: workshop-ide-password
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -1251,7 +1251,7 @@ Resources:
         ImagePullCredentialsType: CODEBUILD
         PrivilegedMode: false
         Type: LINUX_CONTAINER
-      Name: workshop-codebuild
+      Name: workshop-setup
       ServiceRole:
         Fn::GetAtt:
           - CodeBuildRoleE9A44575
@@ -1369,7 +1369,7 @@ Resources:
                   responseData = {'Error': tb_err}
 
               cfnresponse.send(event, context, status, responseData, physical_id)
-      FunctionName: setup-codebuild-start
+      FunctionName: workshop-codebuild-start
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -1435,7 +1435,7 @@ Resources:
                           'error': str(e)
                       })
                   }
-      FunctionName: setup-codebuild-report
+      FunctionName: workshop-codebuild-report
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -1449,7 +1449,7 @@ Resources:
   CodeBuildCompleteRuleEE9277E8:
     Type: AWS::Events::Rule
     Properties:
-      Description: workshop-codebuild build complete
+      Description: workshop-setup build complete
       EventPattern:
         detail:
           project-name:
@@ -1491,11 +1491,11 @@ Resources:
           - Arn
       ProjectName:
         Ref: CodeBuildProjectA0FF5539
+      ContentHash: "1765725419413"
       CodeBuildIamRoleArn:
         Fn::GetAtt:
           - CodeBuildRoleE9A44575
           - Arn
-      ContentHash: "1765724681159"
     DependsOn:
       - CodeBuildCompleteRuleAllowEventRuleWorkshopStackCodeBuildReportLambdaFunctionD77C60919E0B0C89
       - CodeBuildCompleteRuleEE9277E8
diff --git a/infra/cfn/java-on-aws-stack.yaml b/infra/cfn/java-on-aws-stack.yaml
