Skip to content

Commit

Permalink
feat: add IPv6 and move database to isolated subnet
Browse files Browse the repository at this point in the history
  • Loading branch information
@DASPRiD
DASPRiD committed Jan 26, 2024
1 parent 3b9f16f commit 974a311
Showing 1 changed file with 13 additions and 3 deletions.
16 changes: 13 additions & 3 deletions skeleton/templates/cdk/src/api-stack.ts.mustache
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import {
InstanceSize,
InstanceType,
IpAddresses,
IpProtocol,
SubnetType,
Vpc,
} from "aws-cdk-lib/aws-ec2";
Expand Down Expand Up @@ -35,6 +36,7 @@ export class ApiStack extends Stack {
super(scope, id, props);
const vpc = new Vpc(this, "Vpc", {
ipProtocol: IpProtocol.DUAL_STACK,
ipAddresses: IpAddresses.cidr("172.10.0.0/16"),
subnetConfiguration: [
{
Expand All @@ -43,8 +45,8 @@ export class ApiStack extends Stack {
},
{{#if (has features "postgres")}}
{
name: "Private",
subnetType: SubnetType.PRIVATE_WITH_EGRESS,
name: "PrivateIsolated",
subnetType: SubnetType.PRIVATE_ISOLATED,
},
{{/if}}
],
Expand All @@ -53,15 +55,23 @@ export class ApiStack extends Stack {
{{#if (has features "postgres")}}

const databaseCluster = new DatabaseCluster(this, "Database", {
vpc,
vpcSubnets: { subnetType: SubnetType.PRIVATE_ISOLATED },
engine: DatabaseClusterEngine.auroraPostgres({
version: AuroraPostgresEngineVersion.VER_16_0,
}),
credentials: Credentials.fromGeneratedSecret("api"),
writer: ClusterInstance.provisioned("DatabaseWriter", {
instanceType: InstanceType.of(InstanceClass.BURSTABLE3, InstanceSize.MEDIUM),
autoMinorVersionUpgrade: true,
allowMajorVersionUpgrade: true,
}),
vpc,
defaultDatabaseName: "api",
backup: {
retention: Duration.days(21),
// 1am to 2am west coast, 4am to 5am east coast
preferredWindow: '09:00-10:00',
},
});

if (!databaseCluster.secret) {
Expand Down

0 comments on commit 974a311

Please sign in to comment.