-
Notifications
You must be signed in to change notification settings - Fork 3.7k
/
test.bastion-host.ts
88 lines (78 loc) · 1.92 KB
/
test.bastion-host.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
import { expect, haveResource } from '@aws-cdk/assert';
import { Stack } from '@aws-cdk/core';
import { Test } from 'nodeunit';
import { BastionHostLinux, BlockDeviceVolume, SubnetType, Vpc } from '../lib';
export = {
'default instance is created in basic'(test: Test) {
// GIVEN
const stack = new Stack();
const vpc = new Vpc(stack, 'VPC');
// WHEN
new BastionHostLinux(stack, 'Bastion', {
vpc,
});
// THEN
expect(stack).to(haveResource('AWS::EC2::Instance', {
InstanceType: 't3.nano',
SubnetId: {Ref: 'VPCPrivateSubnet1Subnet8BCA10E0'},
}));
test.done();
},
'default instance is created in isolated vpc'(test: Test) {
// GIVEN
const stack = new Stack();
const vpc = new Vpc(stack, 'VPC', {
subnetConfiguration: [
{
subnetType: SubnetType.ISOLATED,
name: 'Isolated',
},
],
});
// WHEN
new BastionHostLinux(stack, 'Bastion', {
vpc,
});
// THEN
expect(stack).to(haveResource('AWS::EC2::Instance', {
InstanceType: 't3.nano',
SubnetId: {Ref: 'VPCIsolatedSubnet1SubnetEBD00FC6'},
}));
test.done();
},
'ebs volume is encrypted'(test: Test) {
// GIVEN
const stack = new Stack();
const vpc = new Vpc(stack, 'VPC', {
subnetConfiguration: [
{
subnetType: SubnetType.ISOLATED,
name: 'Isolated',
},
],
});
// WHEN
new BastionHostLinux(stack, 'Bastion', {
vpc,
blockDevices: [{
deviceName: 'EBSBastionHost',
volume: BlockDeviceVolume.ebs(10, {
encrypted: true,
}),
}],
});
// THEN
expect(stack).to(haveResource('AWS::EC2::Instance', {
BlockDeviceMappings: [
{
DeviceName: 'EBSBastionHost',
Ebs: {
Encrypted: true,
VolumeSize: 10,
},
},
],
}));
test.done();
},
};