-
Notifications
You must be signed in to change notification settings - Fork 3.8k
/
vpc-connector.ts
154 lines (132 loc) · 3.98 KB
/
vpc-connector.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
import * as ec2 from 'aws-cdk-lib/aws-ec2';
import { Connections } from 'aws-cdk-lib/aws-ec2';
import * as cdk from 'aws-cdk-lib/core';
import { Construct } from 'constructs';
import { CfnVpcConnector } from 'aws-cdk-lib/aws-apprunner';
/**
* Properties of the AppRunner VPC Connector
*/
export interface VpcConnectorProps {
/**
* The VPC for the VPC Connector.
*/
readonly vpc: ec2.IVpc;
/**
* Where to place the VPC Connector within the VPC.
*
* @default - Private subnets.
*/
readonly vpcSubnets?: ec2.SubnetSelection;
/**
* A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets.
*
* @default - a new security group will be created in the specified VPC
*/
readonly securityGroups?: ec2.ISecurityGroup[];
/**
* The name for the VpcConnector.
*
* @default - a name generated by CloudFormation
*/
readonly vpcConnectorName?: string;
}
/**
* Attributes for the App Runner VPC Connector
*/
export interface VpcConnectorAttributes {
/**
* The name of the VPC connector.
*/
readonly vpcConnectorName: string;
/**
* The ARN of the VPC connector.
*/
readonly vpcConnectorArn: string;
/**
* The revision of the VPC connector.
*/
readonly vpcConnectorRevision: number;
/**
* The security groups associated with the VPC connector.
*/
readonly securityGroups: ec2.ISecurityGroup[];
}
/**
* Represents the App Runner VPC Connector.
*/
export interface IVpcConnector extends cdk.IResource, ec2.IConnectable {
/**
* The Name of the VPC connector.
* @attribute
*/
readonly vpcConnectorName: string;
/**
* The ARN of the VPC connector.
* @attribute
*/
readonly vpcConnectorArn: string;
/**
* The revision of the VPC connector.
* @attribute
*/
readonly vpcConnectorRevision: number;
}
/**
* The App Runner VPC Connector
*
* @resource AWS::AppRunner::VpcConnector
*/
export class VpcConnector extends cdk.Resource implements IVpcConnector {
/**
* Import from VPC connector attributes.
*/
public static fromVpcConnectorAttributes(scope: Construct, id: string, attrs: VpcConnectorAttributes): IVpcConnector {
const vpcConnectorArn = attrs.vpcConnectorArn;
const vpcConnectorName = attrs.vpcConnectorName;
const vpcConnectorRevision = attrs.vpcConnectorRevision;
const securityGroups = attrs.securityGroups;
class Import extends cdk.Resource {
public readonly vpcConnectorArn = vpcConnectorArn
public readonly vpcConnectorName = vpcConnectorName
public readonly vpcConnectorRevision = vpcConnectorRevision
public readonly connections = new Connections({ securityGroups });
}
return new Import(scope, id);
}
/**
* The ARN of the VPC connector.
* @attribute
*/
readonly vpcConnectorArn: string;
/**
* The revision of the VPC connector.
* @attribute
*/
readonly vpcConnectorRevision: number;
/**
* The name of the VPC connector.
* @attribute
*/
readonly vpcConnectorName: string;
/**
* Allows specifying security group connections for the VPC connector.
*/
public readonly connections: Connections
public constructor(scope: Construct, id: string, props: VpcConnectorProps) {
super(scope, id, {
physicalName: props.vpcConnectorName,
});
const securityGroups = props.securityGroups?.length ?
props.securityGroups
: [new ec2.SecurityGroup(this, 'SecurityGroup', { vpc: props.vpc })];
const resource = new CfnVpcConnector(this, 'Resource', {
subnets: props.vpc.selectSubnets(props.vpcSubnets).subnetIds,
securityGroups: cdk.Lazy.list({ produce: () => this.connections.securityGroups.map(sg => sg.securityGroupId) }),
vpcConnectorName: this.physicalName,
});
this.vpcConnectorArn = resource.attrVpcConnectorArn;
this.vpcConnectorRevision = resource.attrVpcConnectorRevision;
this.vpcConnectorName = resource.ref;
this.connections = new Connections({ securityGroups });
}
}