Skip to content

Commit e2534ad

Browse files
anthony-nhsanthony-nhs
committed
add vpc endpoints
1 parent 90ec1f4 commit e2534ad

File tree

3 files changed

+33
-0
lines changed

3 files changed

+33
-0
lines changed

.github/workflows/cdk_release_code.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,9 @@ on:
1515
LOG_RETENTION_IN_DAYS:
1616
required: true
1717
type: string
18+
DEPLOY_CHANGE:
19+
type: boolean
20+
default: true
1821
secrets:
1922
CLOUD_FORMATION_DEPLOY_ROLE:
2023
required: true
@@ -107,6 +110,7 @@ jobs:
107110
shell: bash
108111

109112
- name: Deploy code
113+
if: inputs.DEPLOY_CHANGE == 'true'
110114
run: |
111115
docker run \
112116
-v "$(pwd)/.build":/home/cdkuser/workspace/ \

.github/workflows/pull_request.yml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,3 +52,22 @@ jobs:
5252
run: |
5353
echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
5454
55+
package_code:
56+
needs: [get_issue_number, get_commit_id]
57+
uses: ./.github/workflows/cdk_package_code.yml
58+
with:
59+
VERSION_NUMBER: ${{needs.get_issue_number.outputs.issue_number}}
60+
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
61+
62+
release_dev:
63+
needs: [get_issue_number, package_code, get_commit_id]
64+
uses: ./.github/workflows/cdk_release_code.yml
65+
with:
66+
TARGET_ENVIRONMENT: dev
67+
VERSION_NUMBER: ${{needs.get_issue_number.outputs.issue_number}}
68+
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
69+
LOG_RETENTION_IN_DAYS: 30
70+
DEPLOY_CHANGE: true
71+
secrets:
72+
CDK_PULL_IMAGE_ROLE: ${{ secrets.DEV_CDK_PULL_IMAGE_ROLE }}
73+
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}

packages/cdk/stacks/VpcResourcesStack.ts

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import {
1010
import {
1111
CfnSubnet,
1212
FlowLogDestination,
13+
InterfaceVpcEndpointAwsService,
1314
IpAddresses,
1415
Vpc
1516
} from "aws-cdk-lib/aws-ec2"
@@ -87,6 +88,15 @@ export class VpcResourcesStack extends Stack {
8788
}
8889
}
8990

91+
// add vpc private endpoints
92+
vpc.addInterfaceEndpoint("ECRDockerEndpoint", {service: InterfaceVpcEndpointAwsService.ECR_DOCKER})
93+
vpc.addInterfaceEndpoint("ECREndpoint", {service: InterfaceVpcEndpointAwsService.ECR})
94+
vpc.addInterfaceEndpoint("SecretManagerEndpoint", {service: InterfaceVpcEndpointAwsService.SECRETS_MANAGER})
95+
vpc.addInterfaceEndpoint("CloudWatchEndpoint", {service: InterfaceVpcEndpointAwsService.CLOUDWATCH})
96+
vpc.addInterfaceEndpoint("CloudWatchLogsEndpoint", {service: InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS})
97+
vpc.addInterfaceEndpoint("CloudWatchEventsEndpoint", {service: InterfaceVpcEndpointAwsService.EVENTBRIDGE})
98+
vpc.addInterfaceEndpoint("SSMEndpoint", {service: InterfaceVpcEndpointAwsService.SSM})
99+
90100
//Outputs
91101

92102
//Exports

0 commit comments

Comments
 (0)