Working to get a NAT up and better error checking.

It looks like the issue is more likely a result of the use of the private subnet to deploy the app.
We have to use it to connect to the database, but that means that the app cant call out to external services. By setting up the NAT in the infrastructure.yaml we can then connect to other APIs.

Author: SimonGoring

.github/workflows/deploy.yml

@@ -78,6 +78,7 @@ jobs:
             exit 1
           fi
           echo "SUBNET_LIST=subnet-0e66614ca7e9e7247,subnet-013f8ff069404c987" >> $GITHUB_ENV
+          echo "PUBSUB_LIST=subnet-0f5812eb0691aca6a,subnet-0045ed0716dc4461c" >> $GITHUB_ENV
 
       - name: Deploy CloudFormation stack
         run: |
@@ -95,6 +96,7 @@ jobs:
               "RDSPassword=${{ secrets.RDS_PASSWORD }}" \
               "VPCId=${{ secrets.VPC_ID }}" \
               "PrivateSubnets=${{ env.SUBNET_LIST }}" \
+              "PublicSubnets=${{ env.PUBSUB_LIST }}" \
               "DomainName=${{ env.ENDPOINT }}" \
               "NativeLandKey=${{ secrets.NATIVELANDKEY }}" \
             --capabilities CAPABILITY_NAMED_IAM \

infrastructure/cloudformation-template.yaml

@@ -39,7 +39,11 @@ Parameters:
 
   PrivateSubnets:
     Type: List<AWS::EC2::Subnet::Id>
-    Description: Private subnets for VPC connector
+    Description: Private subnets for VPC connector (for the RDS database)
+
+  PublicSubnets:
+    Type: List<AWS::EC2::Subnet::Id>
+    Description: Public subnets for NAT Gateway (for calls out to external resources)
 
   RDSUsername:
     Type: String
@@ -57,6 +61,56 @@ Parameters:
     Description: The API key for the Native Lands API
 
 Resources:
+  
+  # Elastic IP for NAT Gateway
+  NATGatewayEIP:
+    Type: AWS::EC2::EIP
+    Properties:
+      Domain: vpc
+      Tags:
+        - Key: Name
+          Value: !Sub 'neotoma-nat-eip-${Environment}'
+  
+  # NAT Gateway in first public subnet
+  NATGateway:
+    Type: AWS::EC2::NatGateway
+    Properties:
+      AllocationId: !GetAtt NATGatewayEIP.AllocationId
+      SubnetId: !Select [0, !Ref PublicSubnets]
+      Tags:
+        - Key: Name
+          Value: !Sub 'neotoma-nat-gateway-${Environment}'
+  # Route table for private subnets
+  PrivateRouteTable:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref VPCId
+      Tags:
+        - Key: Name
+          Value: !Sub 'neotoma-private-rt-${Environment}'
+
+  # Route to NAT Gateway
+  PrivateRoute:
+    Type: AWS::EC2::Route
+    Properties:
+      RouteTableId: !Ref PrivateRouteTable
+      DestinationCidrBlock: 0.0.0.0/0
+      NatGatewayId: !Ref NATGateway
+
+  # Associate route table with first private subnet
+  PrivateSubnetRouteTableAssociation1:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      SubnetId: !Select [0, !Ref PrivateSubnets]
+      RouteTableId: !Ref PrivateRouteTable
+
+  # Associate route table with second private subnet
+  PrivateSubnetRouteTableAssociation2:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      SubnetId: !Select [1, !Ref PrivateSubnets]
+      RouteTableId: !Ref PrivateRouteTable
+  
   # Security Group for App Runner
   AppRunnerSecurityGroup:
     Type: AWS::EC2::SecurityGroup

v2.0/helpers/landing/landing.js

@@ -409,7 +409,7 @@ const sendNativeLands = async function(req, res, next) {
       signal: AbortSignal.timeout(5000),
     }).catch((err) => {
         console.log('Fetch error caught:', err.name, err.message);
-        console.log('Full error object:', err); // Add this
+        console.log('Full error object:', JSON.stringify(err)); // Add this
         console.log('Error cause:', err.cause); // Add this - often has the real error!
 
       res.status(500)