-
|
We have two stacks: I want to be able to communicate to the cluster from the lambda. I've come up of with this: // StackB
const clusterAttr: aws_rds.DatabaseClusterAttributes = {
clusterIdentifier: "audit-log",
};
const cluster = aws_rds.ServerlessCluster.fromServerlessClusterAttributes(
this,
"imported-cluster",
clusterAttr
);
lambda.connections.allowDefaultPortFrom(cluster);It should work if the cluster is in the same stack, as our colleages has done exactly the same in their cdk deployment. However we've decided to move all of our stateful resources into another stack, which is why we are having these issues. We've tried to do it the other way as well: // StackB
cluster.connections.allowDefaultPortFrom(lambda);
cluster.connections.allowDefaultPortTo(lambda);But neither seem successful. |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
In the end this is how I solved it: In the RDS/Database stack I added a new security group: db = aws_rds.ServerlessCluster(
# options
)
public_audit_log_sg = aws_ec2.SecurityGroup
scope=stack,
id="public-audit-log-sg",
vpc=vpc,
allow_all_outbound=True,
description="Public audit log security group",
security_group_name="public-audit-log-sg",
)Then in your other stack const vpc = aws_ec2.Vpc.fromLookup(this, "imported-vpc", { vpcId: "vpcIdHere" });
const sg = aws_ec2.SecurityGroup.fromLookupByName(this, "imported-sg", "public-audit-log-sg", vpc);
const helloFunction = new NodejsFunction(this, "function", {
securityGroups: [sg]
}) |
Beta Was this translation helpful? Give feedback.
-
|
Hello! Reopening this discussion to make it searchable. |
Beta Was this translation helpful? Give feedback.
In the end this is how I solved it:
In the RDS/Database stack I added a new security group:
Then in your other stack