|
4 | 4 |
|
5 | 5 | After deploying the stack you will need to make sure the geoparquet file |
6 | 6 | specified in the config gets uploaded to the bucket associated with this stack! |
7 | | -
|
8 | | -Also includes a pgstac for side-by-side testing. |
9 | 7 | """ |
10 | 8 |
|
11 | 9 | import os |
|
21 | 19 | ) |
22 | 20 | from aws_cdk.aws_apigatewayv2 import HttpApi, HttpStage, ThrottleSettings |
23 | 21 | from aws_cdk.aws_apigatewayv2_integrations import HttpLambdaIntegration |
24 | | -from aws_cdk.aws_ec2 import ( |
25 | | - GatewayVpcEndpointAwsService, |
26 | | - InstanceType, |
27 | | - InterfaceVpcEndpointAwsService, |
28 | | - Peer, |
29 | | - Port, |
30 | | - SubnetConfiguration, |
31 | | - SubnetSelection, |
32 | | - SubnetType, |
33 | | - Vpc, |
34 | | -) |
35 | 22 | from aws_cdk.aws_iam import AnyPrincipal, Effect, PolicyStatement |
36 | 23 | from aws_cdk.aws_lambda import Code, Function, Runtime |
37 | 24 | from aws_cdk.aws_logs import RetentionDays |
38 | | -from aws_cdk.aws_rds import DatabaseInstanceEngine, PostgresEngineVersion |
39 | 25 | from aws_cdk.aws_s3 import BlockPublicAccess, Bucket |
40 | 26 | from aws_cdk.custom_resources import ( |
41 | 27 | AwsCustomResource, |
|
45 | 31 | ) |
46 | 32 | from config import Config |
47 | 33 | from constructs import Construct |
48 | | -from eoapi_cdk import PgStacApiLambda, PgStacDatabase |
49 | | - |
50 | | - |
51 | | -class VpcStack(Stack): |
52 | | - def __init__( |
53 | | - self, scope: Construct, config: Config, id: str, **kwargs: Any |
54 | | - ) -> None: |
55 | | - super().__init__(scope, id=id, tags=config.tags, **kwargs) |
56 | | - |
57 | | - self.vpc = Vpc( |
58 | | - self, |
59 | | - "vpc", |
60 | | - subnet_configuration=[ |
61 | | - SubnetConfiguration( |
62 | | - name="ingress", subnet_type=SubnetType.PUBLIC, cidr_mask=24 |
63 | | - ), |
64 | | - SubnetConfiguration( |
65 | | - name="application", |
66 | | - subnet_type=SubnetType.PRIVATE_WITH_EGRESS, |
67 | | - cidr_mask=24, |
68 | | - ), |
69 | | - SubnetConfiguration( |
70 | | - name="rds", |
71 | | - subnet_type=SubnetType.PRIVATE_ISOLATED, |
72 | | - cidr_mask=24, |
73 | | - ), |
74 | | - ], |
75 | | - nat_gateways=config.nat_gateway_count, |
76 | | - ) |
77 | | - self.vpc.add_interface_endpoint( |
78 | | - "SecretsManagerEndpoint", |
79 | | - service=InterfaceVpcEndpointAwsService.SECRETS_MANAGER, |
80 | | - ) |
81 | | - self.vpc.add_interface_endpoint( |
82 | | - "CloudWatchEndpoint", |
83 | | - service=InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS, |
84 | | - ) |
85 | | - self.vpc.add_gateway_endpoint("S3", service=GatewayVpcEndpointAwsService.S3) |
86 | | - self.export_value( |
87 | | - self.vpc.select_subnets(subnet_type=SubnetType.PUBLIC).subnets[0].subnet_id |
88 | | - ) |
89 | | - self.export_value( |
90 | | - self.vpc.select_subnets(subnet_type=SubnetType.PUBLIC).subnets[1].subnet_id |
91 | | - ) |
92 | 34 |
|
93 | 35 |
|
94 | 36 | class StacFastApiGeoparquetStack(Stack): |
@@ -209,58 +151,8 @@ def __init__( |
209 | 151 | CfnOutput(self, "ApiURL", value=stage.url) |
210 | 152 |
|
211 | 153 |
|
212 | | -class StacFastApiPgstacStack(Stack): |
213 | | - def __init__( |
214 | | - self, |
215 | | - scope: Construct, |
216 | | - vpc: Vpc, |
217 | | - id: str, |
218 | | - config: Config, |
219 | | - **kwargs: Any, |
220 | | - ) -> None: |
221 | | - super().__init__( |
222 | | - scope, |
223 | | - id=id, |
224 | | - tags=config.tags, |
225 | | - **kwargs, |
226 | | - ) |
227 | | - pgstac_db = PgStacDatabase( |
228 | | - self, |
229 | | - "pgstac-db", |
230 | | - vpc=vpc, |
231 | | - engine=DatabaseInstanceEngine.postgres( |
232 | | - version=PostgresEngineVersion.VER_16 |
233 | | - ), |
234 | | - vpc_subnets=SubnetSelection(subnet_type=(SubnetType.PUBLIC)), |
235 | | - allocated_storage=config.pgstac_db_allocated_storage, |
236 | | - instance_type=InstanceType(config.pgstac_db_instance_type), |
237 | | - removal_policy=RemovalPolicy.DESTROY, |
238 | | - ) |
239 | | - # allow connections from any ipv4 to pgbouncer instance security group |
240 | | - assert pgstac_db.security_group |
241 | | - pgstac_db.security_group.add_ingress_rule(Peer.any_ipv4(), Port.tcp(5432)) |
242 | | - pgstac_api = PgStacApiLambda( |
243 | | - self, |
244 | | - "stac-api", |
245 | | - api_env={ |
246 | | - "NAME": "stac-fastapi-pgstac", |
247 | | - "description": f"{config.stage} STAC API", |
248 | | - }, |
249 | | - db=pgstac_db.connection_target, |
250 | | - db_secret=pgstac_db.pgstac_secret, |
251 | | - stac_api_domain_name=None, |
252 | | - ) |
253 | | - |
254 | | - assert pgstac_api.url |
255 | | - CfnOutput(self, "ApiURL", value=pgstac_api.url) |
256 | | - |
257 | | - |
258 | 154 | app = App() |
259 | 155 | config = Config() |
260 | | -vpc_stack = VpcStack(scope=app, config=config, id=f"vpc-{config.name}") |
261 | | -StacFastApiPgstacStack( |
262 | | - scope=app, vpc=vpc_stack.vpc, config=config, id=f"{config.name}-pgstac" |
263 | | -) |
264 | 156 | StacFastApiGeoparquetStack( |
265 | 157 | app, |
266 | 158 | config.stack_name, |
|
0 commit comments