Last active
July 24, 2019 09:39
-
-
Save Console32/2b850f663b65448f33f1d1188444b4dc to your computer and use it in GitHub Desktop.
medium.bastion-host.ctor.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| constructor(scope: cdk.Construct, id: string, props: BastionHostProps) { | |
| super(scope, id) | |
| const externalSshSG = this.createAllowExternSshSG(props.vpc, props.peers) | |
| this.internalSshSecurityGroup = this.createAllowInternalSshSG(props.vpc) | |
| const snsTopic = new sns.Topic(this, 'autoscaling-notifications') | |
| const externalIp = new ec2.CfnEIP(this, 'bastionhost-ip') | |
| this.publicIp = externalIp.ref | |
| this.createLambda(snsTopic, externalIp.ref) | |
| const asg = new autoscaling.AutoScalingGroup(this, 'bastion-selfheal-ASG', { | |
| vpc: props.vpc, | |
| allowAllOutbound: true, | |
| associatePublicIpAddress: false, | |
| keyName: props.keyName, | |
| notificationsTopic: snsTopic, | |
| instanceType: props.instanceType ? props.instanceType : new ec2.InstanceType('t3.micro'), | |
| machineImage: props.image, | |
| vpcSubnets: props.subnets ? props.subnets : { | |
| onePerAz: true, | |
| subnetType: ec2.SubnetType.PUBLIC | |
| } | |
| }) | |
| asg.addSecurityGroup(externalSshSG) | |
| asg.addSecurityGroup(this.internalSshSecurityGroup) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment