Created
July 25, 2020 15:37
-
-
Save michaelfecher/58b9e78f40ea97a13ae6afae8d580177 to your computer and use it in GitHub Desktop.
Blogpost: ECS Fargate Secret Usage, RDS part
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// file: lib/rds-stack.ts | |
import * as cdk from "@aws-cdk/core"; | |
import * as ec2 from "@aws-cdk/aws-ec2"; | |
import * as rds from "@aws-cdk/aws-rds"; | |
import { DBCredentials} from "./db-credentials-stack"; | |
export interface RDSStackProps extends cdk.StackProps { | |
vpc: ec2.Vpc; | |
credentials: DBCredentials; | |
} | |
export class RdsStack extends cdk.Stack { | |
readonly postgreSQLinstance: rds.DatabaseInstance; | |
private vpc: ec2.Vpc; | |
constructor(scope: cdk.Construct, id: string, props: RDSStackProps) { | |
super(scope, id, props); | |
const username = props.credentials.username.secretValue.toString(); | |
const password = props.credentials.password.secretValue; | |
const vpc = props.vpc; | |
this.postgreSQLinstance = new rds.DatabaseInstance(this, "Postgres", { | |
engine: rds.DatabaseInstanceEngine.POSTGRES, | |
vpc: ec2.vpc, | |
vpcPlacement: { subnetType: ec2.SubnetType.ISOLATED }, | |
masterUsername: username, | |
masterUserPassword: password, | |
// the following lines need to be changed for a REAL prod version | |
deletionProtection: false, | |
deleteAutomatedBackups: true, | |
removalPolicy: cdk.RemovalPolicy.DESTROY, | |
}); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment