Skip to content

Instantly share code, notes, and snippets.

@michaelfecher
Created July 25, 2020 15:37
Show Gist options
  • Save michaelfecher/58b9e78f40ea97a13ae6afae8d580177 to your computer and use it in GitHub Desktop.
Save michaelfecher/58b9e78f40ea97a13ae6afae8d580177 to your computer and use it in GitHub Desktop.
Blogpost: ECS Fargate Secret Usage, RDS part
// file: lib/rds-stack.ts
import * as cdk from "@aws-cdk/core";
import * as ec2 from "@aws-cdk/aws-ec2";
import * as rds from "@aws-cdk/aws-rds";
import { DBCredentials} from "./db-credentials-stack";
export interface RDSStackProps extends cdk.StackProps {
vpc: ec2.Vpc;
credentials: DBCredentials;
}
export class RdsStack extends cdk.Stack {
readonly postgreSQLinstance: rds.DatabaseInstance;
private vpc: ec2.Vpc;
constructor(scope: cdk.Construct, id: string, props: RDSStackProps) {
super(scope, id, props);
const username = props.credentials.username.secretValue.toString();
const password = props.credentials.password.secretValue;
const vpc = props.vpc;
this.postgreSQLinstance = new rds.DatabaseInstance(this, "Postgres", {
engine: rds.DatabaseInstanceEngine.POSTGRES,
vpc: ec2.vpc,
vpcPlacement: { subnetType: ec2.SubnetType.ISOLATED },
masterUsername: username,
masterUserPassword: password,
// the following lines need to be changed for a REAL prod version
deletionProtection: false,
deleteAutomatedBackups: true,
removalPolicy: cdk.RemovalPolicy.DESTROY,
});
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment