internal CreditoWebApiStack(Construct scope, string id, CustomStackProps props = null) : base(scope, id, props) { var vpc = props.Vpc; var creditoWebApiTargetGroup = new ApplicationTargetGroup(this, "CreditoWebApiTargetGroup", new ApplicationTargetGroupProps { Protocol = ApplicationProtocol.HTTP, Port = 80, Vpc = vpc, TargetType = TargetType.IP, DeregistrationDelay = Duration.Seconds(60), HealthCheck = new Amazon.CDK.AWS.ElasticLoadBalancingV2.HealthCheck { Enabled = true, Path = "/api/credito/_monitor/shallow", Protocol = Amazon.CDK.AWS.ElasticLoadBalancingV2.Protocol.HTTP, Port = "traffic-port", UnhealthyThresholdCount = 2, Interval = Duration.Seconds(60), HealthyThresholdCount = 5, Timeout = Duration.Seconds(5), HealthyHttpCodes = "200" } }); var webApiServiceSecurityGroup = SecurityGroup.FromSecurityGroupId(this, "WebApiServiceSecurityGroup", Fn.ImportValue(Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("WebApiServiceSecurityGroupId"))); var appListener = ApplicationListener.FromApplicationListenerAttributes(this, "AppListener", new ApplicationListenerAttributes { ListenerArn = Fn.ImportValue(Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("AppListenerArn")), SecurityGroup = webApiServiceSecurityGroup }); appListener.AddTargetGroups("CreditoWebApiTargetGroup", new AddApplicationTargetGroupsProps { Conditions = new ListenerCondition[] { ListenerCondition.PathPatterns(new string[] { "/api/credito*" }) }, Priority = 100, TargetGroups = new ApplicationTargetGroup[] { creditoWebApiTargetGroup } }); var creditoWebApiLogGroup = new LogGroup(this, "CreditoWebApiContainerLogGroup", new LogGroupProps { LogGroupName = $"/ecs/{Globals.GetDeployEnvironment(this).EnvName}/credito/web-api", Retention = RetentionDays.FIVE_DAYS, RemovalPolicy = RemovalPolicy.SNAPSHOT }); var creditoWebApiTaskDefinition = new FargateTaskDefinition(this, "CreditoWebApiTaskDefinition", new FargateTaskDefinitionProps { MemoryLimitMiB = 512, Cpu = 256 }); var creditoWebApiLogging = new AwsLogDriver( new AwsLogDriverProps { StreamPrefix = "ecs", LogGroup = creditoWebApiLogGroup }); var creditoWebApiContainer = creditoWebApiTaskDefinition.AddContainer("CreditoWebApiContainer", new ContainerDefinitionOptions { Image = ContainerImage.FromAsset( Directory.GetCurrentDirectory(), new AssetImageProps { File = "src/Credito.WebApi/Dockerfile" }), Logging = creditoWebApiLogging, Environment = new Dictionary <string, string>() { ["CreditoDatabase__ConnectionString"] = StringParameter.ValueFromLookup( this, $"/{Globals.GetDeployEnvironment(this).EnvName}/credito/web-api/db/connection-string"), ["CreditoDatabase__DatabaseName"] = StringParameter.ValueFromLookup( this, $"/{Globals.GetDeployEnvironment(this).EnvName}/credito/web-api/db/database-name") } }); creditoWebApiContainer.AddPortMappings( new PortMapping { ContainerPort = 80, HostPort = 80, Protocol = Amazon.CDK.AWS.ECS.Protocol.TCP }); var cluster = Cluster.FromClusterAttributes(this, "Cluster", new ClusterAttributes { ClusterName = Fn.ImportValue(Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("ClusterName")), Vpc = vpc, SecurityGroups = new SecurityGroup[] { } }); var creditoWebApiService = new FargateService(this, "CreditoWebApiService", new FargateServiceProps { Cluster = cluster, TaskDefinition = creditoWebApiTaskDefinition, DesiredCount = 1, CircuitBreaker = new DeploymentCircuitBreaker { Rollback = true }, AssignPublicIp = false, HealthCheckGracePeriod = Duration.Seconds(60), SecurityGroups = new ISecurityGroup[] { webApiServiceSecurityGroup }, VpcSubnets = new SubnetSelection { SubnetType = SubnetType.PRIVATE } }); creditoWebApiService.AttachToApplicationTargetGroup(creditoWebApiTargetGroup); }
internal InfraStack(Construct scope, string id, CustomStackProps props = null) : base(scope, id, props) { var vpc = props.Vpc; var cluster = new Cluster(this, "Cluster", new ClusterProps { Vpc = vpc, ClusterName = Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("Cluster") }); var albSecurityGroup = new SecurityGroup(this, "AlbSecurityGroup", new SecurityGroupProps { Vpc = vpc, AllowAllOutbound = true }); albSecurityGroup.AddIngressRule(Peer.AnyIpv4(), Port.Tcp(80)); var alb = new ApplicationLoadBalancer(this, "ALB", new ApplicationLoadBalancerProps { Vpc = vpc, InternetFacing = true, Http2Enabled = true, IdleTimeout = Duration.Seconds(60), IpAddressType = IpAddressType.IPV4, SecurityGroup = albSecurityGroup }); var webApiServiceSecurityGroup = new SecurityGroup(this, "WebApiServiceSecurityGroup", new SecurityGroupProps { Vpc = vpc, AllowAllOutbound = true }); webApiServiceSecurityGroup.AddIngressRule(albSecurityGroup, Port.Tcp(80)); var appListener = alb.AddListener("AppListener", new BaseApplicationListenerProps { Port = 80, Protocol = ApplicationProtocol.HTTP, DefaultAction = ListenerAction.FixedResponse(404, new FixedResponseOptions { ContentType = "text/plain", MessageBody = "This is not here..." }) }); new CfnOutput(this, "ClusterName", new CfnOutputProps { ExportName = Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("ClusterName"), Value = cluster.ClusterName }); new CfnOutput(this, "WebApiServiceSecurityGroupId", new CfnOutputProps { ExportName = Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("WebApiServiceSecurityGroupId"), Value = albSecurityGroup.SecurityGroupId }); new CfnOutput(this, "AppListenerArn", new CfnOutputProps { ExportName = Globals.GetDeployEnvironment(this).PutEnvNamePrefixWithDash("AppListenerArn"), Value = appListener.ListenerArn }); }