internal MadStack(Construct scope, string id, Vpc vpc, string domainName, string edition, SecretStack secret, IStackProps props = null) : base(scope, id, props)
{
AD = new CfnMicrosoftAD(this, "MAD", new CfnMicrosoftADProps
{
VpcSettings = new CfnMicrosoftAD.VpcSettingsProperty
{
SubnetIds = vpc.SelectSubnets(new SubnetSelection {
SubnetType = SubnetType.PRIVATE
}).SubnetIds,
VpcId = vpc.VpcId
},
Name = domainName,
Password = secret.ClearTextSecret,
Edition = edition
});
var mad_dns_ip1 = Fn.Select(0, AD.AttrDnsIpAddresses);
var mad_dns_ip2 = Fn.Select(1, AD.AttrDnsIpAddresses);
new CfnOutput(this, "mad-dns1", new CfnOutputProps {
Value = mad_dns_ip1,
ExportName = "mad-dns1"
});
new CfnOutput(this, "mad-dns2", new CfnOutputProps {
Value = mad_dns_ip2,
ExportName = "mad-dns2"
});
}
//this class is a pretty thin useless wrapper now that I look at it...
public static ApiStack CreateApiStack(this Construct scope,
string apiName,
Cluster cluster,
Vpc vpc,
Repository ecrRepo,
string subDomain,
string hostedZoneName,
string hostedZoneId,
ICertificate sslCert,
Dictionary <string, string> containerEnvVars = null,
Dictionary <string, Secret> containerSecrets = null,
Environment env = null)
{
env ??= Constants.DefaultEnv;
containerEnvVars ??= new Dictionary <string, string>();
containerSecrets ??= new Dictionary <string, Secret>();
containerEnvVars.Add("AWS__REGION", env.Region);
var serviceName = $"{apiName.ToLowerInvariant()}-api";
return(new ApiStack(scope, $"{serviceName}-stack", new ApiProps
{
Vpc = vpc,
Env = env,
ServiceName = serviceName,
EcsCluster = cluster,
EcrRepository = ecrRepo,
ContainerEnvVars = containerEnvVars,
ContainerSecrets = containerSecrets,
SubDomain = subDomain,
HostedZoneName = hostedZoneName,
HostedZoneId = hostedZoneId,
Certificate = sslCert
}));
}
internal DotnetStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var vpc = new Vpc(this, "MyVpc", new VpcProps
{
MaxAzs = 3 // Max zones
});
var cluster = new Cluster(this, "MyCluster", new ClusterProps
{
Vpc = vpc
});
var serviceProps = new ApplicationLoadBalancedFargateServiceProps()
{
Cluster = cluster, // Required
DesiredCount = 5, // Default is 1
TaskImageOptions = new ApplicationLoadBalancedTaskImageOptions
{
Image = ContainerImage.FromRegistry("amazon/amazon-ecs-sample") // PHP Sample :-( my bad => https://hub.docker.com/r/amazon/amazon-ecs-sample
},
MemoryLimitMiB = 2048, // Default is 256
PublicLoadBalancer = true, // Default is false
};
// Create Loadbalancer fargate and make it public
new ApplicationLoadBalancedFargateService(this, "MyFargateService",
serviceProps);
}
private DatabaseConstructOutput CreateDbInstanceConstruct(Construct parent, Vpc vpc, SecretValue databasePasswordSecret)
{
var database = new DatabaseInstance(parent, $"{this.Settings.ScopeName}-Database-{this.Settings.DbEngine}",
new DatabaseInstanceProps
{
InstanceClass = this.InstanceType,
Vpc = vpc,
VpcPlacement = new SubnetSelection
{
SubnetType = this.Settings.DbSubnetType
},
DeletionProtection = this.Settings.DotNetEnvironment != "Development",
InstanceIdentifier = $"{this.Settings.ScopeName}-Database-{this.Settings.DbEngine}",
Engine = this.DbInstanceEgnine,
MasterUsername = this.Settings.DbUsername,
MasterUserPassword = databasePasswordSecret,
RemovalPolicy = RemovalPolicy.DESTROY
}
);
return(new DatabaseConstructOutput
{
EndpointAddress = database.InstanceEndpoint.Hostname,
Connections = database.Connections,
Port = database.DbInstanceEndpointPort
});
}
internal BastionStack(Construct scope, string id, Vpc vpc, string keyPairName, IStackProps props = null) : base(scope, id, props)
{
Role = new Role(this, "ec2-bastion-role", new RoleProps {
AssumedBy = new ServicePrincipal("ec2.amazonaws.com")
});
Role.AddManagedPolicy(ManagedPolicy.FromAwsManagedPolicyName("SecretsManagerReadWrite"));
Bastion = new Instance_(this, id, new InstanceProps
{
InstanceType = InstanceType.Of(InstanceClass.BURSTABLE3, InstanceSize.MICRO),
MachineImage = new WindowsImage(WindowsVersion.WINDOWS_SERVER_2019_ENGLISH_FULL_BASE),
Vpc = vpc,
UserData = UserData.Custom(Utils.GetResource("bastion_user_data.ps1")),
KeyName = keyPairName,
Role = Role,
VpcSubnets = new SubnetSelection {
SubnetType = SubnetType.PUBLIC
}
});
Bastion.Connections.AllowFromAnyIpv4(Port.Tcp(3389), "Internet access RDP");
new CfnOutput(this, "Bastion Host", new CfnOutputProps {
Value = Bastion.InstancePublicDnsName
});
}
internal Database(CdkStack stack, Vpc vpc, SecurityGroup asgSecurityGroup)
{
var dbSecurityGroup = new SecurityGroup(vpc, "DBSecurityGroup", new SecurityGroupProps
{
Vpc = vpc,
Description = "Allows database access to the specified."
});
dbSecurityGroup.AddIngressRule(asgSecurityGroup, Port.Tcp(1433), "Allow SQL Server");
var db = new DatabaseInstance(stack, $"{stack.StackName}-DatabaseCluster", new DatabaseInstanceProps
{
Vpc = vpc,
VpcPlacement = new SubnetSelection {
SubnetType = SubnetType.PRIVATE
},
SecurityGroups = new[] { dbSecurityGroup },
Engine = DatabaseInstanceEngine.SQL_SERVER_EX,
MasterUsername = "******",
AllocatedStorage = 20,
MultiAz = false,
InstanceType = InstanceType.Of(InstanceClass.BURSTABLE3, InstanceSize.SMALL),
DeletionProtection = false
});
DatabaseResource = db;
ServerAddress = db.DbInstanceEndpointAddress;
Password = db.Secret;
}
public Template(string stackName, string keyPairName, string vpcName, string vpcCidrBlock, string description) : this(stackName, description)
{
this.Parameters.Add(ParameterKeyPairName, new ParameterBase(ParameterKeyPairName, "AWS::EC2::KeyPair::KeyName", keyPairName, "Key Pair to decrypt instance password."));
Vpc vpc = new Vpc(vpcCidrBlock);
this.Resources.Add(vpcName, vpc);
}
internal NetworkStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
//UsingLevel2Constructs();
var vpc = new CfnVPC(this, Program.PREFIX + "primary-vpc", new CfnVPCProps {
CidrBlock = "10.20.0.0/16"
});
vpc.Tags.SetTag(Program.NAME, Program.PREFIX + "primary-vpc");
VpcRef = vpc.Ref;
//var vpcId = (string)this.Node.TryGetContext(Program.PREFIX + "primary-vpc");
var L1Vpc = Vpc.FromLookup(this, "VPC", new VpcLookupOptions
{
VpcName = Program.PREFIX + "primary-vpc"
});
/*var L1VPC = Vpc.FromLookup(this, VpcRef, new VpcLookupOptions{
* VpcId = VpcRef
* });*/
var privateSubnetA = new CfnSubnet(this, Program.PREFIX + "private-subnet-a", new CfnSubnetProps {
CidrBlock = "10.20.0.0/24", AvailabilityZone = this.AvailabilityZones[0], VpcId = vpc.Ref
});
privateSubnetA.Tags.SetTag(Program.NAME, Program.PREFIX + "private-subnet-a");
var privateSubnetB = new CfnSubnet(this, Program.PREFIX + "private-subnet-b", new CfnSubnetProps {
CidrBlock = "10.20.1.0/24", AvailabilityZone = this.AvailabilityZones[1], VpcId = vpc.Ref
});
privateSubnetB.Tags.SetTag(Program.NAME, Program.PREFIX + "private-subnet-b");
}
internal CommonStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
Vpc = new Vpc(this, "Vpc", new VpcProps
{
Cidr = "10.0.0.0/21",
MaxAzs = 3,
NatGateways = 0,
SubnetConfiguration = new SubnetConfiguration[]
{
new SubnetConfiguration
{
SubnetType = SubnetType.PUBLIC,
Name = "Public"
}
}
});
/*
* new InterfaceVpcEndpoint(this, "ECREndpoint", new InterfaceVpcEndpointProps
* {
* Vpc = Vpc,
* Service = InterfaceVpcEndpointAwsService.ECR_DOCKER
* });
*
* new InterfaceVpcEndpoint(this, "LogsEndpoint", new InterfaceVpcEndpointProps
* {
* Vpc = Vpc,
* Service = InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS
* });
*/
Cluster = new Cluster(this, "Cluster", new ClusterProps
{
Vpc = Vpc
});
}
public ClassicLoadBalancerStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var vpc = new Vpc(this, "VPC");
var asg = new AutoScalingGroup(this, "ASG", new AutoScalingGroupProps
{
Vpc = vpc,
InstanceType = InstanceType.Of(InstanceClass.BURSTABLE3, InstanceSize.MICRO),
MachineImage = new AmazonLinuxImage()
});
var lb = new LoadBalancer(this, "LB", new LoadBalancerProps
{
Vpc = vpc,
InternetFacing = true,
HealthCheck = new Amazon.CDK.AWS.ElasticLoadBalancing.HealthCheck
{
Port = 80
}
});
lb.AddTarget(asg);
var listener = lb.AddListener(new LoadBalancerListener {
ExternalPort = 80
});
listener.Connections.AllowDefaultPortFromAnyIpv4("Open to the world");
}
public CustomVpc(Construct scope, string id, string cidr)
: base(scope, id)
{
SubnetConfiguration privateSubnetConfig = new SubnetConfiguration
{
CidrMask = 26,
SubnetType = SubnetType.PRIVATE,
Name = "privateSubnet"
};
SubnetConfiguration publicSubnetConfig = new SubnetConfiguration
{
CidrMask = 26,
SubnetType = SubnetType.PUBLIC,
Name = "publicSubnet"
};
VpcProps props = new VpcProps
{
Cidr = cidr,
DefaultInstanceTenancy = DefaultInstanceTenancy.DEFAULT,
MaxAzs = 99,
SubnetConfiguration = new ISubnetConfiguration[] {
privateSubnetConfig,
publicSubnetConfig
},
NatGateways = 99,
EnableDnsHostnames = true,
EnableDnsSupport = true
};
var vpc = new Vpc(this, id + $"{id}-vpc", props);
this.Vpc = vpc;
}
internal SetDHCPOption(Construct scope, string id, Vpc vpc, DHCPOption dhcpOption, IStackProps props = null) : base(scope, id, props)
{
var dhcpOptionsAssociation = new CfnVPCDHCPOptionsAssociation(this, id, new CfnVPCDHCPOptionsAssociationProps {
VpcId = vpc.VpcId,
DhcpOptionsId = dhcpOption.DhcpOptions.Ref
});
}
public ApplicationLoadBalancerStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
var vpc = new Vpc(this, "VPC");
var asg = new AutoScalingGroup(this, "ASG", new AutoScalingGroupProps {
Vpc = vpc,
InstanceType = InstanceType.Of(InstanceClass.BURSTABLE3, InstanceSize.MICRO),
MachineImage = new AmazonLinuxImage()
});
var lb = new Amazon.CDK.AWS.ElasticLoadBalancingV2.ApplicationLoadBalancer(this, "LB", new ApplicationLoadBalancerProps {
Vpc = vpc,
InternetFacing = true
});
var listener = lb.AddListener("Listener", new BaseApplicationListenerProps {
Port = 80
});
listener.AddTargets("Target", new AddApplicationTargetsProps {
Port = 80,
Targets = new IApplicationLoadBalancerTarget[] { asg }
});
listener.Connections.AllowDefaultPortFromAnyIpv4("Open to the world");
asg.ScaleOnRequestCount("AModestLoad", new RequestCountScalingProps {
TargetRequestsPerSecond = 1
});
}
public TodoInfraStack(Construct parent, string id, IStackProps props) : base(parent, id, props)
{
IVpc todoVpc = new Vpc(this, Constants.VPC_NAME, new VpcProps {
Cidr = Constants.CIDR_RANGE,
MaxAzs = 4
});
# region ECS-taskdefinition-service
public VpcData(
Vpc vpc,
Subnet privateSubnet0,
Subnet privateSubnet1,
Subnet publicSubnet0,
Subnet publicSubnet1)
{
}
internal DHCPOption(Construct scope, string id, CfnMicrosoftAD directory, Vpc vpc, IStackProps props = null) : base(scope, id, props)
{
DhcpOptions = new CfnDHCPOptions(this, id, new CfnDHCPOptionsProps {
DomainName = directory.Name,
DomainNameServers = new string[] { Fn.ImportValue("mad-dns1"), Fn.ImportValue("mad-dns2") },
NtpServers = new[] { "169.254.169.123" }
});
}
public NetworkStack(Construct parent, string id) : base(parent, id)
{
this.vpc = new Vpc(this, "VPC", new VpcProps
{
NatGateways = 1,
MaxAzs = 2
});
}
public VirtualNetwork(AwsObjectRetriever awsObjectRetriever, Vpc sourceVpc)
{
_Source = sourceVpc;
foreach (Amazon.EC2.Model.Subnet amazonSubnet in awsObjectRetriever.GetSubnets(this.Id))
{
Subnet sourceSubnet = new Subnet(awsObjectRetriever, amazonSubnet);
_Subnets.Add(sourceSubnet);
}
}
private async Task DeleteVpc(Vpc vpc)
{
_context.Logger.WriteLine($"DeleteVpc: {vpc.CidrBlock} Id: {vpc.VpcId}");
var request = new DeleteVpcRequest
{
VpcId = vpc.VpcId
};
await _client.DeleteVpcAsync(request);
}
public CreateVpcModelWorkItemImpl NewCreateVpcModelWorkItem(Package pkg, Vpc vpc, bool enableDnsSupport, bool enableDnsHostnames)
{
CreateVpcModelWorkItemImpl workItem = new CreateVpcModelWorkItemImpl();
workItem.Pkg = pkg;
workItem.Vpc = vpc;
workItem.EnableDnsSupport = enableDnsSupport;
workItem.EnableDnsHostnames = enableDnsHostnames;
return(workItem);
}
public static SecurityGroup CreateHostToRDS(Constructs.Construct construct, Vpc vpc, string name, string description, SecurityGroup elbSecurityGroup)
{
var ports = new Port[]
{
new Port(Utils.Ports.GetPortProps(3306, 3306, "MySQL/Auora"))
};
var sg = CreatePeer(construct, vpc, name, description, elbSecurityGroup, ports);
return(sg);
}
internal CdkFargateStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
var vpc = new Vpc(this, "SatellytesVpc", new VpcProps
{
Cidr = "10.0.0.0/16",
MaxAzs = 1,
SubnetConfiguration = new[] {
new SubnetConfiguration()
{
Name = "Satellytes/public",
SubnetType = SubnetType.PUBLIC,
}
},
});
var cluster = new Cluster(this, "SatellytesCluster", new ClusterProps
{
Vpc = vpc,
});
var taskDefinition = new TaskDefinition(this, "SatellytesWebTask", new TaskDefinitionProps {
TaskRole = Role.FromRoleArn(this, "taskRole", "arn:aws:iam::576853867587:role/ecsTaskExecutionRole", new FromRoleArnOptions()
{
Mutable = false
}),
ExecutionRole = Role.FromRoleArn(this, "taskExecutionRole", "arn:aws:iam::576853867587:role/ecsTaskExecutionRole", new FromRoleArnOptions()
{
Mutable = false
}),
Compatibility = Compatibility.FARGATE,
Cpu = "256",
MemoryMiB = "512",
});
var inboundSecurityGrp = new SecurityGroup(this, "satellytesSecurityGrpInboundInet", new SecurityGroupProps {
Vpc = vpc
});
inboundSecurityGrp.AddIngressRule(Peer.AnyIpv4(), Port.Tcp(8080), "inbound http");
taskDefinition.AddContainer("satellytesWebImage", new ContainerDefinitionProps {
Image = ContainerImage.FromEcrRepository(Repository.FromRepositoryName(this, "repo", "satellytes-website/backend"), "1cfb651f73fcd20895fc44c06f7bb180ca0e8322"),
});
new FargateService(this, "SatellytesWebService", new FargateServiceProps {
Cluster = cluster,
TaskDefinition = taskDefinition,
VpcSubnets = new SubnetSelection {
SubnetType = SubnetType.PUBLIC
},
AssignPublicIp = true,
});
}
private Function CreateTitlesSynchrnisationLambda(Vpc vpc, IBucket lambdaBucket)
{
return(new Function(this, "dev-titles-synchronisation-lambda", new FunctionProps
{
Runtime = Runtime.DOTNET_CORE_2_1,
Handler = "S3BackupFunction::S3BackupFunction.Function::FunctionHandler",
Code = Code.FromBucket(lambdaBucket, "S3BackupFunction.zip"),
Timeout = Duration.Seconds(30),
Vpc = vpc,
}));
}
private Vpc CreateVpc()
{
var vpc = new Vpc(this, "vpc-dev-aws-sandbox", new VpcProps
{
MaxAzs = 3,
});
vpc.AddInterfaceEndpoint("ecr-docker-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.ECR_DOCKER,
});
vpc.AddInterfaceEndpoint("ecr-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.ECR,
});
vpc.AddInterfaceEndpoint("ecs-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.ECS,
});
vpc.AddInterfaceEndpoint("ecs-agent-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.ECS_AGENT,
});
vpc.AddInterfaceEndpoint("ecs-telemetry-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.ECS_TELEMETRY,
});
vpc.AddInterfaceEndpoint("sqs-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.SQS,
});
vpc.AddInterfaceEndpoint("cloudwatch-logs-endpoint", new InterfaceVpcEndpointOptions
{
Service = InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS,
});
vpc.AddGatewayEndpoint("s3-endpoint", new GatewayVpcEndpointOptions
{
Service = GatewayVpcEndpointAwsService.S3,
});
vpc.AddGatewayEndpoint("dynamo-endpoint", new GatewayVpcEndpointOptions
{
Service = GatewayVpcEndpointAwsService.DYNAMODB,
});
return(vpc);
}
internal Stack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
//setup the image
var asset = new DockerImageAsset(this, $"{Config.AppName}Image", new DockerImageAssetProps {
Directory = Path.Combine(System.Environment.CurrentDirectory, "api"),
});
//Create the Fargate service
var vpc = Vpc.FromLookup(
this, "sandbox", new VpcLookupOptions
{
VpcName = "sandbox_vpc"
}
);
var cluster = new Cluster(this, $"{Config.AppName}Cluster", new ClusterProps
{
Vpc = vpc
});
var applicationDomain = $"{Config.ApplicationSubdomain}.{Config.DomainName}";
var hostedZone = HostedZone.FromLookup(
this, "HostedZone", new HostedZoneProviderProps
{
DomainName = $"{Config.DomainName}.",
PrivateZone = false
}
);
// Create a load-balanced Fargate service and make it public
var fargateService = new ApplicationLoadBalancedFargateService(this, $"{Config.AppName}Service",
new ApplicationLoadBalancedFargateServiceProps
{
Cluster = cluster, // Required
DesiredCount = 1, // Default is 1
TaskImageOptions = new ApplicationLoadBalancedTaskImageOptions
{
Image = ContainerImage.FromDockerImageAsset(asset)
},
MemoryLimitMiB = 1024, // Default is 256
PublicLoadBalancer = true, // Default is false
DomainName = applicationDomain,
DomainZone = hostedZone,
}
);
new CfnOutput(
this, "Route53Url", new CfnOutputProps
{
Value = applicationDomain,
Description = "Nice Route53 Url"
}
);
}
public VpcSettings(Vpc vpc, params Subnet[] subnets)
{
SubnetIds = new List <object>();
VpcId = new ReferenceProperty(vpc);
foreach (var subnet in subnets)
{
this.SubnetIds.Add(new ReferenceProperty(subnet));
}
}
public DhcpOptions(object domainName, Vpc vpc, FnJoin dnsServers, FnJoin netBiosNameServers)
: base(ResourceType.DhcpOptions)
{
if (domainName != null)
{
this.DomainName = domainName;
}
this.Vpc = vpc;
this.DomainNameServers = dnsServers;
this.NetbiosNameServers = netBiosNameServers;
}
public static SecurityGroup CreatePeer(Constructs.Construct construct, Vpc vpc, string name, string description, SecurityGroup peer, Port[] ports)
{
var sg = CreateHostSG(construct, vpc, name, description);
foreach (var port in ports)
{
sg.AddIngressRule(peer, port);
}
return(sg);
}
private (Subnet Subnet, RouteTable RouteTable) AddSubnet(
string vpcResourceName,
Vpc vpc,
string type,
string availabilityZone,
int subnetNumber,
int cidrBlockSegment,
int cidrPartition)
{
var name = $"{vpcResourceName}-{type}-{subnetNumber}";
var subnet = new Subnet(
name,
new SubnetArgs
{
CidrBlock = $"10.{cidrBlockSegment}.{cidrPartition}.0/18",
AvailabilityZone = availabilityZone,
VpcId = vpc.Id,
Tags = new InputMap <string>
{
{ "Name", $"{name}" },
{ "pulumi:ResourceName", name }
}
},
new CustomResourceOptions
{
Parent = vpc
});
var routeTable = new RouteTable(
name,
new RouteTableArgs
{
VpcId = vpc.Id,
},
new CustomResourceOptions
{
Parent = subnet
});
new RouteTableAssociation(
name,
new RouteTableAssociationArgs
{
RouteTableId = routeTable.Id,
SubnetId = subnet.Id
},
new CustomResourceOptions
{
Parent = subnet
});
return(subnet, routeTable);
}
public DatabaseStack(Construct scope, string name, Vpc vpc, StackProps props = null) : base(scope, $"database-{name}", props)
{
// pricing - rds
// 750 horas de uso de instâncias db.t2.micro Single-AZ do Amazon RDS para execução de
// MySQL, MariaDB, PostgreSQL, Oracle BYOL ou SQL Server(executando SQL Server Express Edition)
//
// 20 GB de armazenamento de banco de dados de SSD
//
// 20 GB de armazenamento de backup para seus backups de banco de dados automatizados e
// quaisquer snapshots de banco de dados iniciados por usuário
//
// pricing - secret manager
// 0,40 USD por segredo por mês. No caso de segredos armazenados por menos de um mês,
// o preço é pro-rata (com base no número de horas).
// 0,05 USD por 10.000 chamadas de API.
var secret = new Secret(this, $"database-{name}-secret", new SecretProps()
{
Description = $"Database {name} password",
SecretName = $"database-{name}-secret"
});
var databaseSecret = new DatabaseSecret(this, $"database-{name}-databasesecret", new DatabaseSecretProps()
{
Username = "******",
MasterSecret = secret,
ExcludeCharacters = "{}[]()'\"/\\"
});
_databaseInstance = new DatabaseInstance(this, $"database-{name}-cluster", new DatabaseInstanceProps()
{
InstanceIdentifier = name + "-instance",
DatabaseName = name,
Credentials = Credentials.FromSecret(databaseSecret),
Engine = DatabaseInstanceEngine.Mysql(new MySqlInstanceEngineProps()
{
Version = MysqlEngineVersion.VER_8_0_21
}),
InstanceType = new InstanceType("t2.micro"),
Vpc = vpc,
VpcSubnets = new SubnetSelection()
{
SubnetType = SubnetType.ISOLATED
}
});
_databaseInstance.AddRotationSingleUser(new RotationSingleUserOptions()
{
AutomaticallyAfter = Duration.Days(7),
ExcludeCharacters = "!@#$%^&*"
});
}
