public UnicornStoreFargateStack(Construct parent, string id, UnicornStoreDeploymentEnvStackProps settings) : base(parent, id, settings)
{
this.settings = settings;
var vpc = new Vpc(this, $"{settings.ScopeName}VPC", new VpcProps {
MaxAzs = settings.MaxAzs
});
SecMan.SecretProps databasePasswordSecretSettings =
Helpers.CreateAutoGenPasswordSecretDef($"{settings.ScopeName}DatabasePassword", passwordLength: 8);
SecMan.Secret databasePasswordSecretConstruct = databasePasswordSecretSettings.CreateSecretConstruct(this);
var dbConstructFactory = settings.CreateDbConstructFactory();
DatabaseConstructOutput dbConstructOutput =
dbConstructFactory.CreateDatabaseConstruct(this, vpc, databasePasswordSecretConstruct.SecretValue);
var ecsCluster = new Cluster(this, $"Application{settings.Infrastructure}Cluster", new ClusterProps
{
Vpc = vpc,
ClusterName = settings.EcsClusterName
}
);
ApplicationLoadBalancedFargateService ecsService = this.CreateEcsService(
ecsCluster,
Secret.FromSecretsManager(databasePasswordSecretConstruct),
dbConstructFactory,
dbConstructOutput
);
// Update RDS Security Group to allow inbound database connections from the Fargate Service Security Group
dbConstructOutput.Connections.AllowDefaultPortFrom(ecsService.Service.Connections.SecurityGroups[0]);
}
public static SecMan.Secret CreateSecretConstruct(this SecMan.SecretProps smSecretDef, Construct parent)
{
// Assuming here that it's OK if secret Construct name matches secret name
return(new SecMan.Secret(parent, smSecretDef.SecretName, smSecretDef));
}
public static Secret CreateSecret(this SecMan.SecretProps smSecretDef, Construct parent)
{
SecMan.Secret smSecret = smSecretDef.CreateSecretConstruct(parent);
return(Secret.FromSecretsManager(smSecret));
}
