Skip to content

Instantly share code, notes, and snippets.

@quixoticmonk

quixoticmonk/sls_cluster_cdk.py

Created April 12, 2021 15:55
Show Gist options
  • Save quixoticmonk/a88f7a2d258ea0124fcc2eb87cd5a6a3 to your computer and use it in GitHub Desktop.
Save quixoticmonk/a88f7a2d258ea0124fcc2eb87cd5a6a3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
sls_cluster_cdk.py
from aws_cdk import (
core as cdk,
aws_rds as rds,
aws_ec2 as ec2,
aws_secretsmanager as secretsmanager
)
class IngressStack(cdk.Stack):
def __init__(self, scope: cdk.Construct, construct_id: str, vpcid: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
_vpc = ec2.Vpc.from_lookup(
self,
"vpc",
vpc_id=vpcid
)
_db_secret = rds.DatabaseSecret(
self,
"dbsecret",
username="admin",
secret_name="dbsecret"
)
_db_secret.add_rotation_schedule(
"dbsecretrotationschedule",
automatically_after=cdk.Duration.days(30),
hosted_rotation=secretsmanager.HostedRotation.mysql_single_user()
)
_cluster_sg = ec2.SecurityGroup(
self,
id="sg",
vpc=_vpc,
security_group_name="cluster-sg"
)
_cluster_sg.add_ingress_rule(
peer=ec2.Peer.ipv4('10.0.0.0/8'),
connection=ec2.Port.tcp(3306),
description="Alow DB access"
)
rds.ServerlessCluster(
self,
"cluster",
engine=rds.DatabaseClusterEngine.aurora(
version=rds.AuroraEngineVersion.VER_10_A
),
vpc=_vpc,
cluster_identifier="cluster1",
default_database_name="db1",
enable_data_api=False,
scaling=rds.ServerlessScalingOptions(
auto_pause=cdk.Duration.minutes(10),
min_capacity=rds.AuroraCapacityUnit.ACU_2,
max_capacity=rds.AuroraCapacityUnit.ACU_8
),
credentials=rds.Credentials.from_secret(_db_secret),
security_groups=[_cluster_sg]
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment