feat: add codepipeline name prop

update security group to vpc cidr so lambda can access
aligent · May 3, 2024 · 0c75c5e · 0c75c5e
1 parent 3418070
commit 0c75c5e
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 4 deletions.
diff --git a/packages/graphql-mesh-server/lib/graphql-mesh-server.ts b/packages/graphql-mesh-server/lib/graphql-mesh-server.ts
@@ -171,6 +171,13 @@ export type MeshHostingProps = {
    * @default true
    */
   maintenanceAuthKey?: string;
+
+  /**
+   * Whether a DynamoDB table should be created to store session data
+   *
+   * @default authentication-table
+   */
+  authenticationTable?: string;
 };
 
 export class MeshHosting extends Construct {

diff --git a/packages/graphql-mesh-server/lib/maintenance.ts b/packages/graphql-mesh-server/lib/maintenance.ts
@@ -1,6 +1,6 @@
 import { Duration, RemovalPolicy } from "aws-cdk-lib";
 import * as apigateway from "aws-cdk-lib/aws-apigateway";
-import { IVpc, SecurityGroup } from "aws-cdk-lib/aws-ec2";
+import { IVpc, Peer, Port, SecurityGroup } from "aws-cdk-lib/aws-ec2";
 import * as lambda from "aws-cdk-lib/aws-lambda";
 import { NodejsFunction } from "aws-cdk-lib/aws-lambda-nodejs";
 import { Construct } from "constructs";
@@ -72,8 +72,10 @@ export class Maintenance extends Construct {
       resources: [efsVolume.fileSystemArn, accessPoint.accessPointArn],
     });
 
-    efsVolume.connections.allowDefaultPortFrom(
-      props.fargateService.connections
+    efsVolumeSecGroup.addIngressRule(
+      Peer.ipv4(props.vpc.vpcCidrBlock),
+      Port.tcp(2049),
+      "File access"
     );
 
     efsVolume.grantReadWrite(props.fargateService.taskDefinition.taskRole);

diff --git a/packages/graphql-mesh-server/lib/pipeline.ts b/packages/graphql-mesh-server/lib/pipeline.ts
@@ -48,6 +48,13 @@ export interface CodePipelineServiceProps {
    * CloudFront distribution ID to clear cache on.
    */
   cloudFrontDistributionId?: string;
+
+  /**
+   * Deployment pipeline name
+   *
+   * @default AWS CloudFormation generates an ID and uses that for the pipeline name
+   */
+  pipelineName?: string;
 }
 
 export class CodePipelineService extends Construct {
@@ -56,7 +63,10 @@ export class CodePipelineService extends Construct {
   constructor(scope: Construct, id: string, props: CodePipelineServiceProps) {
     super(scope, id);
 
-    this.pipeline = new Pipeline(this, "deploy-pipeline");
+    this.pipeline = new Pipeline(this, "deploy-pipeline", {
+      pipelineName:
+        props.pipelineName !== undefined ? props.pipelineName : undefined,
+    });
 
     const sourceOutput = new Artifact();
     const sourceAction = new pipe_actions.EcrSourceAction({