Merge pull request #1981 from vrk-kpa/AV-1993_add_third_bypass_ip

AV-1993: Add third and fourth bypass ip
vrk-kpa · Jun 15, 2023 · 4c0cf5e · 4c0cf5e
2 parents f0f6875 + 0173856
commit 4c0cf5e
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/cdk/lib/load-balancer-stack.ts b/cdk/lib/load-balancer-stack.ts
@@ -24,6 +24,12 @@ export class LoadBalancerStack extends Stack {
     const allowedIp2 = StringParameter.fromStringParameterName(this, 'allowedIp2',
       `/${props.environment}/opendata/cdk/lb_allowed_ip_2`)
 
+    const allowedIp3 = StringParameter.fromStringParameterName(this, 'allowedIp3',
+      `/${props.environment}/opendata/cdk/lb_allowed_ip_3`)
+
+    const allowedIp4 = StringParameter.fromStringParameterName(this, 'allowedIp4',
+      `/${props.environment}/opendata/cdk/lb_allowed_ip_4`)
+
     const secGroup = new aws_ec2.SecurityGroup(this, 'loadBalancerSecurityGroup', {
       vpc: props.vpc,
     })
@@ -33,6 +39,8 @@ export class LoadBalancerStack extends Stack {
 
     secGroup.addIngressRule(Peer.ipv4(allowedIp1.stringValue), Port.tcp(443))
     secGroup.addIngressRule(Peer.ipv4(allowedIp2.stringValue), Port.tcp(443))
+    secGroup.addIngressRule(Peer.ipv4(allowedIp3.stringValue), Port.tcp(443))
+    secGroup.addIngressRule(Peer.ipv4(allowedIp4.stringValue), Port.tcp(443))
 
     const publicSubnetA = Fn.importValue('vpc-SubnetPublicA')
     const publicSubnetB = Fn.importValue('vpc-SubnetPublicB')