-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathvpc-endpoints.ts
62 lines (57 loc) · 1.48 KB
/
vpc-endpoints.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
import {
GatewayVpcEndpoint,
GatewayVpcEndpointAwsService,
InterfaceVpcEndpoint,
InterfaceVpcEndpointAwsService,
IVpc,
} from 'aws-cdk-lib/aws-ec2';
import { Construct } from 'constructs';
export interface VpcEndpointsProps {
vpc: IVpc;
}
export class VpcEndpoints extends Construct {
constructor(scope: Construct, id: string, props: VpcEndpointsProps) {
super(scope, id);
const { vpc } = props;
const serviceList: { service: InterfaceVpcEndpointAwsService }[] = [
// for ECS Fargate
{
service: InterfaceVpcEndpointAwsService.ECR,
},
{
service: InterfaceVpcEndpointAwsService.ECR_DOCKER,
},
{
service: InterfaceVpcEndpointAwsService.SECRETS_MANAGER,
},
{
service: InterfaceVpcEndpointAwsService.SSM,
},
{
service: InterfaceVpcEndpointAwsService.CLOUDWATCH_LOGS,
},
// for Dify app
{
service: InterfaceVpcEndpointAwsService.BEDROCK_RUNTIME,
},
{
service: InterfaceVpcEndpointAwsService.BEDROCK_AGENT_RUNTIME,
},
// for debugging
{
service: InterfaceVpcEndpointAwsService.SSM_MESSAGES,
},
];
serviceList.forEach((item) => {
new InterfaceVpcEndpoint(this, item.service.shortName, {
vpc,
service: item.service,
});
});
// for ECS Fargate and Dify app
new GatewayVpcEndpoint(this, 'S3', {
vpc,
service: GatewayVpcEndpointAwsService.S3,
});
}
}