Skip to content

Commit

Permalink
chore: add static outbound IP for order notification lambda. (#321)
Browse files Browse the repository at this point in the history
  • Loading branch information
@rileydcampbell
rileydcampbell authored Sep 26, 2023
1 parent aadfe94 commit 43dd59d
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions bin/stacks/lambda-stack.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import * as cdk from 'aws-cdk-lib'
import { Duration } from 'aws-cdk-lib'
import * as asg from 'aws-cdk-lib/aws-applicationautoscaling'
import { Alarm, ComparisonOperator, MathExpression, Metric, TreatMissingData } from 'aws-cdk-lib/aws-cloudwatch'
import { CfnEIP, NatProvider, Vpc } from 'aws-cdk-lib/aws-ec2'
import * as aws_iam from 'aws-cdk-lib/aws-iam'
import * as aws_lambda from 'aws-cdk-lib/aws-lambda'
import { DynamoEventSource, SqsDlq } from 'aws-cdk-lib/aws-lambda-event-sources'
Expand Down Expand Up @@ -56,6 +57,32 @@ export class LambdaStack extends cdk.NestedStack {
],
})

lambdaRole.addToPolicy(
new aws_iam.PolicyStatement({
actions: ['ec2:CreateNetworkInterface', 'ec2:DescribeNetworkInterfaces', 'ec2:DeleteNetworkInterface'],
resources: ['*'],
})
)

const notificationElasticIp = new CfnEIP(this, `NotificationLambdaElasticIp`, {
domain: 'vpc',
tags: [
{
key: 'Name',
value: 'NotificationLambdaElasticIp',
},
],
})

const vpc = new Vpc(this, 'NotificationLambdaVpc', {
vpcName: 'NotificationLambdaVpc',
natGateways: 1,
natGatewayProvider: NatProvider.gateway({
eipAllocationIds: [notificationElasticIp.attrAllocationId],
}),
maxAzs: 3,
})

const databaseStack = new DynamoStack(this, `${SERVICE_NAME}DynamoStack`, {
tableCapacityConfig,
indexCapacityConfig,
Expand Down Expand Up @@ -105,6 +132,10 @@ export class LambdaStack extends cdk.NestedStack {
VERSION: '2',
NODE_OPTIONS: '--enable-source-maps',
},
vpc,
vpcSubnets: {
subnets: [...vpc.privateSubnets],
},
})

// TODO: add alarms on the size of this dead letter queue
Expand Down

0 comments on commit 43dd59d

Please sign in to comment.