in lib/documentdb-stack.ts [13:54]
constructor(scope: cdk.Construct, id: string, props: DocumentdbStackProps) {
super(scope, id, props);
const ddbPassSecret = new Secret(this, "DocumentDB Password", {
secretName: "ddbPassword",
generateSecretString: {
excludePunctuation: true,
excludeCharacters: "/¥'%:;{}",
},
});
const parameterGroup = new ddb.ClusterParameterGroup(this, "DDB_Parameter", {
dbClusterParameterGroupName: "disabled-tls-parameter2",
parameters: {
tls: "disabled",
},
family: "docdb4.0",
});
const ddbCluster = new ddb.DatabaseCluster(this, "DDB", {
masterUser: {
username: "awsdemo",
password: SecretValue.secretsManager(ddbPassSecret.secretArn),
},
vpc: props.ddbVpc,
vpcSubnets: props.ddbVpc.selectSubnets({ subnetGroupName: "orion-private-subnet" }),
instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.XLARGE2),
instances: 2,
engineVersion: "4.0",
parameterGroup: parameterGroup,
securityGroup: props.ddbSg,
});
ddbCluster.applyRemovalPolicy(cdk.RemovalPolicy.DESTROY);
new cdk.CfnOutput(this, "Docdb-secretArn", {
value: `${ddbPassSecret.secretArn}`,
});
new cdk.CfnOutput(this, "Docdb-endpoint", {
value: `${ddbCluster.clusterEndpoint.hostname}`,
});
}