in JavaSpringMigration/cdk/src/main/java/com/ilmlf/product/db/DbStack.java [95:194]
public DbStack(final Construct scope, final String id, final DbStackProps props) {
super(scope, id, props);
this.dbUsername = props.getDbUsername();
this.dbPort = props.getDbPort();
this.dbName = props.getDbName();
/**
* #################
* Network resources
* #################
*
* Create a VPC (Virtual Private Cloud), used for network partitioning.
*
* The VPC contains multiple "Subnets" that could be either Internet-public or private.
* Each Subnet is placed in different AZ (Availability Zones). Each AZ is in a different location
* within the region. In production, you should place your database and its replica in multiple AZ
* in case of failover. By default this stack deploys a database instance and its replica to different AZs.
*/
// The `Vpc` construct creates subnets for you automatically
// See https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ec2-readme.html#vpc for details
this.vpc = new Vpc(this, "provman-Vpc");
// Security group acts as a virtual firewall to control inbound and outbound traffic
this.securityGroup =
new SecurityGroup(
this,
"FarmerDeliverySG",
SecurityGroupProps.builder()
.vpc(vpc)
.description("SG for Provman database")
.allowAllOutbound(true)
.build());
/**
* #################
* ### DB Instance #
* #################
* Creates a MYSQL RDS instance.
*
* This construct also creates a secret store in AWS Secrets Manager. You can retrieve
* reference to the secret store by calling farmerDB.getSecret()
*
* The secret store contains the admin username, password and other DB information for connecting to the DB
*
* For production, consider using `DatabaseCluster` to create multiple instances in different AZs.
* This costs more but you will have higher availability.
*
* See https://docs.aws.amazon.com/cdk/api/latest/docs/aws-rds-readme.html for details.
*/
List<ISubnet> subnets;
if (props.isPublicSubnetDb) {
subnets = vpc.getPublicSubnets();
} else {
subnets = vpc.getPrivateSubnets();
}
DatabaseInstance farmerDb =
new DatabaseInstance(
this,
dbName,
DatabaseInstanceProps.builder()
.vpc(vpc)
// Using MySQL engine
.engine(
DatabaseInstanceEngine.mysql(
MySqlInstanceEngineProps.builder()
.version(MysqlEngineVersion.VER_5_7_31)
.build()))
.instanceType(InstanceType.of(InstanceClass.BURSTABLE2, InstanceSize.SMALL))
.vpcSubnets(SubnetSelection.builder().subnets(subnets).build())
.securityGroups(List.of(this.securityGroup))
.storageEncrypted(true)
.multiAz(true)
.autoMinorVersionUpgrade(true)
.allocatedStorage(25)
.publiclyAccessible(true)
.storageType(StorageType.GP2)
.backupRetention(Duration.days(7))
.deletionProtection(false)
// Create an admin credential for connecting to database. This credential will
// be stored in a Secret Manager store.
.credentials(Credentials.fromGeneratedSecret(props.dbUsername))
.databaseName(this.dbName)
.port(this.dbPort)
.build());
FlywayRunner schemaChangesRunner = new FlywayRunner(this, "DBMigrationRunner", FlywayRunnerProps.builder()
.migrationScriptsFolderAbsolutePath(System.getProperty("user.dir") + "/src/main/databaseMigrationFiles")
.databaseName(this.dbName)
.databaseInstance(farmerDb)
.build());
schemaChangesRunner.getNode().addDependency(farmerDb);
this.instanceEndpoint = farmerDb.getDbInstanceEndpointAddress() + ":" + farmerDb.getDbInstanceEndpointPort();
this.adminSecret = farmerDb.getSecret();
}