constructor()

in infrastructure/lib/networking-stack.ts [16:51]

• 26 lines of code
• 2 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props: NetworkStackProps) {
    super(scope, id, props);
      // ********************************
      // VPC configuration
      // ********************************
      this.vpc = new ec2.Vpc(this, "OrthancVpc", {
        maxAzs: 2, // Default is all AZs in region
      });

      if(props.enable_vpc_flow_logs) {
        const cwLogs = new logs.LogGroup(this, 'Log', {
          logGroupName: '/aws/vpc/flowlogs',
        });  
        this.vpc.addFlowLog("OrthancVPCFlowLogs",{
          destination: ec2.FlowLogDestination.toCloudWatchLogs(cwLogs),
          trafficType: ec2.FlowLogTrafficType.ALL
        });
      }
      // ********************************
      // Security Group configuration
      // ********************************
      this.loadBalancerSecurityGroup = new SecurityGroup(this, 'Orthanc-ALB-SecurityGroup', { vpc: this.vpc });
      this.loadBalancerSecurityGroup.addIngressRule(Peer.ipv4('0.0.0.0/0'), Port.tcp(80));

      this.ecsSecurityGroup = new SecurityGroup(this, 'Orthanc-ECS-SecurityGroup', { vpc: this.vpc, allowAllOutbound: true });
      this.ecsSecurityGroup.addIngressRule(this.loadBalancerSecurityGroup, Port.tcp(80));
      this.ecsSecurityGroup.addIngressRule(this.loadBalancerSecurityGroup, Port.tcp(4242));
      this.ecsSecurityGroup.addIngressRule(this.loadBalancerSecurityGroup, Port.tcp(8042));
      this.ecsSecurityGroup.addIngressRule(this.ecsSecurityGroup, Port.allTraffic());

      this.dbClusterSecurityGroup = new SecurityGroup(this, 'Orthanc-DBCluster-SecurityGroup', { vpc: this.vpc });
      this.dbClusterSecurityGroup.addIngressRule(this.ecsSecurityGroup, Port.tcp(5432));

      this.efsSecurityGroup = new SecurityGroup(this, 'Orthanc-EFS-SecurityGroup', { vpc: this.vpc });
      this.efsSecurityGroup.addIngressRule(this.ecsSecurityGroup, Port.tcp(2049));
  };