constructor()

in source/constructs/lib/task-cluster.ts [33:93]

• 50 lines of code
• 2 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props?: TaskClusterPros) {
    super(scope, id);

    const vpc = new ec2.Vpc(this, 'TaskVPC', {
      cidr: props?.cidr || '10.0.0.0/16',
      enableDnsHostnames: true,
      enableDnsSupport: true,
      subnetConfiguration: [
        {
          name: 'public',
          subnetType: SubnetType.PUBLIC,
          cidrMask: 24,
        }
      ],
      maxAzs: 3,
      natGateways: 0,
    })

    const vpcLogGroup = new LogGroup(this, 'VPCLogGroup', {
      retention: RetentionDays.TWO_WEEKS,
      removalPolicy: cdk.RemovalPolicy.RETAIN,
    });

    const cfnVpcLG = vpcLogGroup.node.defaultChild as CfnLogGroup
    addCfnNagSuppressRules(cfnVpcLG, [
      {
        id: 'W84',
        reason: 'log group is encrypted with the default master key'
      }
    ])


    vpc.addFlowLog('FlowLogCW', {
      destination: ec2.FlowLogDestination.toCloudWatchLogs(vpcLogGroup),
      trafficType: ec2.FlowLogTrafficType.REJECT
    })

    vpc.publicSubnets.forEach((subnet) => {
      const cfnSubnet = subnet.node.defaultChild as ec2.CfnSubnet
      addCfnNagSuppressRules(cfnSubnet, [
        {
          id: 'W33',
          reason: 'Default Setting for VPC subnets'
        }
      ])

    })

    const cluster = new ecs.Cluster(this, 'DTHTaskCluster', {
      vpc: vpc,
      containerInsights: true,
    })

    const cfnCluster = cluster.node.defaultChild as ecs.CfnCluster
    cfnCluster.overrideLogicalId('TaskCluster')

    this.clusterName = cluster.clusterName
    this.publicSubnets = vpc.publicSubnets
    this.vpc = vpc

  }