Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const protocol = ifUndefinedLazy(listener.externalProtocol, () => wellKnownProtocol(listener.externalPort));
const instancePort = listener.internalPort || listener.externalPort;
const instanceProtocol = ifUndefined(listener.internalProtocol,
ifUndefined(tryWellKnownProtocol(instancePort),
isHttpProtocol(protocol) ? LoadBalancingProtocol.Http : LoadBalancingProtocol.Tcp));
this.listeners.push({
loadBalancerPort: listener.externalPort.toString(),
protocol,
instancePort: instancePort.toString(),
instanceProtocol,
sslCertificateId: listener.sslCertificateId,
policyNames: listener.policyNames
});
const port = new ListenerPort(this.securityGroup, new TcpPort(listener.externalPort));
// Allow connections on the public port for all supplied peers (default: everyone)
ifUndefined(listener.allowConnectionsFrom, [new AnyIPv4()]).forEach(peer => {
port.connections.allowDefaultPortFrom(peer, `Default rule allow on ${listener.externalPort}`);
});
this.newInstancePort(instancePort);
// Keep track using array so user can get to them even if they were all supplied in the constructor
this.listenerPorts.push(port);
return port;
}
const targetVpc = props.vpc;
// Define a group for telling Elasticache which subnets to put cache nodes in.
const subnetGroup = new elasticache.CfnSubnetGroup(this, `${id}-subnet-group`, {
description: `List of subnets used for redis cache ${id}`,
subnetIds: targetVpc.privateSubnets.map(function(subnet) {
return subnet.subnetId;
})
});
// The security group that defines network level access to the cluster
this.securityGroup = new ec2.SecurityGroup(this, `${id}-security-group`, { vpc: targetVpc });
this.connections = new ec2.Connections({
securityGroups: [this.securityGroup],
defaultPortRange: new ec2.TcpPort(6379)
});
// The cluster resource itself.
this.cluster = new elasticache.CfnCacheCluster(this, `${id}-cluster`, {
cacheNodeType: 'cache.t2.micro',
engine: 'redis',
numCacheNodes: 1,
autoMinorVersionUpgrade: true,
cacheSubnetGroupName: subnetGroup.subnetGroupName,
vpcSecurityGroupIds: [
this.securityGroup.securityGroupId
]
});
}
}
private allowTargetConnection(instancePort: number, target: ILoadBalancerTarget) {
this.connections.allowTo(
target,
new TcpPort(instancePort),
`Port ${instancePort} LB to fleet`);
}
}