fix: reduce build time by importing security group (#31)

techfromsage · Dec 10, 2021 · e6e0acc · e6e0acc
1 parent 8af44e0
commit e6e0acc
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 0 deletions.
diff --git a/examples/simple-authenticated-api/lib/simple-authenticated-api-stack.ts b/examples/simple-authenticated-api/lib/simple-authenticated-api-stack.ts
@@ -30,6 +30,21 @@ export class SimpleAuthenticatedApiStack extends cdk.Stack {
       vpcId: "vpc-0155db5e1ab5c28b6",
     });
 
+    // Setting a security group is an option. This is an example of importing and using a
+    // pre existing security group. This one is defined in terraform.
+    // An ulterior motive for importing this security group is that without specifying
+    // one, the default group created will add significant time to deploy and destroy
+    // steps in the build. This is not a problem IRL where the group will only be created
+    // once instead of being created and destroyed on every build.
+    const lambdaSecurityGroup = ec2.SecurityGroup.fromSecurityGroupId(
+      this,
+      "talis-cdk-constructs-build",
+      "sg-091ff6e1188944bb5",
+      {
+        mutable: false,
+      }
+    );
+
     /* const api = */ new AuthenticatedApi(this, "simple-authenticated-api", {
       prefix,
       name: "simple-authenticated-api",
@@ -38,6 +53,7 @@ export class SimpleAuthenticatedApiStack extends cdk.Stack {
       alarmTopic,
       vpc,
       vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_WITH_NAT },
+      securityGroup: lambdaSecurityGroup,
 
       persona: {
         host: "staging-users.talis.com",

diff --git a/examples/simple-lambda-worker/lib/simple-lambda-worker-stack.ts b/examples/simple-lambda-worker/lib/simple-lambda-worker-stack.ts
@@ -41,6 +41,21 @@ export class SimpleLambdaWorkerStack extends cdk.Stack {
       vpcId: "vpc-0155db5e1ab5c28b6",
     });
 
+    // Setting a security group is an option. This is an example of importing and using a
+    // pre existing security group. This one is defined in terraform.
+    // An ulterior motive for importing this security group is that without specifying
+    // one, the default group created will add significant time to deploy and destroy
+    // steps in the build. This is not a problem IRL where the group will only be created
+    // once instead of being created and destroyed on every build.
+    const lambdaSecurityGroup = ec2.SecurityGroup.fromSecurityGroupId(
+      this,
+      "talis-cdk-constructs-build",
+      "sg-091ff6e1188944bb5",
+      {
+        mutable: false,
+      }
+    );
+
     // In this example, and to aid integration tests, after successfully processing
     // a message the lambda worker will send a new messages to an SQS queue.
     // This is a common thing for the worker to do - passing to the next
@@ -64,6 +79,7 @@ export class SimpleLambdaWorkerStack extends cdk.Stack {
           entry: "src/lambda/simple-worker.js",
           handler: "simpleLambdaWorker",
           memorySize: 1024,
+          securityGroup: lambdaSecurityGroup,
           timeout: cdk.Duration.seconds(30),
           vpc: vpc,
           vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE_WITH_NAT },