Skip to content

Commit

Permalink
ci: add security groups for database access
Browse files Browse the repository at this point in the history
  • Loading branch information
@montoyaobeso
montoyaobeso committed Jun 4, 2024
1 parent 16aae18 commit fab3fa7
Showing 1 changed file with 10 additions and 8 deletions.
18 changes: 10 additions & 8 deletions template.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,6 @@ Parameters:
SecretName:
Description: "Enail sender servide secret name."
Type: "String"
VpcConfig:
SecurityGroupIds:
- sg-0a38ddf1ec1cf8ba6
SubnetIds:
- subnet-073eb3490728cadab
- subnet-074f00c540bfc2f19
- subnet-05975dbcc28bc6ffb
- subnet-0d4ee08a8b2e795c9

Globals:
Function:
Expand All @@ -52,10 +44,20 @@ Resources:
Properties:
ApiId: !Ref Api
Policies:
Policies:
- AWSLambdaVPCAccessExecutionRole: {}
- AWSSecretsManagerGetSecretValuePolicy:
SecretArn: !Sub 'arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:${SecretName}*'
- S3FullAccessPolicy:
BucketName: !Ref BucketName
VpcConfig:
SecurityGroupIds:
- sg-0a38ddf1ec1cf8ba6
SubnetIds:
- subnet-073eb3490728cadab
- subnet-074f00c540bfc2f19
- subnet-05975dbcc28bc6ffb
- subnet-0d4ee08a8b2e795c9

Api:
Name: !Sub "${Project}-${Stage}-http-api"
Expand Down

0 comments on commit fab3fa7

Please sign in to comment.