Closed ArneOttenVW closed 4 months ago
Thanks for reporting this @ArneOttenVW , we have already the feature implemented in this PR and we are doing now the last touches to have it available for you and others: https://github.com/cdklabs/cdk-cicd-wrapper/pull/54 https://github.com/cdklabs/cdk-cicd-wrapper/pull/58
I have faced the same issue when using some other customer accounts which require that all Lambdas/CustomResources be attached to a VPC, so I totally understand the struggle there :D
If you want to get unblocked for now you can continue without the ComplianceBucket stack by disabling it as below:
const pipeline = PipelineBlueprint.builder()
.disable(GlobalResources.COMPLIANCE_BUCKET)
....
Describe the feature
I was an avid user of the previous aws-cdk-cicd-boot-sample so I wanted to test out if this might be a good way to standardize our Pipelines in the future.
When I tried to run the deploy --all command, it failed because the compliance bucket did not exist. I was not sure if I was supposed to deploy the ComplianceBucketStack beforehand, the docs don't mention it but anyway, I then wanted to deploy that so the PipelineStack would not fail anymore. Turns out service control policy denies Lambda functions without a VPC for us.
Use Case
Makes this awesome tool accessible for organizations with some strict service control policies like us.
Proposed Solution
It would be fine for my usecase to place the lambda function into the same VPC as the pipeline but I don't know if this would cause any other problems. It should certainly be optional.
Other Information
No response
Acknowledgements
Environment details (OS name and version, etc.)
Ubuntu 22.04