Closed danielkza closed 6 years ago
Oh, also, there's an issue with the tests that needs to be resolved.
Updated with a new approach to handle the security groups: complete groups can now be defined and assigned through the SecurityGroups
variable, and pre-existing groups can be added with the ExtraSecurityGroups
var. It's not as easy as just passing the CIDRs, but it's much more flexible and easier than using a separate stack.
I also added a test to check if the blueprint works correctly. I also deployed it to my AWS account and it seemed to work fine.
Unfortunately this will be broken until a new stacker release is cut (with the TroposphereType
changes). I'm fine with waiting or updating the requirement temporarily, either works.
@danielkza we have had a new stacker release since your last comment. Would you have a chance to pick this PR back up?
CC: @aarcro
@russellballestrini @aarcro Rebased to the latest master, and updated with some improvements :+1:
@danielkza thanks!
Add an Elastic File System blueprint.
It creates FileSystem instances and its associated MountTargets in a specified list of Subnets, which makes things quite a bit easier than creating them individually.
While it is uncommon, EFS allows specifying the IP addreses of its internal instances manually, so we allow that too.
Since EFSs are commonly accessed from many different machines, a convenience AllowedCIDRs variable is provided, that makes it easy to add inbound rules to the newly-created security group for the FS.