phobologic
commented
6 years ago Oh, also, there's an issue with the tests that needs to be resolved.
Closed danielkza closed 6 years ago
phobologic
commented
6 years ago Oh, also, there's an issue with the tests that needs to be resolved.
danielkza
commented
6 years ago Updated with a new approach to handle the security groups: complete groups can now be defined and assigned through the SecurityGroups variable, and pre-existing groups can be added with the ExtraSecurityGroups var. It's not as easy as just passing the CIDRs, but it's much more flexible and easier than using a separate stack.
I also added a test to check if the blueprint works correctly. I also deployed it to my AWS account and it seemed to work fine.
Unfortunately this will be broken until a new stacker release is cut (with the TroposphereType changes). I'm fine with waiting or updating the requirement temporarily, either works.
russellballestrini
commented
6 years ago @danielkza we have had a new stacker release since your last comment. Would you have a chance to pick this PR back up?
CC: @aarcro
danielkza
commented
6 years ago @russellballestrini @aarcro Rebased to the latest master, and updated with some improvements :+1:
russellballestrini
commented
6 years ago @danielkza thanks!
Add an Elastic File System blueprint.
It creates FileSystem instances and its associated MountTargets in a specified list of Subnets, which makes things quite a bit easier than creating them individually.
While it is uncommon, EFS allows specifying the IP addreses of its internal instances manually, so we allow that too.
Since EFSs are commonly accessed from many different machines, a convenience AllowedCIDRs variable is provided, that makes it easy to add inbound rules to the newly-created security group for the FS.