Skip to content

Commit

Permalink
feat: add support for AWS X-Ray
Browse files Browse the repository at this point in the history
  • Loading branch information
TheOrangePuff committed Feb 22, 2024
1 parent 4ae8cb4 commit 98f3050
Showing 1 changed file with 24 additions and 0 deletions.
24 changes: 24 additions & 0 deletions packages/graphql-mesh-server/lib/fargate.ts
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,7 @@ export class MeshService extends Construct {
streamPrefix: props.logStreamPrefix || "graphql-server",
logGroup: this.logGroup,
});

// Create a load-balanced Fargate service and make it public
const fargateService =
new ecsPatterns.ApplicationLoadBalancedFargateService(this, `fargate`, {
Expand All @@ -252,6 +253,9 @@ export class MeshService extends Construct {
secrets: secrets,
environment: environment,
logDriver: logDriver,
taskRole: new iam.Role(this, "MeshTaskRole", {
assumedBy: new iam.ServicePrincipal("ecs-tasks.amazonaws.com"),
}),
},
publicLoadBalancer: true, // default,
taskSubnets: {
Expand All @@ -263,6 +267,26 @@ export class MeshService extends Construct {
this.service = fargateService.service;
this.loadBalancer = fargateService.loadBalancer;

// Optionally configure x-ray
const xray = this.service.taskDefinition.addContainer("xray", {
image: ecs.ContainerImage.fromRegistry("amazon/aws-xray-daemon"),
cpu: 32,
memoryReservationMiB: 256,
essential: false,
});
xray.addPortMappings({
containerPort: 2000,
protocol: ecs.Protocol.UDP,
});

this.service.taskDefinition.taskRole.addManagedPolicy({
managedPolicyArn:
"arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
});
this.service.taskDefinition.taskRole.addManagedPolicy({
managedPolicyArn: "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess",
});

const allowedIpList = new CfnIPSet(this, "allowList", {
addresses: props.allowedIps || [],
ipAddressVersion: "IPV4",
Expand Down

0 comments on commit 98f3050

Please sign in to comment.