Skip to content

Commit 394cf4d

Browse files
rabianadeem-121rabianadeem-121
committed
added db password
1 parent 1427671 commit 394cf4d

File tree

2 files changed

+10
-16
lines changed

2 files changed

+10
-16
lines changed

.github/workflows/deploy.yml

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -33,18 +33,16 @@ jobs:
3333
sudo apt install -y terraform
3434
terraform -version
3535
36-
37-
# 3. Terraform Init & Apply (create ECR, RDS, etc.)
38-
- name: Terraform Init & Apply
36+
# 3. Terraform Init & Apply for ECR, IAM, VPC, RDS only
37+
- name: Terraform Apply Infrastructure
3938
working-directory: terraform
4039
env:
4140
TF_VAR_db_password: ${{ secrets.DB_PASSWORD }}
4241
run: |
4342
terraform init
4443
terraform fmt -check
4544
terraform validate
46-
terraform apply -auto-approve
47-
45+
terraform apply -auto-approve -target=aws_ecr_repository.api -target=aws_iam_role.lambda_role -target=aws_vpc.main -target=aws_subnet.private -target=aws_db_instance.postgres
4846
4947
# 4. Get ECR repository URL from Terraform output
5048
- name: Get ECR Repo URL
@@ -68,8 +66,8 @@ jobs:
6866
docker tag serverless-crud-api-terraform:latest $REPO_URL:latest
6967
docker push $REPO_URL:latest
7068
71-
# 8. Update Lambda to use new image (Terraform)
69+
# 8. Terraform Apply Lambda (use existing image)
7270
- name: Terraform Deploy Lambda
7371
working-directory: terraform
7472
run: |
75-
terraform apply -auto-approve
73+
terraform apply -auto-approve -target=aws_lambda_function.crud_api

terraform/security_groups.tf

Lines changed: 5 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,8 @@
1-
# Lambda Security Group
1+
# Lambda SG
22
resource "aws_security_group" "lambda_sg1" {
3-
name = "lambda-sg1"
3+
name = "lambda_sg1"
44
vpc_id = aws_vpc.main.id
55

6-
description = "SG for Lambda"
7-
86
egress {
97
from_port = 0
108
to_port = 0
@@ -13,18 +11,16 @@ resource "aws_security_group" "lambda_sg1" {
1311
}
1412
}
1513

16-
# RDS Security Group
14+
# RDS SG
1715
resource "aws_security_group" "rds_sg1" {
18-
name = "rds-sg1"
16+
name = "rds_sg1"
1917
vpc_id = aws_vpc.main.id
2018

21-
description = "SG for RDS"
22-
2319
ingress {
2420
from_port = 5432
2521
to_port = 5432
2622
protocol = "tcp"
27-
security_groups = [aws_security_group.lambda_sg1.id] # Only RDS references Lambda SG
23+
security_groups = [aws_security_group.lambda_sg1.id] # only one-way
2824
}
2925

3026
egress {

0 commit comments

Comments
 (0)