Skip to content

Commit

Permalink
updated deployment for existing vpc
Browse files Browse the repository at this point in the history
  • Loading branch information
@nikhilsinclair
nikhilsinclair committed Feb 19, 2025
1 parent 61e2809 commit 906f47d
Show file tree
Hide file tree
Showing 2 changed files with 47 additions and 5 deletions.
42 changes: 42 additions & 0 deletions docs/ExistingVPCDeployment.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# Existing VPC Deployment Guide

## CDK Deployment for Existing VPC

This section outlines the steps to deploy the application with a **Pre-existing VPC**. If you do not have an existing VPC, proceed to 3b: CDK Deployment in the [Deployment Guide](/docs/deploymentGuide.md).

### Prerequisites
Ensure you have access to the **aws-controltower-VPC** and the name of your **AWSControlTowerStackSet**.

### Step-by-Step Instructions

1. **Modify the VPC Stack:**
- Navigate to the `vpc-stack.ts` file located at `cdk/lib/vpc-stack.ts`.
- Replace **line 13** with your existing VPC ID:
```typescript
const existingVpcId: string = 'your-vpc-id'; //CHANGE IF DEPLOYING WITH EXISTING VPC
```
You can find your VPC ID by navigating to the **VPC dashboard** in the AWS Management Console and locating the VPC in the `Your VPCs` section.

![VPC ID Image](images/ExistingVPCId.png)

2. **Update the AWS Control Tower Stack Set:**
- Replace **line 21** with your AWS Control Tower Stack Set name:
```typescript
const AWSControlTowerStackSet = "your-stackset-name"; //CHANGE TO YOUR CONTROL TOWER STACK SET
```
You can find this name by navigating to the **CloudFormation dashboard** in AWS, under `Stacks`. Look for a stack name that starts with `StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY`.

![AWS Control Tower Stack Image](images/AWSControlTowerStack.png)

### Deployment Changes

In this deployment, the following have been modified:

- **VPC Identification:** Instead of creating a new VPC, an existing VPC is now utilized by passing its ID into the `VpcStack` configuration.
- **Private and Isolated Subnets:** Private and isolated subnet IDs and their associated route table IDs are imported using AWS Control Tower.
- **Interface Endpoints:** Multiple AWS service endpoints (SSM, Secrets Manager, RDS, Glue) are added within isolated subnets to maintain secure access with existing VPC.
- **Public Subnet and Internet Gateway:** A public subnet and an internet gateway are created, which are essential for NAT Gateway operations.
- **NAT Gateway:** A NAT gateway is created in the public subnet.
- **Private Subnet Route Tables:** For each private subnet's route table, a route to the NAT gateway is added to provide internet access to resources in private subnets

These changes ensure the application seamlessly integrates into the existing VPC.
10 changes: 5 additions & 5 deletions docs/deploymentGuide.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -282,17 +282,17 @@ In order to deploy, you will need to have access to the **aws-controltower-VPC**

![AWS Control Tower Stack Image](images/AWSControlTowerStack.png)

#### Second deployment in the Hybrid Cloud Environment:
#### Second deployment in the Environment with an Existing VPC:

The following set of instructions are only if this is the second project you are deploying in a **hybrid cloud environment**. If you do not want to do this you can skip this section.
The following set of instructions are only if this is the second project you are deploying with an **Existing VPC**. If you do not want to do this you can skip this section.

In order to deploy a second project in a hybrid cloud environment, you will need to have access to the **Public Subnet ID**.
In order to deploy a second project with a pre-existing vpc, you will need to have access to the **Public Subnet ID**.

####

### **3. Update the Public Subnet ID and CIDR Range**

To deploy a second project in a hybrid cloud environment, you need to obtain an available **Public Subnet ID** and an unused **CIDR range** within the VPC.
To deploy a second project with a pre-existing vpc, you need to obtain an available **Public Subnet ID** and an unused **CIDR range** within the VPC.

#### **Finding the Public Subnet ID**
1. **Navigate to the AWS VPC Console**:
Expand Down Expand Up @@ -338,7 +338,7 @@ By following these steps, you ensure that the new subnet does not overlap with e



You can proceed with the rest of the deployment instructions and the Vpc Stack will automatically use your existing VPC instead of creating a new one. For more detailed information about the hybrid cloud deployment you checkout the [Hybrid Cloud Deployment Guide](/docs/HybridCloudDeploymentGuide.md)
You can proceed with the rest of the deployment instructions and the Vpc Stack will automatically use your existing VPC instead of creating a new one. For more detailed information about the deployment with an Existing VPC checkout the [Existing VPC Deployment Guide](/docs/ExistingVPCDeployment.md)


### Step 3b: CDK Deployment
Expand Down

0 comments on commit 906f47d

Please sign in to comment.