AV-1993: Add fourth bypass ip

vrk-kpa · Jun 15, 2023 · 0173856 · 0173856
1 parent 60cdd8e
commit 0173856
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/cdk/lib/load-balancer-stack.ts b/cdk/lib/load-balancer-stack.ts
@@ -27,6 +27,9 @@ export class LoadBalancerStack extends Stack {
     const allowedIp3 = StringParameter.fromStringParameterName(this, 'allowedIp3',
       `/${props.environment}/opendata/cdk/lb_allowed_ip_3`)
 
+    const allowedIp4 = StringParameter.fromStringParameterName(this, 'allowedIp4',
+      `/${props.environment}/opendata/cdk/lb_allowed_ip_4`)
+
     const secGroup = new aws_ec2.SecurityGroup(this, 'loadBalancerSecurityGroup', {
       vpc: props.vpc,
     })
@@ -37,6 +40,7 @@ export class LoadBalancerStack extends Stack {
     secGroup.addIngressRule(Peer.ipv4(allowedIp1.stringValue), Port.tcp(443))
     secGroup.addIngressRule(Peer.ipv4(allowedIp2.stringValue), Port.tcp(443))
     secGroup.addIngressRule(Peer.ipv4(allowedIp3.stringValue), Port.tcp(443))
+    secGroup.addIngressRule(Peer.ipv4(allowedIp4.stringValue), Port.tcp(443))
 
     const publicSubnetA = Fn.importValue('vpc-SubnetPublicA')
     const publicSubnetB = Fn.importValue('vpc-SubnetPublicB')