Update CDK project

Open NorthwindCdk.sln in Visual Studio.

Open NorthwindCdkStack.cs.

Please add the following changes at the end of NorthwindCdkStack constructor:

Using provided remote VM

In the code snippet below you will need to add two ingress rules, one for Windows VM and one for Linux VM.
sg.AddIngressRule(Peer.Ipv4(“XXX.XXX.XXX.XXX/32”), Port.Tcp(5432)); // Access PostgreSQL from Windows VM
sg.AddIngressRule(Peer.Ipv4(“YYY.YYY.YYY.YYY/32”), Port.Tcp(5432)); // Access PostgreSQL from Linux VM
You can find public IP addresses of these VMs by going to AWS Console -> EC2 -> Instances.
Dev box public IP Docker public IP

Using your own computer

If you are using your own computer, you have Docker running on the same computer, so you need to add only one ingress rule for your IP. Replace IP address below with your public IP address.
sg.AddIngressRule(Peer.Ipv4(“XXX.XXX.XXX.XXX/32”), Port.Tcp(5432)); // Access PostgreSQL from your computer

namespace NorthwindCdk
{
    public class NorthwindCdkStack : Stack
    {
        internal NorthwindCdkStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
        {
            .......

            // PostgreSQL setup

            // !!!!!!!!!! add 2 rules when you use provided VM, add 1 rule when you use your computer
            sg.AddIngressRule(Peer.Ipv4("XXX.XXX.XXX.XXX/32"), Port.Tcp(5432)); // PostgreSQL
            sg.AddIngressRule(Peer.Ipv4("YYY.YYY.YYY.YYY/32"), Port.Tcp(5432)); // PostgreSQL
            // !!!!!!!!!! 

            var postgreSql = new DatabaseCluster(this, "NorthwindPostgreSQL", new DatabaseClusterProps
            {
                InstanceProps = new Amazon.CDK.AWS.RDS.InstanceProps
                {
                    Vpc = vpc,
                    // t3.medium
                    InstanceType = InstanceType.Of(InstanceClass.BURSTABLE3, InstanceSize.MEDIUM),   
                    SecurityGroups = new ISecurityGroup[] { sg },
                    // you need to access database from your developer PC
                    VpcSubnets = new SubnetSelection() { SubnetType = SubnetType.PUBLIC }, 
                    ParameterGroup = ParameterGroup.FromParameterGroupName(this, "DBInstanceParameterGroup", "default.aurora-postgresql11"),
                },
                ParameterGroup = ParameterGroup.FromParameterGroupName(this, "DBClusterParameterGroup", "default.aurora-postgresql11"),
                ClusterIdentifier = "northwind-postgresql",

                // Aurora PostgreSQL 11.9
                Engine = DatabaseClusterEngine.AuroraPostgres(
                        new AuroraPostgresClusterEngineProps
                        { 
                            Version = AuroraPostgresEngineVersion.VER_11_9 
                        }),

                Credentials = Credentials.FromPassword(
                    username: "adminuser",
                    password: new SecretValue("Admin12345?")),

                Instances = 1,
                Port = 5432,

                Backup = new BackupProps
                {
                    Retention = Duration.Days(1) // minimum is 1
                },

                DefaultDatabaseName = "NorthwindTraders",
                InstanceIdentifierBase = "northwind-postgresql-instance",

                RemovalPolicy = RemovalPolicy.DESTROY // you need to be able to delete database,               
            });
        }
    }
}

The code above does the following:

Updates database security group and allows traffic from web application to PostgreSQL on port 5432:

sg.AddIngressRule(Peer.Ipv4("XXX.XXX.XXX.XXX/32"), Port.Tcp(5432)); // PostgreSQL

Add 2 rules when you use provided VM, add 1 rule when you use your computer.

Creates new Amazon Aurora PostgreSQL cluster and instance:

  • Using t3.medium instance
  • Using adminuser as administrator user name
  • Using Admin12345? as administrator password
  • Using database security group created before
  • Using VPC created before
  • Using public subnet from the VPC created before (to be able to connect to Amazon Aurora PostgreSQL from your developer PC or provided VM)

Outputs Amazon Aurora PostgreSQL cluster endpoint address once it’s created (as you need to modify connection string to connect to the database):

new CfnOutput(this, "PostgreSQLEndpointAddress", new CfnOutputProps
{
    Value = postgreSql.ClusterEndpoint.Hostname
});