|
|
|
|
|
|
by BohdanPetryshyn
603 days ago
|
|
|
The diagram is available in the basti-cdk package. Probably, I have to make it more visible in the main README: https://github.com/basti-app/basti/tree/main/packages/basti-... By default, the instance is deployed to a public subnet but any ingress traffic is not allowed by the instance's security group. This is needed for the instance's ability to connect to AWS SSM service (egress only). The user can also deploy the instance to a private subnet but this would require them to manually ensure connectivity to the AWS SSM via NAT gateway, VPC endpoint or other means. |
|
|