From 62c9781146ccdc4941d1cf7338833d257af75aac Mon Sep 17 00:00:00 2001 From: Efe Karakus Date: Mon, 7 Feb 2022 15:03:07 -0800 Subject: [PATCH] docs: add vpc connector for rdws (#3253) By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the Apache 2.0 License. --- site/content/docs/concepts/services.en.md | 6 ++++- .../docs/manifest/rd-web-service.en.md | 24 +++++++++++++++++-- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/site/content/docs/concepts/services.en.md b/site/content/docs/concepts/services.en.md index dc3a9e081c9..d41000d6127 100644 --- a/site/content/docs/concepts/services.en.md +++ b/site/content/docs/concepts/services.en.md @@ -29,7 +29,11 @@ If you want your service to serve internet traffic then you have two options: security groups, an ECS service on Fargate to run your service. #### Request-Driven Web Service -An AWS App Runner service that autoscales your instances based on incoming traffic and scales down to a baseline instance when there's no traffic. This option is more cost effective for HTTP services with sudden bursts in request volumes or low request volumes. +An AWS App Runner service that autoscales your instances based on incoming traffic and scales down to a baseline instance when there's no traffic. +This option is more cost effective for HTTP services with sudden bursts in request volumes or low request volumes. + +Unlike ECS, App Runner services are not connected by default to a VPC. In order to route egress traffic through a VPC, +you can configure the [`network`](../manifest/rd-web-service.en.md#network) field in the manifest. #### Load Balanced Web Service An ECS Service running tasks on Fargate with an Application Load Balancer, a Network Load Balancer or both, as ingress. diff --git a/site/content/docs/manifest/rd-web-service.en.md b/site/content/docs/manifest/rd-web-service.en.md index b27e0eb3b08..3496e6106c6 100644 --- a/site/content/docs/manifest/rd-web-service.en.md +++ b/site/content/docs/manifest/rd-web-service.en.md @@ -5,7 +5,6 @@ List of all available properties for a `'Request-Driven Web Service'` manifest. ```yaml # Your service name will be used in naming your resources like log groups, App Runner services, etc. name: frontend - # The "architecture" of the service you're running. type: Request-Driven Web Service http: @@ -21,10 +20,13 @@ List of all available properties for a `'Request-Driven Web Service'` manifest. image: build: ./frontend/Dockerfile port: 80 - cpu: 1024 memory: 2048 + network: + vpc: + placement: 'private' + variables: LOG_LEVEL: info @@ -137,6 +139,24 @@ Amount of memory in MiB reserved for each instance of your service. See the [AWS
+`network` Map +The `network` section contains parameters for connecting the service to AWS resources in the environment's VPC. +By connecting the service to a VPC, you can use [service discovery](../developing/service-discovery.en.md) to communicate with other services +in your environment, or connect to a database in your VPC such as Amazon Aurora with [`storage init`](../commands/storage-init.en.md). + +network.`vpc` Map +Subnets in the VPC to route egress traffic from the service. + +network.vpc.`placement` String +The only valid option today is `'private'`. If you prefer the service not to be connected to a VPC, you can remove the `network` field. + +When the placement is `'private'`, the App Runner service routes egress traffic through the private subnets of the VPC. +If you use a Copilot-generated VPC, Copilot will automatically add NAT Gateways to your environment for internet connectivity. (See [pricing](https://aws.amazon.com/vpc/pricing/).) +Alternatively, when running `copilot env init`, you can import an existing VPC with NAT Gateways, or one with VPC endpoints +for isolated workloads. See our [custom environment resources](../developing/custom-environment-resources.en.md) page for more. + +
+ `command` String Optional. Override the default command in the image.