Package com.cloudforgeci.api.network
Class VpcFactory
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
com.cloudforgeci.api.core.annotation.BaseFactory
com.cloudforgeci.api.network.VpcFactory
- All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable,software.constructs.IConstruct,software.constructs.IDependable
Factory for creating VPC (Virtual Private Cloud) infrastructure.
This factory creates AWS VPCs with configurable subnet configurations and NAT gateways based on the network mode setting. It uses annotation-based context injection for clean, maintainable code.
Compliance Coverage:
- SOC2-CC6.6-VPC: Network segmentation and boundary protection
- SOC2-CC7.2-FlowLogs: Network monitoring via VPC Flow Logs
- HIPAA ยง164.312(e)(1): Technical safeguards for network transmission
- PCI-DSS Req 1.1: Network documentation and segmentation
- PCI-DSS Req 1.3: Prohibit direct public access to cardholder data environment
- GDPR Art. 32: Security of processing (network isolation)
Network Configurations:
- public-no-nat: Creates VPC with public subnets only, no NAT gateways (unless security profile requires them)
- private-with-nat: Creates VPC with public and private subnets, NAT gateways based on security profile
- Security profiles: Automatically determine NAT gateway count based on topology, runtime, and security requirements
Subnet Configuration:
- Public subnets: For resources that need direct internet access
- Private subnets: For resources that use NAT gateway for outbound access
- CIDR: /24 masks for both public and private subnets
Features:
- Centralized NAT gateway configuration via security profiles
- Automatic NAT gateway count determination based on topology, runtime, and security requirements
- Flow logs integration (when configured)
- Multi-AZ deployment (2 availability zones)
- Annotation-based context injection
Example Usage:
VpcFactory factory = new VpcFactory(scope, "JenkinsVPC");
factory.create();
// Access created VPC
Vpc vpc = ctx.vpc.get().orElseThrow();
- Since:
- 1.0.0
- Author:
- CloudForgeCI
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationModeNested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default, software.constructs.IConstruct.Jsii$Proxy -
Field Summary
Fields inherited from class com.cloudforgeci.api.core.annotation.BaseFactory
cfc, config, ctx -
Constructor Summary
Constructors -
Method Summary
Methods inherited from class com.cloudforgeci.api.core.annotation.BaseFactory
getDeploymentContext, getSecurityProfileConfiguration, getSystemContextMethods inherited from class software.constructs.Construct
getNode, isConstruct, toStringMethods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Constructor Details
-
VpcFactory
-
-
Method Details
-
create
public void create()Creates the VPC infrastructure.This method creates a VPC with appropriate subnet configuration and NAT gateways based on the network mode setting. It also integrates flow logs if they are configured in the system context.
The created VPC is stored in the SystemContext for use by other factories.
- Specified by:
createin classBaseFactory- See Also:
-