Use the security group provided in the custom resource config

[MarcioMeier]

Problem being solved

Currently the WSO2 custom resources creates a new security group when a network config is provided.

If the security groups is provided in the props, it is never added to the lambda, if it is not provided a new security group is created and added to the lambda

reference:

cdk-practical-constructs/lib/src/wso2/utils-cdk.ts

Lines 44 to 60 in 77a7f43

	// Create security group for custom resource if VPC is defined and no security group is defined
	if (args.props.customResourceConfig?.network) {
	vpc = vpcFromConfig(args.scope, args.props.customResourceConfig.network);
	if (
	!customResourceConfig?.securityGroups ||
	customResourceConfig?.securityGroups.length === 0
	) {
	// create default security group for the lambda function
	const securityGroup = new SecurityGroup(args.scope, `sg-cr-${args.scope.node.id}`, {
	vpc,
	description: `Security group for WSO2 CustomResource ${args.scope.node.id}`,
	allowAllOutbound: true,
	});
	securityGroups.push(securityGroup);
	}
	}

Proposal

Start using the security groups provided in the customResourceConfig property in WSO2 custom resources.

[erik-am]

That would be a nice enhancement, because now it creates a new security group for each Wso2 Custom Resource, which uses more ENIs