From 47e178f01c52ec54fd18286716c50793af6c48cc Mon Sep 17 00:00:00 2001 From: fritz kunstler <36011164+dfkunstler@users.noreply.github.com> Date: Tue, 9 Jan 2024 17:41:48 -0500 Subject: [PATCH] Use only private subnets --- lib/rag-engines/opensearch-vector/index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rag-engines/opensearch-vector/index.ts b/lib/rag-engines/opensearch-vector/index.ts index 525a61c1d..7577c8359 100644 --- a/lib/rag-engines/opensearch-vector/index.ts +++ b/lib/rag-engines/opensearch-vector/index.ts @@ -45,7 +45,7 @@ export class OpenSearchVector extends Construct { const cfnVpcEndpoint = new oss.CfnVpcEndpoint(this, "VpcEndpoint", { name: Utils.getName(props.config, "genaichatbot-vpce"), // Make sure the subnets are not in the same availability zone. - subnetIds: props.shared.vpc.selectSubnets({onePerAz: true}).subnetIds, + subnetIds: props.shared.vpc.selectSubnets({onePerAz: true, subnetType: ec2.SubnetType.PRIVATE_ISOLATED}).subnetIds, vpcId: props.shared.vpc.vpcId, securityGroupIds: [sg.securityGroupId], });