make bastion host optional and avoid rewriting all the params in app wrapper just use the config as kwargs

Author: emileten

app.py

@@ -18,30 +18,17 @@
     config = Config()
 
 vpc_stack = vpc.VpcStack(
-    tags=config.tags,
-    scope=app,
-    id=config.build_service_name("pgSTAC-vpc"),
-    nat_gateway_count=config.nat_gateway_count,
+    tags=config.tags, scope=app, id=config.build_service_name("pgSTAC-vpc"), **config
 )
 
-
 pgstac_infra_stack = pgStacInfra.pgStacInfraStack(
     scope=app,
-    tags=config.tags,
     id=config.build_service_name("pgSTAC-infra"),
     vpc=vpc_stack.vpc,
     stac_api_lambda_name=config.build_service_name("STAC API"),
     titiler_pgstac_api_lambda_name=config.build_service_name("titiler pgSTAC API"),
     tipg_api_lambda_name=config.build_service_name("tipg API"),
-    stage=config.stage,
-    db_allocated_storage=config.db_allocated_storage,
-    public_db_subnet=config.public_db_subnet,
-    db_instance_type=config.db_instance_type,
-    bastion_host_allow_ip_list=config.bastion_host_allow_ip_list,
-    bastion_host_create_elastic_ip=config.bastion_host_create_elastic_ip,
     bastion_host_user_data=yaml.dump(config.bastion_host_user_data),
-    titiler_buckets=config.titiler_buckets,
-    data_access_role_arn=config.data_access_role_arn,
-    auth_provider_jwks_url=config.auth_provider_jwks_url,
+    **config
 )
 app.synth()

config.py

@@ -54,6 +54,12 @@ class Config(BaseSettings):
         description="Number of NAT gateways to create",
         default=DEFAULT_NAT_GATEWAY_COUNT,
     )
+    bastion_host: Optional[bool] = pydantic.Field(
+        description="""Whether to create a bastion host. It can typically 
+        be used to make administrative connections to the database if 
+        `public_db_subnet` is False""",
+        default=True,
+    )
     bastion_host_create_elastic_ip: Optional[bool] = pydantic.Field(
         description="Whether to create an elastic IP for the bastion host",
         default=False,

eoapi_template/pgStacInfra.py

@@ -26,6 +26,7 @@ def __init__(
         stac_api_lambda_name: str,
         titiler_pgstac_api_lambda_name: str,
         tipg_api_lambda_name: str,
+        bastion_host: bool,
         bastion_host_allow_ip_list: list,
         bastion_host_create_elastic_ip: bool,
         titiler_buckets: list,
@@ -98,17 +99,18 @@ def __init__(
             ),
         )
 
-        BastionHost(
-            self,
-            "bastion-host",
-            vpc=vpc,
-            db=pgstac_db.db,
-            ipv4_allowlist=bastion_host_allow_ip_list,
-            user_data=aws_ec2.UserData.custom(bastion_host_user_data)
-            if bastion_host_user_data
-            else aws_ec2.UserData.for_linux(),
-            create_elastic_ip=bastion_host_create_elastic_ip,
-        )
+        if bastion_host:
+            BastionHost(
+                self,
+                "bastion-host",
+                vpc=vpc,
+                db=pgstac_db.db,
+                ipv4_allowlist=bastion_host_allow_ip_list,
+                user_data=aws_ec2.UserData.custom(bastion_host_user_data)
+                if bastion_host_user_data
+                else aws_ec2.UserData.for_linux(),
+                create_elastic_ip=bastion_host_create_elastic_ip,
+            )
 
         if data_access_role_arn:
             # importing provided role from arn.