Deploy to AWS within a VPC

Hi Circle CI community!

We have:

  • A serverless API that runs using AWS Lambda + Zappa
  • Client files that are distributed using an S3 bucket along with AWS CloudFront.

We would like to host all of our AWS infrastructure within a VPC, for security reasons. However, it is not clear how to set up a deploy process with Circle CI to connect to AWS services that are within VPCs. Is this possible?

Some ideas that may or may not be relevant:

  • Is it possible to ensure that CircleCI instances have static IPs? These could then be whitelisted on AWS.
  • Is it possible to instantiate Circle CI instances to be within AWS VPCs themselves?

Thank you in advance for the help.

You could deploy to S3 or a micro EC2 instance (outside of the VPC), and then trigger a copy from there into your VPC. I assume from that point you can add some trusted rules for the S3/EC2 artifacts.