-
-
Save nrashok/e8b8e42f9b5bd53cc8e2746ef1a6ab00 to your computer and use it in GitHub Desktop.
Revisions
-
sebsto revised this gist
Aug 27, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -63,7 +63,7 @@ export class CodeStack extends cdk.Stack { const role = new Role(this, 'NewsBlogRole', { assumedBy: new ServicePrincipal('ec2.amazonaws.com') }); // arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore role.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore')); -
Aug 26, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -64,7 +64,7 @@ export class CodeStack extends cdk.Stack { assumedBy: new ServicePrincipal('ec2.amazonaws.com') }); // arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM role.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName('AmazonSSMManagedInstanceCore')); // define a user data script to install & launch our web server -
Aug 22, 2019 . 1 changed file with 51 additions and 21 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,16 +1,56 @@ import ec2 = require('@aws-cdk/aws-ec2'); import cdk = require('@aws-cdk/core'); import { Fn, Tag, Resource } from '@aws-cdk/core'; import { AmazonLinuxImage, UserData, InstanceType } from '@aws-cdk/aws-ec2'; import { Role, ServicePrincipal, ManagedPolicy, CfnInstanceProfile } from '@aws-cdk/aws-iam' /** * Create my own Ec2 resource and Ec2 props as these are not yet defined in CDK * These classes abstract low level details from CloudFormation */ class Ec2InstanceProps { readonly image : ec2.IMachineImage; readonly instanceType : ec2.InstanceType; readonly userData : UserData; readonly subnet : ec2.ISubnet; readonly role : Role; } class Ec2 extends Resource { constructor(scope: cdk.Construct, id: string, props? : Ec2InstanceProps) { super(scope, id); if (props) { //create a profile to attch the role to the instance const profile = new CfnInstanceProfile(this, `${id}Profile`, { roles: [ props.role.roleName ] }); // create the instance const instance = new ec2.CfnInstance(this, id, { imageId: props.image.getImage(this).imageId, instanceType: props.instanceType.toString(), networkInterfaces: [ { deviceIndex: "0", subnetId: props.subnet.subnetId } ] ,userData: Fn.base64(props.userData.render()) ,iamInstanceProfile: profile.ref }); // tag the instance Tag.add(instance, 'Name', `${CodeStack.name}/${id}`); } } } export class CodeStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); // create VPC w/ public and private subnets in 1 AZ // this also creates a NAT Gateway // I am using 1 AZ because it's a demo. In real life always use >=2 @@ -25,9 +65,7 @@ export class CodeStack extends cdk.Stack { }); // arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM role.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonEC2RoleforSSM')); // define a user data script to install & launch our web server const ssmaUserData = UserData.forLinux(); @@ -37,21 +75,13 @@ export class CodeStack extends cdk.Stack { // install and start Nginx ssmaUserData.addCommands('yum install -y nginx', 'chkconfig nginx on', 'service nginx start'); // launch an EC2 instance in the private subnet const instance = new Ec2(this, 'NewsBlogInstance', { image: new AmazonLinuxImage(), instanceType : ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.MICRO), subnet : privateSubnet0, role: role, userData : ssmaUserData }) } } -
Aug 22, 2019 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -31,8 +31,13 @@ export class CodeStack extends cdk.Stack { // define a user data script to install & launch our web server const ssmaUserData = UserData.forLinux(); // make sure the latest SSM Agent is installed. const SSM_AGENT_RPM='https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm'; ssmaUserData.addCommands(`sudo yum install -y ${SSM_AGENT_RPM}`, 'restart amazon-ssm-agent'); // install and start Nginx ssmaUserData.addCommands('yum install -y nginx', 'chkconfig nginx on', 'service nginx start'); // launch an EC2 instance in the private subnet // there is no CDK native construct for EC2 instance yet, so I am using a CFN construct const instance = new ec2.CfnInstance(this, 'NewsBlogInstance', { -
Aug 20, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,52 @@ import ec2 = require('@aws-cdk/aws-ec2'); import cdk = require('@aws-cdk/core'); import { Fn, Tag } from '@aws-cdk/core'; import { AmazonLinuxImage, UserData, InstanceType } from '@aws-cdk/aws-ec2'; import { Role, ServicePrincipal, ManagedPolicy, CfnInstanceProfile } from '@aws-cdk/aws-iam' export class CodeStack extends cdk.Stack { constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { super(scope, id, props); const NAME_TAG = 'NewsBlog'; // create VPC w/ public and private subnets in 1 AZ // this also creates a NAT Gateway // I am using 1 AZ because it's a demo. In real life always use >=2 const vpc = new ec2.Vpc(this, 'NewsBlogVPC', { maxAzs : 1 }); const privateSubnet0 = vpc.privateSubnets[0]; // define the IAM role that will allow the EC2 instance to communicate with SSM const role = new Role(this, 'NewsBlogRole', { assumedBy: new ServicePrincipal('ec2.amazonaws.com') }); // arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM role.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonEC2RoleforSSM')); const profile = new CfnInstanceProfile(this, 'NewsBlogProfile', { roles: [ role.roleName ] }); // define a user data script to install & launch our web server const ssmaUserData = UserData.forLinux(); ssmaUserData.addCommands('yum install -y nginx', 'chkconfig nginx on', 'service nginx start'); // launch an EC2 instance in the private subnet // there is no CDK native construct for EC2 instance yet, so I am using a CFN construct const instance = new ec2.CfnInstance(this, 'NewsBlogInstance', { imageId: new AmazonLinuxImage().getImage(this).imageId, instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.MICRO).toString(), networkInterfaces: [ { deviceIndex: "0", subnetId: privateSubnet0.subnetId } ] ,userData: Fn.base64(ssmaUserData.render()) ,iamInstanceProfile: profile.ref }); Tag.add(instance, 'Name', `${CodeStack.name}/${NAME_TAG}`); } }