How to use @aws-cdk/aws-ec2 - 10 common examples
To help you get started, we’ve selected a few @aws-cdk/aws-ec2 examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
customink / activerecord-aurora-serverless-adapter / test / aurora-serverless / lib / aurora-serverless-stack.ts View on Github 
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
// VPC
const vpc = new Vpc(this, "Vpc", {
cidr: "10.0.0.0/16",
natGateways: 0,
subnetConfiguration: [
{ name: "aasa_isolated", subnetType: SubnetType.ISOLATED }
]
});
const subnetIds: string[] = [];
vpc.isolatedSubnets.forEach(subnet => {
subnetIds.push(subnet.subnetId);
});
// SUBNET GROUP
const dbSubnetGroup: CfnDBSubnetGroup = new CfnDBSubnetGroup(
this,
"AuroraSubnetGroup",constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
// VPC
const vpc = new Vpc(this, "Vpc", {
cidr: "10.0.0.0/16",
natGateways: 0,
subnetConfiguration: [
{ name: "aasa_isolated", subnetType: SubnetType.ISOLATED }
]
});
const subnetIds: string[] = [];
vpc.isolatedSubnets.forEach(subnet => {
subnetIds.push(subnet.subnetId);
});
// SUBNET GROUP
const dbSubnetGroup: CfnDBSubnetGroup = new CfnDBSubnetGroup(
this,
"AuroraSubnetGroup",
{
dbSubnetGroupDescription: "Subnet group to AASA Aurora",
dbSubnetGroupName: "aasa-subnet-group",
subnetIdsconstructor(scope, id, props) {
super(scope, id, props);
// Load config file
var config = yaml.safeLoad(fs.readFileSync('./s3_bucket_files/cdk_app.yaml', 'utf8'));
if (config['s3_bucket'] == 'MYCOMPANY-cloudmapper') {
console.log("You must configure the CDK app by editing ./s3_bucket_files/cdk_app.yaml");
process.exit(1);
}
// Create VPC to run everything in. We make this public just because we don't
// want to spend $30/mo on a NAT gateway.
const vpc = new ec2.Vpc(this, 'CloudMapperVpc', {
maxAzs: 1,
natGateways: 0,
subnetConfiguration: [
{
name: 'Public',
subnetType: ec2.SubnetType.PUBLIC
}
]
});
// Define the ECS task
const cluster = new ecs.Cluster(this, 'Cluster', { vpc });
const taskDefinition = new ecs.FargateTaskDefinition(this, 'taskDefinition', {});
taskDefinition.addContainer('cloudmapper-container', {var config = yaml.safeLoad(fs.readFileSync('./s3_bucket_files/cdk_app.yaml', 'utf8'));
if (config['s3_bucket'] == 'MYCOMPANY-cloudmapper') {
console.log("You must configure the CDK app by editing ./s3_bucket_files/cdk_app.yaml");
process.exit(1);
}
// Create VPC to run everything in. We make this public just because we don't
// want to spend $30/mo on a NAT gateway.
const vpc = new ec2.Vpc(this, 'CloudMapperVpc', {
maxAzs: 1,
natGateways: 0,
subnetConfiguration: [
{
name: 'Public',
subnetType: ec2.SubnetType.PUBLIC
}
]
});
// Define the ECS task
const cluster = new ecs.Cluster(this, 'Cluster', { vpc });
const taskDefinition = new ecs.FargateTaskDefinition(this, 'taskDefinition', {});
taskDefinition.addContainer('cloudmapper-container', {
image: ecs.ContainerImage.fromAsset('./resources'),
memoryLimitMiB: 512,
cpu: 256,
environment: {
S3_BUCKET: config['s3_bucket'],
MINIMUM_ALERT_SEVERITY: config['minimum_alert_severity']]
}),
}
});
if (this.props.outputDataConfig.encryptionKey) {
this.props.outputDataConfig.encryptionKey.grantEncrypt(this._role);
}
if (this.props.resourceConfig && this.props.resourceConfig.volumeEncryptionKey) {
this.props.resourceConfig.volumeEncryptionKey.grant(this._role, 'kms:CreateGrant');
}
// create a security group if not defined
if (this.vpc && this.securityGroup === undefined) {
this.securityGroup = new ec2.SecurityGroup(task, 'TrainJobSecurityGroup', {
vpc: this.vpc
});
this.connections.addSecurityGroup(this.securityGroup);
this.securityGroups.push(this.securityGroup);
}
return {
resourceArn: getResourceArn("sagemaker", "createTrainingJob", this.integrationPattern),
parameters: this.renderParameters(),
policyStatements: this.makePolicyStatements(task),
};
}constructor(parent: cdk.App, name: string, props: TriviaBackendStackProps) {
super(parent, name, props);
// Network infrastructure
const vpc = new Vpc(this, 'VPC', { maxAzs: 2 });
const serviceSG = new SecurityGroup(this, 'ServiceSecurityGroup', { vpc });
// Lookup pre-existing TLS certificate
const certificateArn = StringParameter.fromStringParameterAttributes(this, 'CertArnParameter', {
parameterName: 'CertificateArn-' + props.domainName
}).stringValue;
// Load balancer
const loadBalancer = new ApplicationLoadBalancer(this, 'ServiceLB', {
vpc,
internetFacing: true
});
serviceSG.connections.allowFrom(loadBalancer, Port.tcp(80));
const domainZone = HostedZone.fromLookup(this, 'Zone', { domainName: props.domainZone });
new ARecord(this, "DNS", {
zone: domainZone,constructor(scope: cdk.Construct, id: string, props: LoadBalancerProps) {
super(scope, id);
this.securityGroup = new SecurityGroup(this, 'SecurityGroup', { vpc: props.vpc, allowAllOutbound: false });
this.connections = new Connections({ securityGroups: [this.securityGroup] });
// Depending on whether the ELB has public or internal IPs, pick the right backend subnets
const subnets: IVpcSubnet[] = props.internetFacing ? props.vpc.publicSubnets : props.vpc.privateSubnets;
this.elb = new CfnLoadBalancer(this, 'Resource', {
securityGroups: [ this.securityGroup.securityGroupId ],
subnets: subnets.map(s => s.subnetId),
listeners: new cdk.Token(() => this.listeners),
scheme: props.internetFacing ? 'internet-facing' : 'internal',
healthCheck: props.healthCheck && healthCheckToJSON(props.healthCheck),
});
if (props.internetFacing) {
this.elb.node.addDependency(...subnets.map(s => s.internetConnectivityEstablished));
}constructor(scope, id, props) {
super(scope, id);
const targetVpc = props.vpc;
// Define a group for telling Elasticache which subnets to put cache nodes in.
const subnetGroup = new elasticache.CfnSubnetGroup(this, `${id}-subnet-group`, {
description: `List of subnets used for redis cache ${id}`,
subnetIds: targetVpc.privateSubnets.map(function(subnet) {
return subnet.subnetId;
})
});
// The security group that defines network level access to the cluster
this.securityGroup = new ec2.SecurityGroup(this, `${id}-security-group`, { vpc: targetVpc });
this.connections = new ec2.Connections({
securityGroups: [this.securityGroup],
defaultPortRange: new ec2.TcpPort(6379)
});
// The cluster resource itself.
this.cluster = new elasticache.CfnCacheCluster(this, `${id}-cluster`, {
cacheNodeType: 'cache.t2.micro',
engine: 'redis',
numCacheNodes: 1,
autoMinorVersionUpgrade: true,
cacheSubnetGroupName: subnetGroup.subnetGroupName,
vpcSecurityGroupIds: [
this.securityGroup.securityGroupId
]public bind(task: sfn.Task): sfn.StepFunctionsTaskConfig {
if (this.networkConfiguration !== undefined) {
// Make sure we have a security group if we're using AWSVPC networking
if (this.securityGroup === undefined) {
this.securityGroup = new ec2.SecurityGroup(task, 'SecurityGroup', { vpc: this.props.cluster.vpc });
}
this.connections.addSecurityGroup(this.securityGroup);
}
return {
resourceArn: getResourceArn("ecs", "runTask", this.integrationPattern),
parameters: {
Cluster: this.props.cluster.clusterArn,
TaskDefinition: this.props.taskDefinition.taskDefinitionArn,
NetworkConfiguration: this.networkConfiguration,
Overrides: renderOverrides(this.props.containerOverrides),
...this.props.parameters,
},
policyStatements: this.makePolicyStatements(task),
};
}const stack = Stack.of(this);
this.vpc = props.vpc || new ec2.Vpc(this, 'DefaultVpc');
this.version = props.version;
this.tagSubnets();
this.role = props.role || new iam.Role(this, 'ClusterRole', {
assumedBy: new iam.ServicePrincipal('eks.amazonaws.com'),
managedPolicies: [
iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEKSClusterPolicy'),
iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonEKSServicePolicy'),
],
});
const securityGroup = props.securityGroup || new ec2.SecurityGroup(this, 'ControlPlaneSecurityGroup', {
vpc: this.vpc,
description: 'EKS Control Plane Security Group',
});
this.connections = new ec2.Connections({
securityGroups: [securityGroup],
defaultPort: ec2.Port.tcp(443), // Control Plane has an HTTPS API
});
// Get subnetIds for all selected subnets
const placements = props.vpcSubnets || [{ subnetType: ec2.SubnetType.PUBLIC }, { subnetType: ec2.SubnetType.PRIVATE }];
const subnetIds = [...new Set(Array().concat(...placements.map(s => this.vpc.selectSubnets(s).subnetIds)))];
const clusterProps: CfnClusterProps = {
name: this.physicalName,
roleArn: this.role.roleArn,@aws-cdk/aws-ec2
The CDK Construct Library for AWS::EC2
Package Health Score
67 / 100Popular @aws-cdk/aws-ec2 functions
- @aws-cdk/aws-ec2.AmazonLinuxGeneration
- @aws-cdk/aws-ec2.AnyIPv4
- @aws-cdk/aws-ec2.Connections
- @aws-cdk/aws-ec2.InstanceSize
- @aws-cdk/aws-ec2.InstanceType
- @aws-cdk/aws-ec2.OperatingSystemType
- @aws-cdk/aws-ec2.Port
- @aws-cdk/aws-ec2.Port.tcp
- @aws-cdk/aws-ec2.SecurityGroup
- @aws-cdk/aws-ec2.Subnet
- @aws-cdk/aws-ec2.Subnet.isVpcSubnet
- @aws-cdk/aws-ec2.SubnetType
- @aws-cdk/aws-ec2.SubnetType.ISOLATED
- @aws-cdk/aws-ec2.SubnetType.PRIVATE
- @aws-cdk/aws-ec2.TcpPort
- @aws-cdk/aws-ec2.UserData
- @aws-cdk/aws-ec2.Vpc
- @aws-cdk/aws-ec2.VpcNetwork
- @aws-cdk/aws-ec2.VpcNetworkProvider