How to use @aws-cdk/aws-ssm - 6 common examples
To help you get started, we’ve selected a few @aws-cdk/aws-ssm examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
humank / EventStormingWorkShop / deployment / coffeeshop-cdk / lib / coffee-shop-code-pipeline.ts View on Github 
},
// eventBus: coffeeshop_eventbus,
ruleName: 'OrderCreatedRule',
});
//add ssm parameter store for cloudwatchevent put usage
const eventSourceParam = new ssm.StringParameter(this, 'eventSourceParam', {
parameterName: '/coffeeshop/events/ordercreated/event_source',
stringValue: 'solid.humank.coffeeshop.order',
});
// Grant read access to some Role
eventSourceParam.grantRead(fargateTaskRole);
//add ssm parameter store for cloudwatchevent put usage
const eventArnParam = new ssm.StringParameter(this, 'eventArnParam', {
parameterName: '/coffeeshop/events/ordercreated/event_arn',
stringValue: rule.ruleArn,
});
// Grant read access to some Role
eventArnParam.grantRead(fargateTaskRole);
// if the default image is not from ECR, the ECS task execution role will not have ECR pull privileges
// we need grant the pull for it explicitly
this.ecrRepository.grantPull({
grantPrincipal: (fargatesvc.service.taskDefinition.executionRole as iam.IRole)
})
// reduce the default deregistration delay timeout from 300 to 30 to accelerate the rolling update
fargatesvc.targetGroup.setAttribute('deregistration_delay.timeout_seconds', '30')
// customize the healthcheck to speed up the ecs rolling updatetableName: 'Coffee',
});
coffeeTable.grantFullAccess(fargateTaskRole);
const rule = new Rule(this, 'OrderCreatedRule',{
eventPattern:{
source:["solid.humank.coffeeshop.order"],
detailType:['customevent']
},
// eventBus: coffeeshop_eventbus,
ruleName: 'OrderCreatedRule',
});
//add ssm parameter store for cloudwatchevent put usage
const eventSourceParam = new ssm.StringParameter(this, 'eventSourceParam', {
parameterName: '/coffeeshop/events/ordercreated/event_source',
stringValue: 'solid.humank.coffeeshop.order',
});
// Grant read access to some Role
eventSourceParam.grantRead(fargateTaskRole);
//add ssm parameter store for cloudwatchevent put usage
const eventArnParam = new ssm.StringParameter(this, 'eventArnParam', {
parameterName: '/coffeeshop/events/ordercreated/event_arn',
stringValue: rule.ruleArn,
});
// Grant read access to some Role
eventArnParam.grantRead(fargateTaskRole);// Network infrastructure
const vpc = new Vpc(this, 'VPC', { maxAzs: 2 });
const cluster = new Cluster(this, 'Cluster', {
clusterName: props.domainName.replace(/\./g, '-'),
vpc
});
// Configuration parameters
const domainZone = HostedZone.fromLookup(this, 'Zone', { domainName: props.domainZone });
const imageRepo = Repository.fromRepositoryName(this, 'Repo', 'reinvent-trivia-backend');
const tag = (process.env.IMAGE_TAG) ? process.env.IMAGE_TAG : 'latest';
const image = ContainerImage.fromEcrRepository(imageRepo, tag)
// Lookup pre-existing TLS certificate
const certificateArn = StringParameter.fromStringParameterAttributes(this, 'CertArnParameter', {
parameterName: 'CertificateArn-' + props.domainName
}).stringValue;
const certificate = Certificate.fromCertificateArn(this, 'Cert', certificateArn);
// Fargate service + load balancer
new ApplicationLoadBalancedFargateService(this, 'Service', {
cluster,
taskImageOptions: { image },
desiredCount: 3,
domainName: props.domainName,
domainZone,
certificate
});
}
}constructor(parent: cdk.App, name: string, props: TriviaBackendStackProps) {
super(parent, name, props);
// Network infrastructure
const vpc = new Vpc(this, 'VPC', { maxAzs: 2 });
const serviceSG = new SecurityGroup(this, 'ServiceSecurityGroup', { vpc });
// Lookup pre-existing TLS certificate
const certificateArn = StringParameter.fromStringParameterAttributes(this, 'CertArnParameter', {
parameterName: 'CertificateArn-' + props.domainName
}).stringValue;
// Load balancer
const loadBalancer = new ApplicationLoadBalancer(this, 'ServiceLB', {
vpc,
internetFacing: true
});
serviceSG.connections.allowFrom(loadBalancer, Port.tcp(80));
const domainZone = HostedZone.fromLookup(this, 'Zone', { domainName: props.domainZone });
new ARecord(this, "DNS", {
zone: domainZone,
recordName: props.domainName,
target: AddressRecordTarget.fromAlias(new LoadBalancerTarget(loadBalancer)),
});public getImage(scope: Construct): ec2.MachineImageConfig {
const ami = ssm.StringParameter.valueForTypedStringParameter(scope, this.amiParameterName, ssm.ParameterType.AWS_EC2_IMAGE_ID);
return {
imageId: ami,
osType: this.windowsVersion ? ec2.OperatingSystemType.WINDOWS : ec2.OperatingSystemType.LINUX
};
}
}public constructor(parent: App, name: string, props?: StackProps) {
super(parent, name, props);
const certificateArn = StringParameter.valueFromLookup(
this,
'/certificate/cloudcomponents.org',
);
new StaticWebsite(this, 'StaticWebsite', {
bucketConfiguration: {
removalPolicy: RemovalPolicy.DESTROY,
},
aliasConfiguration: {
domainName: 'cloudcomponents.org',
names: ['www.cloudcomponents.org', 'cloudcomponents.org'],
acmCertRef: certificateArn,
},
});
}
}@aws-cdk/aws-ssm
The CDK Construct Library for AWS::SSM
