コード例 #1
0
        internal TheEfsLambdaStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
        {
            // EFS needs to be setup in a VPC with 2Azs
            _vpc = new EC2.Vpc(this, "Vpc", new EC2.VpcProps
            {
                MaxAzs = 2
            });

            // Create a file system in EFS to store information
            _fileSystem = new EFS.FileSystem(this, "Filesystem", new EFS.FileSystemProps
            {
                Vpc           = _vpc,
                RemovalPolicy = RemovalPolicy.DESTROY
            });

            // Create a access point to EFS
            EFS.AccessPoint accessPoint;
            accessPoint = _fileSystem.AddAccessPoint("AccessPoint", new EFS.AccessPointOptions
            {
                CreateAcl = new EFS.Acl {
                    OwnerGid = "1001", OwnerUid = "1001", Permissions = "750"
                },
                Path      = "/export/lambda",
                PosixUser = new EFS.PosixUser {
                    Gid = "1001", Uid = "1001",
                }
            });

            // Create the lambda function
            _functionProxyHandler = new Lambda.Function(this, "efsLambdaFunction", new Lambda.FunctionProps
            {
                Runtime    = Lambda.Runtime.PYTHON_3_8,
                Code       = Lambda.Code.FromAsset("lambda_fns"),
                Handler    = "message_wall.lambda_handler",
                Vpc        = _vpc,
                Filesystem = Lambda.FileSystem.FromEfsAccessPoint(accessPoint, "/mnt/msg")
            });

            // Api Gateway HTTP integration
            _apiGateway = new APIGv2.HttpApi(this, "EFS Lambda", new APIGv2.HttpApiProps
            {
                DefaultIntegration = new APIGv2Integration.LambdaProxyIntegration(new APIGv2Integration.LambdaProxyIntegrationProps
                {
                    Handler = _functionProxyHandler
                })
            });


            // Output to CFN
            new CfnOutput(this, "HTTP API Url", new CfnOutputProps
            {
                Value = _apiGateway.Url
            });
        }
コード例 #2
0
        public VpcStack(Construct scope, IConfigSettings config, IStackProps props = null) : base(scope, $"{config?.Vpc?.StackName}", props)
        {
            var vpcProps = new VpcProps
            {
                Cidr        = (config.Vpc.Cidr != null) ? config.Vpc.Cidr : "10.0.0.0/16",
                NatGateways = config.Vpc.NatGateways,
            };

            // create the vpc
            Vpc = new Amazon.CDK.AWS.EC2.Vpc(this, config.Vpc.Name, vpcProps);

            // tag it
            Utilities.Tagging.Tag(Vpc, config, config.Vpc.Tags);
            Utilities.Tagging.Tag(Vpc, config, config.Tags);
        }
コード例 #3
0
        public Amazon.CDK.AWS.AutoScaling.AutoScalingGroup Create(Amazon.CDK.AWS.EC2.Vpc vpc, SecurityGroup sg)
        {
            // todo define roles in config
            var role      = new Security.Roles.IamRole().Create(this, _config, "asg-ec2-role");
            var selection = new SubnetSelection
            {
                SubnetType = SubnetType.PUBLIC
            };

            var healchCheck = HealthCheck.Elb(new ElbHealthCheckOptions
            {
                Grace = Duration.Minutes(5)
            });

            var asg = new Amazon.CDK.AWS.AutoScaling.AutoScalingGroup(this, _config.Asg.Name, new AutoScalingGroupProps
            {
                AutoScalingGroupName = _config.Asg.Name,
                Vpc = vpc,
                // todo parse enums and pull from config
                InstanceType = InstanceType.Of(InstanceClass.BURSTABLE3, InstanceSize.MICRO),
                // get the linux two type otherwise it defaults to the older image
                // todo parse enums and pull from config
                MachineImage = new AmazonLinuxImage(new AmazonLinuxImageProps {
                    Generation = AmazonLinuxGeneration.AMAZON_LINUX_2
                }),
                AllowAllOutbound = _config.Asg.AllowAllOutbound,
                DesiredCapacity  = _config.Asg.DesiredCapacity,
                MinCapacity      = _config.Asg.MinCapacity,
                MaxCapacity      = _config.Asg.MaxCapacity,

                KeyName = _config.Asg.KeyName,
                AssociatePublicIpAddress = _config.Asg.AssociatePublicIpAddress,
                VpcSubnets    = selection,
                Role          = role,
                UserData      = GetUserData(_config.Asg.UserDataPath),
                HealthCheck   = healchCheck,
                SecurityGroup = sg
            });

            Utilities.Tagging.Tag(asg, _config, _config.Asg.Tags);
            Utilities.Tagging.Tag(asg, _config, _config.Tags);

            //asg.ScaleOnCpuUtilization()


            return(asg);
        }
コード例 #4
0
        public DatabaseInstance Create(Amazon.CDK.AWS.EC2.Vpc vpc, IConfigSettings configSettings, SecurityGroup[] securityGroups)
        {
            var db = new DatabaseInstance(this, $"{configSettings.Rds.Name}", new DatabaseInstanceProps
            {
                // todo change all properties based on config settings
                Engine = DatabaseInstanceEngine.Mysql(new MySqlInstanceEngineProps
                {
                    //todo change based on config settings
                    Version = MysqlEngineVersion.VER_5_7,
                }),

                Credentials  = GetCredentials(configSettings),
                InstanceType = InstanceType.Of(InstanceClass.BURSTABLE2, InstanceSize.SMALL),
                VpcSubnets   = new SubnetSelection
                {
                    SubnetType = SubnetType.ISOLATED
                },
                Vpc                     = vpc,
                MultiAz                 = configSettings.Rds.MultiAz,
                BackupRetention         = Duration.Days(configSettings.Rds.BackupRetentionInDays),
                StorageEncrypted        = configSettings.Rds.StorageEncrypted,
                AutoMinorVersionUpgrade = configSettings.Rds.AutoMinorVersionUpgrade,
                // todo
                StorageType        = StorageType.GP2,
                SecurityGroups     = securityGroups,
                InstanceIdentifier = configSettings.Rds.Name,
                DeletionProtection = configSettings.Rds.DeletionProtection,
            });


            // rotate the master password (use this when storing it in secrets manager)
            //db.AddRotationSingleUser();

            //EaSdRDpAgGjGKd0AL-uI2fwSJ,znW5

            DBInstance = db;

            return(db);
        }
コード例 #5
0
        public ApplicationLoadBalancer Create(Construct construct, Amazon.CDK.AWS.EC2.Vpc vpc, Amazon.CDK.AWS.AutoScaling.AutoScalingGroup asg, SecurityGroup sg)
        {
            var lb = new ApplicationLoadBalancer(construct, _config.Alb.Name, new ApplicationLoadBalancerProps
            {
                Vpc              = vpc,
                InternetFacing   = true,
                LoadBalancerName = _config.Alb.Name,
                SecurityGroup    = sg
            });

            Amazon.CDK.Tags.Of(lb).Add("Name", $"{_config.Alb.Name}");

            // add a listener
            var listener = AddListener(lb, 80, null);
            var appPort  = 80;
            var group    = listener.AddTargets($"AppFleet", new AddApplicationTargetsProps
            {
                Port    = appPort,
                Targets = new[] { asg }
            });

            // add specific tags
            Amazon.CDK.Tags.Of(listener).Add("Name", $"{_config.Alb.Name}-listner");
            Amazon.CDK.Tags.Of(group).Add("Name", $"{_config.Alb.Name}-fleet");


            // exmple of a fixed ok message returned by the LB
            listener.AddAction($"FixedOkMessage", new AddApplicationActionProps
            {
                Priority   = 10,
                Conditions = new[] { ListenerCondition.PathPatterns(new[] { "/ok" }) },
                Action     = ListenerAction.FixedResponse(200, new FixedResponseOptions
                {
                    ContentType = "text/html",
                    MessageBody = "OK"
                })
            });

            // example of a fixed health status message returned by LB
            listener.AddAction($"LBHealthInfo", new AddApplicationActionProps
            {
                Priority   = 15,
                Conditions = new[] { ListenerCondition.PathPatterns(new[] { "/lb-status" }) },
                Action     = ListenerAction.FixedResponse(200, new FixedResponseOptions
                {
                    ContentType = "application/json",
                    MessageBody = "{ \"lb\": { \"type\": \"application-load-balancer\", \"launchDateUtc\": \"{" + DateTime.UtcNow + "}\", \"status\": \"ok\" } }"
                })
            });

            //"arn:aws:acm:us-east-1:xxxxxxxxx:certificate/eb2b584c-421d-4134-b679-1746642b5e3f"
            if (_config.Alb.CertArn != null)
            {
                listener = AddListener(lb, 443, _config.Alb.CertArn);

                // forward any ssl requests to the target group
                listener.AddAction("SSLForward", new AddApplicationActionProps
                {
                    Action = ListenerAction.Forward(new[] { group }),
                });
            }


            return(lb);
        }