Tuesday, May 5, 2020

AWS CDK - Build EC2 Instance (Python)

AWS CDK is a software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation.
AWS CloudFormation enables you to:
  • Create and provision AWS infrastructure deployments predictably and repeatedly.
  • Leverage AWS products such as Amazon EC2, Amazon Elastic Block Store, Amazon SNS, Elastic Load Balancing, and Auto Scaling.
  • Build highly reliable, highly scalable, cost-effective applications in the cloud without worrying about creating and configuring the underlying AWS infrastructure.
  • Use a template file to create and delete a collection of resources together as a single unit (a stack).


def create_windows_bastion_server(self, vpc=None):
    if vpc is None:
        vpc = self.vpc
    # The code that defines your stack goes here    host = ec2.Instance(self,windows_bastion_server_name,
                        instance_type=ec2.InstanceType(
                            instance_type_identifier=ec2_micro_type),
                        instance_name='windows_bastion_server',
                        machine_image=windows_ami,
                        vpc=vpc,
                        key_name='mindtelligent_aws_bastion_server_key',
                        vpc_subnets=windows_vpc_subnet
                        )
    # ec2.Instance has no property of BlockDeviceMappings, add via lower layer cdk api:    host.instance.add_property_override("BlockDeviceMappings",[{
        "DeviceName": "/dev/xvda",
        "Ebs": {
            "VolumeSize": "10",
            "VolumeType": "io1",
            "Iops": "150",
            "DeleteOnTermination": "true"        }
    },{
        "DeviceName": "/dev/sdb",
        "Ebs": {"VolumeSize": "30"}
    }
    ])  # by default VolumeType is gp2, VolumeSize 8GB    host.connections.allow_from_any_ipv4(
        ec2.Port.tcp(3389),"Allow RDP from internet")
    host.connections.allow_from_any_ipv4(
        ec2.Port.tcp(80),"Allow ssh from internet")

Use SSH Keys to clone GIT Repository using SSH

  1. Generate a New SSH Key Pair bash ssh-keygen -t rsa -b 4096 -C "HSingh@MindTelligent.com" -t rsa specifies the type of key (...