/cdk-templates

Templates for aws cdk

Primary LanguageTypeScriptApache License 2.0Apache-2.0

cdk-templates

AWS CDK is th "Cloud Development Kit" which lets you programm CloudFormation Templates.

This is a collection of templates for the cdk

Tooling

We use tasks for scripting.

For switching profiles awsume is used.

Deploy Templates

If you use awsume, then the env variable AWSUME_PROFILE is set. If you work with different accounts its better to call the cdk cli with profile parameter.

So with awsume:

task deploy

Or with cdk directly:

cdk deploy

Templates

alb-update

Simple application load balancer with "hello world" webserver on instance. It spins up its own vpc for that.

alb-update has examples for

  • Auto generate AMI for region and OS type
  • Attach AWS managed policy to role
  • EC2 Userdata in external file
  • Attach Role for SSM Session Manager to instance in ASG

Usage of alb-update

  • cdk deploy
  • Open LoadBalancer DNS in browser

codepipeline

Deploy a static (hugo) website with CodePipeline and CodeCommit

codepipeline has examples for

  • CodeCommit repository
  • S3 Bucket with website, Bucket policy
  • CodeBuild
  • CodePipeline
  • Output parameters

ec2-autostop

Deploys a Jenkins EC2 instance, which is automatically stopped at a certain time. See `stop-instance.ts``

ec2-autostop has examples for

  • EC2 Userdata in a seperate single files
  • Cloudwatch Event Rule
  • extending the CDK by implementing an interface: `class EC2Stop implements events.IRuleTarget``

ec2-instanceconnect

  • EC2 instance with security group ssh incoming dynamic ip
  • Tasks for enabling and disabling instance metadata service v2

iam-user

  • generate many users with for loop
  • create and get initial password from SecretsManager

lambda-apigw

Lambda with an api Gateway

Lambda go

Lambda with go. Uses taskfile for compile depencies.

lambda-schedule

Simple lambda with CloudWatch event rule for daily triggering.

lambda-simple

Simple Lambda which takes all files from local lambda directory. It create the lambda ressource and uploads the code.

lambda-simple has examples for

  • lambda with local code (asset)
  • Programming resources and Lambda in the same programming language.

OpsCenter Role

Role for AWS OpsCenter

OpsCenterRole has example for

  • Create IAM Role with own policy statements

selfEditing

Creates a group with all rights for a user to change the own credentials and only them.

selfEditing has example for

  • creating a IAM group
  • add policy statements to the group

Usage of OpsCenterRole

Use role in any context.

Route 53

Route 53 Zone with a A Record entry

Transitgateway

Creates a Transitgateway with two connected VPCs

vpc-bastion

VPC with a bastion host, which is managed by SSM. So no security groups.

vpc-bastion has examples for

  • Instance ProfileRole
  • Searching EC2 image types

Usage of vpc-bastion

Connect to bastion host with Systems Manager session manager, or new mssh.