def _add_imagebuilder_image_recipe(self, build_tags, components,
lambda_cleanup_policy_statements):
# ImageBuilderImageRecipe
image_recipe_resource = imagebuilder.CfnImageRecipe(
self,
"ImageRecipe",
name=self._build_image_recipe_name(),
version=utils.get_installed_version(base_version_only=True),
tags=build_tags,
parent_image=self.config.build.parent_image,
components=components,
block_device_mappings=[
imagebuilder.CfnImageRecipe.InstanceBlockDeviceMappingProperty(
device_name=self._get_root_device_name(),
ebs=self._set_ebs_volume(),
)
],
)
if not self.custom_cleanup_lambda_role:
self._add_resource_delete_policy(
lambda_cleanup_policy_statements,
["imagebuilder:DeleteImageRecipe"],
[
self.format_arn(
service="imagebuilder",
resource="image-recipe",
resource_name="{0}/*".format(
self._build_image_recipe_name(to_lower=True)),
)
],
)
return image_recipe_resource
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
cmp_chocoinstall = imagebuilder.CfnComponent(
self,
"cmp_chocoinstall",
name="InstallChocolatey",
platform="Windows",
version="1.0.0",
uri="s3://imagebuildercustomcomponents/installchoco.yml")
rcp = imagebuilder.CfnImageRecipe(
self,
"WindowsImageSampleRecipe",
name="WindowsImageSampleRecipe",
version="1.0.0",
components=[
{
"componentArn":
"arn:aws:imagebuilder:eu-west-1:aws:component/dotnet-core-runtime-windows/3.1.0/1"
},
{
"componentArn": cmp_chocoinstall.attr_arn
},
],
parent_image=
"arn:aws:imagebuilder:eu-west-1:aws:image/windows-server-2019-english-core-base-x86/2020.8.12"
)
role = iam.Role(self,
"WindowsImageSampleRole",
role_name="WindowsImageSampleRole",
assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"))
role.add_managed_policy(
iam.ManagedPolicy.from_aws_managed_policy_name(
"AmazonSSMManagedInstanceCore"))
role.add_managed_policy(
iam.ManagedPolicy.from_aws_managed_policy_name(
"EC2InstanceProfileForImageBuilder"))
instanceprofile = iam.CfnInstanceProfile(
self,
"WindowsImageSampleInstanceProfile",
instance_profile_name="WindowsImageSampleInstanceProfile",
roles=["WindowsImageSampleRole"])
vpc = ec2.Vpc.from_lookup(self, "VPC", vpc_name="default")
subnet = vpc.public_subnets[0]
print("Subnet Id: " + subnet.subnet_id)
sg = ec2.SecurityGroup.from_security_group_id(
self, "SG", security_group_id="sg-54f65620")
print("Security Group: " + sg.security_group_id)
infraconfig = imagebuilder.CfnInfrastructureConfiguration(
self,
"WindowsImageSampleInfrastructureConfig",
name="WindowsImageSampleInfrastructureConfig",
instance_types=["t3.xlarge"],
instance_profile_name="WindowsImageSampleInstanceProfile",
subnet_id=subnet.subnet_id,
security_group_ids=[sg.security_group_id])
pipeline = imagebuilder.CfnImagePipeline(
self,
"WindowsImageSamplePipeline",
name="WindowsImageSamplePipeline",
image_recipe_arn=rcp.attr_arn,
infrastructure_configuration_arn=infraconfig.attr_arn)
def __init__(self, scope: core.Construct, id: str, bucket_name: str,
components_prefix: str, base_image_arn: str,
image_pipeline_name: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
bucket_uri = "s3://" + bucket_name + "/" + components_prefix
# NOTE: when creating components, version number is supplied manually. If you update the components yaml and
# need a new version deployed, version need to be updated manually.
# spec to install python3
component_python3_uri = bucket_uri + '/install_python3.yml'
component_python3 = imagebuilder.CfnComponent(
self,
"component_python3",
name="InstallPython3",
platform="Linux",
version="1.0.1",
uri=component_python3_uri)
# spec to install angular
component_angular_uri = bucket_uri + '/install_angular.yml'
component_angular = imagebuilder.CfnComponent(
self,
"component_angular",
name="InstallAngular",
platform="Linux",
version="1.0.0",
uri=component_angular_uri)
# spec to install dotnet core
component_dotnet_uri = bucket_uri + '/install_dotnetcore.yml'
component_dotnet = imagebuilder.CfnComponent(self,
"component_dotnet",
name="InstallDotnetCore",
platform="Linux",
version="1.0.0",
uri=component_dotnet_uri)
# spec to install docker and other dev tools
component_devtools_uri = bucket_uri + '/install_devtools.yml'
component_devtools = imagebuilder.CfnComponent(
self,
"component_devtools",
name="InstallDevTools",
platform="Linux",
version="1.0.0",
uri=component_devtools_uri)
# recipe that installs all of above components together with a ubuntu base image
recipe = imagebuilder.CfnImageRecipe(self,
"UbuntuDevWorkstationRecipe",
name="UbuntuDevWorkstationRecipe",
version="1.0.3",
components=[{
"componentArn":
component_python3.attr_arn
}, {
"componentArn":
component_angular.attr_arn
}, {
"componentArn":
component_dotnet.attr_arn
}, {
"componentArn":
component_devtools.attr_arn
}],
parent_image=base_image_arn)
# below role is assumed by ec2 instance
role = iam.Role(self,
"UbuntuDevWorkstationRole",
role_name="UbuntuDevWorkstationRole",
assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"))
role.add_managed_policy(
iam.ManagedPolicy.from_aws_managed_policy_name(
"AmazonSSMManagedInstanceCore"))
role.add_managed_policy(
iam.ManagedPolicy.from_aws_managed_policy_name(
"EC2InstanceProfileForImageBuilder"))
# create an instance profile to attach the role
instanceprofile = iam.CfnInstanceProfile(
self,
"UbuntuDevWorkstationInstanceProfile",
instance_profile_name="UbuntuDevWorkstationInstanceProfile",
roles=["UbuntuDevWorkstationRole"])
# create infrastructure configuration to supply instance type
infraconfig = imagebuilder.CfnInfrastructureConfiguration(
self,
"UbuntuDevWorkstationInfraConfig",
name="UbuntuDevWorkstationInfraConfig",
instance_types=["t3.xlarge"],
instance_profile_name="UbuntuDevWorkstationInstanceProfile")
# infrastructure need to wait for instance profile to complete before beginning deployment.
infraconfig.add_depends_on(instanceprofile)
# build the imagebuilder pipeline
pipeline = imagebuilder.CfnImagePipeline(
self,
"UbuntuDevWorkstationPipeline",
name=image_pipeline_name,
image_recipe_arn=recipe.attr_arn,
infrastructure_configuration_arn=infraconfig.attr_arn)
pipeline.add_depends_on(infraconfig)
def __init__(self, scope: cdk.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
imagebuilderimagerecipe = imagebuilder.CfnImageRecipe(
self,
"ImageBuilderImageRecipe",
name="windows-base",
version="1.1.0",
components=[
{
"componentArn":
"arn:aws:imagebuilder:us-east-1:aws:component/amazon-cloudwatch-agent-windows/x.x.x"
},
{
"componentArn":
"arn:aws:imagebuilder:us-east-1:aws:component/aws-cli-version-2-windows/x.x.x"
},
{
"componentArn":
"arn:aws:imagebuilder:us-east-1:aws:component/powershell-windows/x.x.x"
},
{
"componentArn":
"arn:aws:imagebuilder:us-east-1:aws:component/python-3-windows/x.x.x"
},
{
"componentArn":
"arn:aws:imagebuilder:us-east-1:aws:component/update-windows/x.x.x"
},
],
parent_image=
"arn:aws:imagebuilder:us-east-1:aws:image/windows-server-2019-english-full-base-x86/x.x.x",
tags={})
imagebuilderdistributionconfiguration = imagebuilder.CfnDistributionConfiguration(
self,
"ImageBuilderDistributionConfiguration",
name="windows-2019-base",
distributions=[{
"region": "us-east-1",
"amiDistributionConfiguration": {
"Name":
f"windows-2019-base-{{{{ imagebuilder:buildDate }}}}",
"AmiTags": {
"Name": "windows-2019-base"
},
}
}],
)
imagebuilderinfrastructureconfiguration = imagebuilder.CfnInfrastructureConfiguration(
self,
"ImageBuilderInfrastructureConfiguration",
name="windows-server-2019",
instance_profile_name="EC2InstanceProfileForImageBuilder",
key_pair="key",
terminate_instance_on_failure=True,
)
imagebuilderimage = imagebuilder.CfnImage(
self,
"ImageBuilderImage",
distribution_configuration_arn=imagebuilderdistributionconfiguration
.ref,
infrastructure_configuration_arn=
imagebuilderinfrastructureconfiguration.ref,
image_recipe_arn=imagebuilderimagerecipe.ref,
image_tests_configuration={
"image_tests_enabled": True,
"timeout_minutes": 720
},
tags={})
imagebuilderimagepipeline = imagebuilder.CfnImagePipeline(
self,
"ImageBuilderImagePipeline",
name="vm-windows-server-2019",
distribution_configuration_arn=imagebuilderdistributionconfiguration
.ref,
infrastructure_configuration_arn=
imagebuilderinfrastructureconfiguration.ref,
image_recipe_arn=imagebuilderimagerecipe.ref,
image_tests_configuration={
"image_tests_enabled": True,
"timeout_minutes": 720
},
status="ENABLED",
tags={})