in app.py [0:0]
def __init__(self, scope:cdk.App, id:str, **kwargs)->None:
super().__init__(scope,id, **kwargs)
cdk.Tags.of(self).add(key='purpose', value='logshare-blog')
self.encryption_key = kms.Key(self,'SecretKey',
alias='sharing-logs/blog',
enable_key_rotation=True,
admins=[iam.AccountPrincipal(Aws.ACCOUNT_ID)])
'''
Create the networking layer
'''
self.vpc = ec2.Vpc(self,'Vpc',cidr='10.0.0.0/22',
max_azs=2,
enable_dns_hostnames=True,
enable_dns_support=True,
nat_gateways=1,
subnet_configuration=[
ec2.SubnetConfiguration(name='Public',subnet_type=ec2.SubnetType.PUBLIC,cidr_mask=24),
ec2.SubnetConfiguration(name='Private',subnet_type=ec2.SubnetType.PRIVATE_WITH_NAT,cidr_mask=24)
])
self.vpc.add_flow_log('VpcFlowLog',
destination= ec2.FlowLogDestination.to_cloud_watch_logs(
log_group= logs.LogGroup(self,'FlowLogGroup',
encryption_key= self.encryption_key,
removal_policy= RemovalPolicy.DESTROY,
retention= logs.RetentionDays.ONE_MONTH),
iam_role = iam.Role(self,'FlowLogRole',
assumed_by=iam.ServicePrincipal('vpc-flow-logs.amazonaws.com', region=Aws.REGION))))
'''
Setup Active Directory
'''
self.directory = DirectoryServicesConstruct(self,'DirectoryServices', vpc=self.vpc, encryption_key=self.encryption_key)
'''
Create the data storage tier
'''
self.data_stores = DataStoresConstruct(self,'DataStores', vpc=self.vpc, directory=self.directory)
'''
Create the AppServers
'''
self.app_servers = AppServersConstruct(self,'AppServers', vpc=self.vpc, data_stores=self.data_stores)
'''
Setup DataSync
'''
self.data_sync = DataSyncConstruct(self,'DataSync', data_stores=self.data_stores)
'''
Setup Transfer Family
'''
self.transfer_server = TransferFamilyConstruct(self,'TxF',
vpc=self.vpc,
mad=self.directory.mad,
bucket= self.data_stores.shared_log_bucket.bucket)