def launch_windows_instance()

in cdk/cdk-domainless-mode/cdk/cdk_stack.py [0:0]

• 52 lines of code
• 3 McCabe index (conditional complexity)

    def launch_windows_instance(self, instance_tag: str, password: str,
                                domain_name: str,
                                key_name: str,
                                number_of_gmsa_accounts: int,
                                s3_bucket_name: str):

        # Add user_data_script to user_data
        user_data = ec2.UserData.for_windows(persist=True)
        user_data = cdk.Fn.base64(user_data.render())

        # Create an instance role
        role = iam.Role(
            self, "InstanceRole",
            assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"),
            managed_policies=[
                iam.ManagedPolicy.from_aws_managed_policy_name("AmazonS3FullAccess"),
                iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMDirectoryServiceAccess"),
                iam.ManagedPolicy.from_aws_managed_policy_name("AWSDirectoryServiceFullAccess"),
                iam.ManagedPolicy.from_aws_managed_policy_name("SecretsManagerReadWrite"),
                iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMManagedInstanceCore"),
            ],
        )

        # https://github.com/aws/aws-cdk/issues/4057
        # Domain-join works if SSM agent is reachable and SSM association can pick it up
        association = cdk.CfnResource(
                        self, "Association",
                        type="AWS::SSM::Association",
                        properties={
                        "Targets": [
                            {
                                "Key": "tag:Name",
                                "Values": [instance_tag]
                            }
                        ],
                        "Parameters": {
                            "directoryName": [domain_name],
                            "directoryId": [self.cfn_microsoft_AD.ref]
                        },
                        "Name": "AWS-JoinDirectoryServiceDomain"
                        }
                    )
        association.node.add_dependency(self.cfn_microsoft_AD)

        iam_instance_profile = iam.CfnInstanceProfile(self, "InstanceProfile", roles=[role.role_name])
        instance = ec2.CfnInstance(
                    self,
                    "MyCfnInstance",
                    instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.XLARGE).to_string(),
                    image_id=ec2.WindowsImage(version=ec2.WindowsVersion.WINDOWS_SERVER_2022_ENGLISH_FULL_SQL_2022_ENTERPRISE).get_image(self).image_id,
                    security_group_ids=[self.security_group.security_group_id],
                    subnet_id=self.subnet_1.subnet_id,
                    tags=[cdk.CfnTag(key="Name", value=instance_tag)],
                    key_name = key_name,
                    iam_instance_profile = iam_instance_profile.ref
                    )
        instance_id = instance.ref

        instance.node.add_dependency(self.cfn_microsoft_AD)
        instance.node.add_dependency(self.vpc)
        return instance