def create_ecs_cluster()

in cdk/cdk-domainless-mode/cdk/cdk_stack.py [0:0]

• 47 lines of code
• 2 McCabe index (conditional complexity)

    def create_ecs_cluster(self, cluster_name: str,
                                instance_tag: str, password: str,
                                domain_name: str,
                                key_pair: ec2.KeyPair,
                                number_of_gmsa_accounts: int,
                                vpc : str,
                                security_group : str, rpm_file:str, s3_bucket:str):

        machine_image = ecs.EcsOptimizedImage.amazon_linux2023(hardware_type=ecs.AmiHardwareType.STANDARD)
        instance_type=ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.XLARGE)
        role = iam.Role(self, "Role", role_name="ecs-instance-role", assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"))

        role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("service-role/AmazonEC2ContainerServiceforEC2Role"))
        role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("AmazonECS_FullAccess"))
        role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("SecretsManagerReadWrite"))
        role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMFullAccess"))
        role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("AmazonS3FullAccess"))
        # add role for Directory Service
        role.add_managed_policy(iam.ManagedPolicy.from_aws_managed_policy_name("AWSDirectoryServiceFullAccess"))

        user_data_script = self.setup_linux_userdata(instance_tag, password, domain_name, key_pair.key_pair_name, number_of_gmsa_accounts, rpm_file, s3_bucket)
        user_data = ec2.UserData.for_linux()
        user_data.add_commands(user_data_script)
        #user_data = cdk.Fn.base64(user_data.render())

        subnet_selection = ec2.SubnetSelection(
                                subnet_type=ec2.SubnetType.PUBLIC
                            )
        auto_scaling_group = autoscaling.AutoScalingGroup(self, "MyAutoScalingGroup",
                                                           vpc=vpc, require_imdsv2 = True,
                                                           min_capacity=1,
                                                           max_capacity=1,
                                                           desired_capacity=1,
                                                           security_group = security_group,
                                                           machine_image = machine_image,
                                                           instance_type = instance_type,
                                                           key_pair = key_pair,
                                                           role = role,
                                                           associate_public_ip_address = True,
                                                           vpc_subnets = subnet_selection,
                                                           user_data = user_data
                                                           )
        capacity_provider = ecs.AsgCapacityProvider(self, "MyCapacityProvider",
                                                    auto_scaling_group=auto_scaling_group,
                                                    capacity_provider_name="MyCapacityProvider",
                                                    target_capacity_percent=100)

        cluster = ecs.Cluster(self, "MyCluster",
                              cluster_name=cluster_name,
                              container_insights=True,
                              vpc=self.vpc
                              )
        cluster.add_asg_capacity_provider(capacity_provider)

        return cluster