kritro

//Listener for MySQL port
const listener = nlb.addListener('Listener', {
  port: 3306,
  protocol: elbv2.Protocol.TCP
});
//Tagging of MySQL listener
cdk.Tags.of(listener).add("Name", servername+"-mysql-listener");
cdk.Tags.of(listener).add("Application", application);
cdk.Tags.of(listener).add("Description", "listener-for-"+serverdescription);

kritro

// Finally lets provision our ec2 instance
instance = new ec2.Instance(this, "app-mysql-server-instance", {
  vpc: vpc,
  role: role,
  securityGroup: securityGroup,
  instanceName: servername,
  instanceType: instancetype,
  blockDevices:[
    {
      deviceName: '/dev/sda1',

kritro

const initData = ec2.CloudFormationInit.fromElements(
   // ec2.InitFile.fromUrl("c:\\cfn\\mysql.msi", "https://downloads.mysql.com/archives/get/p/25/file/mysql-installer-community-8.0.24.0.msi"),
   ec2.InitFile.fromAsset("c:\\cfn\\ContabBootstrapScript.ps1", "./ContabBootstrapScript.ps1"),
   ec2.InitFile.fromAsset("c:\\cfn\\CreateADGroups.ps1", "./CreateADGroups.ps1"),
   ec2.InitPackage.msi("https://s3.amazonaws.com/aws-cli/AWSCLI64.msi"),
   ec2.InitCommand.shellCommand('powershell.exe [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString(\'https://chocolatey.org/install.ps1\'))', { key: "1-InstallChoco", waitAfterCompletion: ec2.InitCommandWaitDuration.of(cdk.Duration.seconds(5)) }),
   ec2.InitCommand.shellCommand("powershell.exe -Command Rename-Computer (Get-EC2Tag -Filter @{Name='resource-id'; Values=(Invoke-WebRequest http://169.254.169.254/latest/meta-data/instance-id -UseBasicParsing)

kritro

instance.instance.overrideLogicalId('appmysqlserver');

kritro

   const userdataScript = "<persist>true</persist>";
   const userData = ec2.UserData.forWindows();
   userData.addCommands(userdataScript);

kritro

 const dVolume = new ec2.Volume(this, 'Data', {
  availabilityZone: 'eu-west-1a',
  size: cdk.Size.gibibytes(volumeDsize),
  encrypted: true,
  volumeType: ec2.EbsDeviceVolumeType.GP3,
  encryptionKey: kms.Key.fromKeyArn(this, 'VolumeEncryptionKey', volumeEncryptionKey),
});

cdk.Tags.of(dVolume).add("Name", servername+"-d-volume");

kritro

const publicIp = require('public-ip');
    async function waitForIP() {
      var ip = await publicIp.v4();
      // console.log(ip);
      return ip;
    }

function setLaptopIngressRule() {
  waitForIP().then(result => securityGroup.addIngressRule(ec2.Peer.ipv4(result+"/32"), ec2.Port.tcp(3389), 'Allows rdp access from laptop public'));
}

kritro

 const securityGroup = new ec2.SecurityGroup(this,'app-mysql-server-sg',
  {
      vpc: vpc,
      allowAllOutbound: true, // will let your instance send outboud traffic
      securityGroupName: 'app-mysql-server-sg',
  })

cdk.Tags.of(securityGroup).add("Name", servername+"-security-group");

kritro

//Create the IAM Role
const role = new iam.Role(this, 'app-mysql-server-role', { 
  assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com') 
})

//Add some AWS managed policies to that role
role.addManagedPolicy(iam.ManagedPolicy.fromManagedPolicyArn(this, "AmazonSSMAutomationRole", "arn:aws:iam::aws:policy/service-role/AmazonSSMAutomationRole"));
role.addManagedPolicy(iam.ManagedPolicy.fromManagedPolicyArn(this, "AmazonSSMManagedInstanceCore", "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"));
    
//Create the underlying json for the custom policy

kritro

//Network load balancer
const nlb = new elbv2.NetworkLoadBalancer(this, 'NLB', {
  vpc,
  internetFacing: true,
  vpcSubnets: publicSubnet,
  loadBalancerName: "app-mysql-nlb-public",
  crossZoneEnabled: false
});

cdk.Tags.of(nlb).add("Name", servername+"-network-load-balancer");