cobusbernard/Demo CDK code2

## Demo CDK code2
// CDK Commands:
cdk init app --language typescript
npm i @aws-cdk/aws-ec2 @aws-cdk/aws-iam @aws-cdk/aws-s3-assets cdk-ec2-key-pair @aws-cdk/aws-s3 @aws-cdk/aws-sagemaker

Uncomment line 14 in bin/<your app>.ts:
   env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION },

cdk bootstrap
cdk deploy

// Sample CDK Code
import * as cdk from '@aws-cdk/core';

import * as ec2 from "@aws-cdk/aws-ec2"; // Allows working with EC2 and VPC resources
import * as iam from "@aws-cdk/aws-iam"; // Allows working with IAM resources
import * as s3assets from "@aws-cdk/aws-s3-assets"; // Allows managing files with S3
import * as keypair from "cdk-ec2-key-pair"; // Helper to create EC2 SSH keypairs
import * as s3 from "@aws-cdk/aws-s3";
import * as sagemaker from "@aws-cdk/aws-sagemaker";
import * as path from "path"; // Helper for working with file paths

export class DemoStack extends cdk.Stack {
  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    const vpc = ec2.Vpc.fromLookup(this, "VPC", {
      isDefault: true
    });

    // Create a key pair to be used with this EC2 Instance
    const key = new keypair.KeyPair(this, "KeyPair", {
      name: "cdk-keypair",
      description: "Key Pair created with CDK Deployment",
    });
    key.grantReadOnPublicKey;

    // Security group for the EC2 instance
    const securityGroup = new ec2.SecurityGroup(this, "SecurityGroup", {
      vpc,
      description: "Allow SSH (TCP port 22) and HTTP (TCP port 80) in",
      allowAllOutbound: true,
    });

    // Allow SSH access on port tcp/22
    securityGroup.addIngressRule(
      ec2.Peer.anyIpv4(),
      ec2.Port.tcp(22),
      "Allow SSH Access"
    );

    // Allow HTTP access on port tcp/80
    securityGroup.addIngressRule(
      ec2.Peer.anyIpv4(),
      ec2.Port.tcp(80),
      "Allow HTTP Access"
    );

    // Allow HTTP access on port tcp/80
    securityGroup.addIngressRule(
      ec2.Peer.anyIpv4(),
      ec2.Port.tcp(443),
      "Allow HTTPS Access"
    );

    // IAM role to allow access to other AWS services
    const role = new iam.Role(this, "ec2Role", {
      assumedBy: new iam.ServicePrincipal("ec2.amazonaws.com"),
    });

    // IAM policy attachment to allow access to
    role.addManagedPolicy(
      iam.ManagedPolicy.fromAwsManagedPolicyName("AmazonSSMManagedInstanceCore")
    );

    // Look up the AMI Id for the Amazon Linux 2 Image with CPU Type X86_64
    const ami = new ec2.AmazonLinuxImage({
      generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2,
      cpuType: ec2.AmazonLinuxCpuType.X86_64,
    });

    // Create the EC2 instance using the Security Group, AMI, and KeyPair defined.
    const ec2Instance = new ec2.Instance(this, "Instance", {
      vpc,
      instanceType: ec2.InstanceType.of(
        ec2.InstanceClass.T2,
        ec2.InstanceSize.MICRO
      ),
      machineImage: ami,
      securityGroup: securityGroup,
      keyName: key.keyPairName,
      role: role,
    });


    // Command to download the SSH key
    new cdk.CfnOutput(this, "Download Key Command", {
      value:
        "aws secretsmanager get-secret-value --secret-id ec2-ssh-key/cdk-keypair/private --query SecretString --output text > cdk-key.pem && chmod 400 cdk-key.pem",
    });

    // Output the public IP address of the EC2 instance
    new cdk.CfnOutput(this, "IP Address", {
      value: ec2Instance.instancePrivateIp,
    });

    // Command to access the EC2 instance using SSH
    new cdk.CfnOutput(this, "ssh command", {
      value:
        "ssh -i cdk-key.pem -o IdentitiesOnly=yes ec2-user@" +
        ec2Instance.instancePrivateIp,
    });

    const smIamRole = new iam.Role(this, "SageMakerDemo", {
      assumedBy: new iam.ServicePrincipal("sagemaker.amazonaws.com"),
    });


  }
}
	// CDK Commands:
	cdk init app --language typescript
	npm i @aws-cdk/aws-ec2 @aws-cdk/aws-iam @aws-cdk/aws-s3-assets cdk-ec2-key-pair @aws-cdk/aws-s3 @aws-cdk/aws-sagemaker

	Uncomment line 14 in bin/<your app>.ts:
	env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION },

	cdk bootstrap
	cdk deploy

	// Sample CDK Code
	import * as cdk from '@aws-cdk/core';

	import * as ec2 from "@aws-cdk/aws-ec2"; // Allows working with EC2 and VPC resources
	import * as iam from "@aws-cdk/aws-iam"; // Allows working with IAM resources
	import * as s3assets from "@aws-cdk/aws-s3-assets"; // Allows managing files with S3
	import * as keypair from "cdk-ec2-key-pair"; // Helper to create EC2 SSH keypairs
	import * as s3 from "@aws-cdk/aws-s3";
	import * as sagemaker from "@aws-cdk/aws-sagemaker";
	import * as path from "path"; // Helper for working with file paths

	export class DemoStack extends cdk.Stack {
	constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
	super(scope, id, props);

	const vpc = ec2.Vpc.fromLookup(this, "VPC", {
	isDefault: true
	});

	// Create a key pair to be used with this EC2 Instance
	const key = new keypair.KeyPair(this, "KeyPair", {
	name: "cdk-keypair",
	description: "Key Pair created with CDK Deployment",
	});
	key.grantReadOnPublicKey;

	// Security group for the EC2 instance
	const securityGroup = new ec2.SecurityGroup(this, "SecurityGroup", {
	vpc,
	description: "Allow SSH (TCP port 22) and HTTP (TCP port 80) in",
	allowAllOutbound: true,
	});

	// Allow SSH access on port tcp/22
	securityGroup.addIngressRule(
	ec2.Peer.anyIpv4(),
	ec2.Port.tcp(22),
	"Allow SSH Access"
	);

	// Allow HTTP access on port tcp/80
	securityGroup.addIngressRule(
	ec2.Peer.anyIpv4(),
	ec2.Port.tcp(80),
	"Allow HTTP Access"
	);

	// Allow HTTP access on port tcp/80
	securityGroup.addIngressRule(
	ec2.Peer.anyIpv4(),
	ec2.Port.tcp(443),
	"Allow HTTPS Access"
	);

	// IAM role to allow access to other AWS services
	const role = new iam.Role(this, "ec2Role", {
	assumedBy: new iam.ServicePrincipal("ec2.amazonaws.com"),
	});

	// IAM policy attachment to allow access to
	role.addManagedPolicy(
	iam.ManagedPolicy.fromAwsManagedPolicyName("AmazonSSMManagedInstanceCore")
	);

	// Look up the AMI Id for the Amazon Linux 2 Image with CPU Type X86_64
	const ami = new ec2.AmazonLinuxImage({
	generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2,
	cpuType: ec2.AmazonLinuxCpuType.X86_64,
	});

	// Create the EC2 instance using the Security Group, AMI, and KeyPair defined.
	const ec2Instance = new ec2.Instance(this, "Instance", {
	vpc,
	instanceType: ec2.InstanceType.of(
	ec2.InstanceClass.T2,
	ec2.InstanceSize.MICRO
	),
	machineImage: ami,
	securityGroup: securityGroup,
	keyName: key.keyPairName,
	role: role,
	});


	// Command to download the SSH key
	new cdk.CfnOutput(this, "Download Key Command", {
	value:
	"aws secretsmanager get-secret-value --secret-id ec2-ssh-key/cdk-keypair/private --query SecretString --output text > cdk-key.pem && chmod 400 cdk-key.pem",
	});

	// Output the public IP address of the EC2 instance
	new cdk.CfnOutput(this, "IP Address", {
	value: ec2Instance.instancePrivateIp,
	});

	// Command to access the EC2 instance using SSH
	new cdk.CfnOutput(this, "ssh command", {
	value:
	"ssh -i cdk-key.pem -o IdentitiesOnly=yes ec2-user@" +
	ec2Instance.instancePrivateIp,
	});

	const smIamRole = new iam.Role(this, "SageMakerDemo", {
	assumedBy: new iam.ServicePrincipal("sagemaker.amazonaws.com"),
	});


	}
	}