markilott

AWSTemplateFormatVersion: '2010-09-09'
Description: >-
  AWS Transfer SFTP with EIP and Security Group
  You can choose a fully automated and self-contained demo by creating a new VPC.
  
  Or you can select an existing VPC. The VPC must have 2 public subnets with internet access.
  There is one manual step in the Console required for an existing VPC after the CloudFormation script-
  - Open the VPC Service page
  - Go to Endpoints
  - Select the new transfer Endpoint

markilott

AWSTemplateFormatVersion: "2010-09-09"
Description: >-
  Creates-
  - a Managed AD, with the domain name you specify
  - admin server joined to the domain
  - Secrets Manager secret with the AD Admin password
  Requires-
  - an existing VPC with at least 2 subnets
  - EC2 Key Pair in the current region
  - Windows Server 2016 AMI ID in the current region

markilott

#############################################################
# This template is used to prepare the Shared Services Account so that
# the Pipeline can be triggered by CodeCommit in DEV.
#
# Run this template First
#
#############################################################

Description: Allow CodeCommit Events forwarding from DEV
Resources:

markilott

// Https listener
const httpsListener = alb.addListener('https', {
  port: 443,
  protocol: ApplicationProtocol.HTTPS,
  certificates: [certificate],
  open: false, // Prevent CDK from adding an allow all inbound rule to the security group
});

markilott

// Target Group. Fargate stack will add services to this group
new ApplicationTargetGroup(this, 'fargateTargetGroup', {
  vpc,
  port,
  // IP target type is required for Fargate services - it must be specified here if attaching services in other stacks
  targetType: TargetType.IP,
});

markilott

const AWS = require('aws-sdk');
const ecs = new AWS.ECS();

// Update the desired task count
await ecs.updateService({
  service,
  cluster,
  desiredCount: 0, // 0 to stop, 1 (or more) to start
}).promise();

markilott

// In the Scheduler Stack ===========================================
// Lambda Function to start/stop tasks
const ecsScheduleFnc = new Function(this, 'ecsScheduleFnc', {
    description: 'Lambda ECS Service Mgt Function',
    functionName: 'ecsScheduleFnc',
    runtime: Runtime.NODEJS_14_X,
    handler: 'index.handler',
    timeout: Duration.seconds(5),
    code: Code.fromAsset(`${__dirname}/lambda/manage-task`),
});

markilott

aws sesv2 send-email \
  --from-email-address "no-reply@mydomain.com" \
  --destination "ToAddresses=me@myotherdomain.com" \
  --configuration-set-name "myConfigSet" \
  --content "Simple={Subject={Data=Hello World,Charset=utf8},Body={Text={Data=Hi from SES,Charset=utf8},Html={Data=<p>Hi from SES<p>,Charset=utf8}}}"

markilott

// Creating custom policy for CustomResource due to CDK bug (uses email: instead of ses: when creating actions)
const sesPolicy = new PolicyStatement({
    actions: [
        'ses:CreateConfigurationSet',
        'ses:DeleteConfigurationSet',
        'ses:CreateConfigurationSetEventDestination',
        'ses:DeleteConfigurationSetEventDestination',
        'ses:CreateEmailIdentity',
        'ses:DeleteEmailIdentity',
    ],

markilott

// Add and verify Domain using DKIM
const domainIdentity = new AwsCustomResource(this, 'domainIdentity', {
    onUpdate: {
        service: 'SESV2',
        action: 'createEmailIdentity',
        parameters: {
            EmailIdentity: zoneName,
            ConfigurationSetName, // Will set the default Configuration Set for the domain
        },
        physicalResourceId: {},