9

有很多示例代码,但快速改进的 cdk 包并没有帮助我找到一些(我认为)简单事物的工作示例。例如,即使是我在示例中找到的导入也失败了:

import { VpcNetworkRef } from '@aws-cdk/aws-ec2';
 error TS2724: Module '"../node_modules/@aws-cdk/aws-ec2/lib"' has no exported member 'VpcNetworkRef'. Did you mean 'IVpcNetwork'?

为什么示例 ec2 代码不显示原始 ec2 实例的创建?

有什么帮助的是示例 cdk 代码,它使用硬编码的 VpcId 和 SecurityGroupId(我会将它们作为上下文值传递)来创建一对新的子网(即,每个可用区一个),我们将一对 EC2 实例放入其中.

同样,实例的目标 VPC 和 SecurityGroup 已经存在。我们只是(今天)在添加新的 EC2 实例集时创建新的子网。

我们有许多不同的环境(AWS 基础设施集),它们目前共享一个账户、VPC 和安全组。这将会改变,但我目前的目标是看看我们是否可以使用云开发工具包在这个现有模型中创建新的不同环境。我们今天有一个 CF 模板。

我不知道从哪里开始。引用现有 VPC 的示例未编译。

import { VpcNetworkRef } from '@aws-cdk/aws-ec2';
const vpc = VpcNetworkRef.import(this, 'unused', {vpcId, availabilityZones: ['unused']});

同样,实例的目标 VPC 和 SecurityGroup 已经存在。我们只是(今天)在添加新的 EC2 实例集时创建新的子网。

-----编辑-------->

关于 gitter 的讨论帮助我回答了这个问题以及如何添加裸实例

const vpc - ec2.VpcNetwork.import(this, 'YOUR-VPC-NAME', {
    vpcId: 'your-vpc-id',
    availabilityZones: ['list', 'some', 'zones'],
    publicSubnetIds: ['list', 'some', 'subnets'],
    privateSubnetIds: ['list', 'some', 'more'],
});

const sg = ec2.SecurityGroup.import(this, 'YOUR-SG-NAME', {
    securityGroupId: 'your-sg-id'
});

// can add subnets to existing..
const newSubnet = new ec2.VpcSubnet(this, "a name", {
    availablityZone: "us-west-2b",
    cidrBlock: "a.b.c.d/e",
    vpcId: vpc.vpcId
});

// add bare instance
new ec2.CfnInstance(this, "instance name", {
    imageId: "an ami",
    securityGroupIds: [sg.securityGroupId],
    subnetId: newSubnet.subnetId,
    instanceType: "an instance type",
    tags: [{ key: "key", value: "value"}]
});

不需要进一步的答案......对我来说。

4

2 回答 2

6 
import ec2 = require('@aws-cdk/aws-ec2');

// looking up a VPC by its name
const vpc = ec2.Vpc.fromLookup(this, 'VPC', {
  vpcName: 'VPC-Name'
});


// looking up an SG by its ID
const sg = ec2.SecurityGroup.fromSecurityGroupId(this, 'SG', 'SG-ID')


// creating the EC2 instance
const instance = new ec2.Instance(this, 'Instance', {
  vpc: vpc,
  securityGroup: sg,
  instanceType: new ec2.InstanceType('m4.large'),
  machineImage: new ec2.GenericLinuxImage({
    'us-east-1': 'ami-abcdef' // <- add your ami-region mapping here
   }),
});
于 2019-12-14T09:59:19.327 回答
0

我也遇到了导入现有 vpc/子网/安全组的问题。我相信它与原始帖子相比有所改变。以下是从 v1.18.0 开始的方法:

import cdk, { Construct, Stack, Subnet, StackProps } from '@aws-cdk/core';
import { SecurityGroup, SubnetType, Vpc } from "@aws-cdk/aws-ec2";

const stackProps: StackProps = {
  env: {
    region: 'your region',
    account: 'your account'
  },
};

export class MyStack extends Stack {
  constructor(scope: Construct, id: string) {
    super(scope, id, stackProps);

    const vpc = Vpc.fromVpcAttributes(this, 'vpc', {
      vpcId: 'your vpc id',
      availabilityZones: ['your region'],
      privateSubnetIds: ['your subnet id']
    });

    //Get subnets that already exists off your current vpc. 
    const subnets = vpc.selectSubnets({subnetType: SubnetType.PRIVATE});

    //Create a subnet in the existing vpc
     const newSubnet = new Subnet(this, 'subnet', {
       availabilityZone: 'your zone', 
       cidrBlock: 'a.b.c.d/e', 
       vpcId: vpc.vpcId
     });

    //Get an existing security group.
    const securityGroup = SecurityGroup.fromSecurityGroupId(this, 'securitygroup', 'your security group id');

  }
}
于 2019-12-10T19:58:58.090 回答