實測 AWS Console-to-Code (Preview)

• 這是一種生成式AI功能，可以將AWS控制台中的操作轉換成代碼
• 讓使用者可以輕鬆從原型設計過渡到生產環境部署
• 使用者可以選擇產生的代碼格式，如CloudFormation、CDK
• 代碼遵循AWS最佳實踐，可以幫助改進部署和創建可靠的生產工作負載
• 用戶不需要再在控制台和基礎設施即代碼(IaC)之間做選擇
• 一鍵操作即可擷取使用者在控制台的操作和工作流程並轉換為代碼
• 可以加速雲端解決方案的自動化代碼產生
• 幫助用戶輕鬆過渡到基礎設施即代碼的部署方式

目前僅在 us-east-1 的 EC2 控制台上可用

支援的格式：

• CDK(Java)
• CDK(Python)
• CDK(TypeScript)
• CloudFormation(JSON)
• CloudFormation(YAML)

實驗開始

先確認區域是否為 us-east-1

手動建立 EC2

查看Console-to-Code 可以看到在 AWS Console 所執行的 API 動作名稱

針對 RunInstances 選擇轉換的格式，其實也會產生CLI代碼

測試 CDK TypeScript code 稍後您將獲得一個 CDK 範本以及有關如何使用它的補充信息

如下參考完整範本

 Here is the generated CDK code:

```typescript
import { Vpc, Instance, InstanceClass, InstanceSize, SecurityGroup, Role, InstanceProfile } from "@aws-cdk/aws-ec2";
import { ManagedPolicy } from "@aws-cdk/aws-iam";

// Create VPC, subnet, and security group referenced in CLI command
const vpc = new Vpc(this, "MyVpc");
const subnet = vpc.publicSubnets[0];
const securityGroup = new SecurityGroup(this, "MySecurityGroup", {
  vpc,
});

// Create IAM role and instance profile for SSM and CloudWatch access
const iamRole = new Role(this, "MyIamRole", {
  assumedBy: new ServicePrincipal("ec2.amazonaws.com"),
  managedPolicies: [
    ManagedPolicy.fromAwsManagedPolicyName("AmazonSSMManagedInstanceCore"),
    ManagedPolicy.fromAwsManagedPolicyName("CloudWatchAgentServerPolicy"),
  ],
});

const instanceProfile = new InstanceProfile(this, "MyInstanceProfile", {
  role: iamRole,
});

// Create EC2 instance
const instance = new Instance(this, "MyInstance", {
  vpc,
  instanceType: InstanceType.of(InstanceClass.T3, InstanceSize.NANO),
  machineImage: MachineImage.latestAmazonLinux({
    generation: AmazonLinuxGeneration.AMAZON_LINUX_2,
  }),
  keyName: "ming-Virginia", 
  networkInterfaces: [{ 
    subnet,
    associatePublicIpAddress: true,
    securityGroups: [securityGroup],
  }],
  role: instanceProfile,

  // Add tags
  instanceName: "ming-ai-test",

  // Metadata options
  metadataOptions: {
    httpTokens: 'required',
    httpEndpoint: 'enabled',
    httpPutResponseHopLimit: 2,
  }
});
```

Reasoning:
- Created the VPC, subnet, and security group resources referenced in the CLI command
- Created an IAM role with SSM and CloudWatch managed policies, and an instance profile to associate it with the EC2 instance, as specified in the CLI command
- Created the EC2 instance with details like instance type, AMI, key pair, network interface config, IAM role, tags, and metadata options specified in CLI
- Used CDK constructs like Vpc, Instance, SecurityGroup, Role, InstanceProfile etc. to define the resources
- Made sure to include all details provided in CLI command in CDK code

AWS Console-to-Code 這功能對於，正在考慮當前操作轉換 IaC 可能會有所幫助。

CloudFormation 和 CDK 都可以提供，還提供了 CLI，如果想研究 CLI 的操作，蠻有用的

不過可能需要仔細檢查提供的程式碼以確保其按預期工作，但這是一個非常有用的功能，極推薦！

Reference

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/console-to-code.html?icmpid=docs_console_unmapped

https://aws.amazon.com/about-aws/whats-new/2023/11/aws-console-to-code-preview-generate-console-actions/?nc1=h_ls