-
Notifications
You must be signed in to change notification settings - Fork 33
/
CloudFormation.yaml
158 lines (149 loc) · 4.99 KB
/
CloudFormation.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
Metadata:
License: Apache-2.0
AWSTemplateFormatVersion: '2010-09-09'
Description: 'This AWS CloudFormation Template will launch an Amazon EC2 instance of type t2.micro with latest Amazon Linux 2 OS, bootstrap Apache/PHP, and
install a simple address book web application. The template will also create an Amazon RDS MySQL database instance in free tier, i.e. of type db.t2.micro and with no Multi-AZ setup or
read replicas. The WebTier Security Group will allow only SSH and HTTP connections to this web server EC2 instance, and the DBTier Security Group will
only allow the WebTier Security Group to initiate database connections to the RDS DB instance over TCP port 3306. It is recommended that you deploy in Default VPC.'
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: Must be the name of an existing EC2 KeyPair.
VPC:
Description: Choose VPC
Type: AWS::EC2::VPC::Id
SubnetID:
Description: Choose Subnet
Type: AWS::EC2::Subnet::Id
LatestAmiId:
Type : AWS::SSM::Parameter::Value<String>
Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs
DBInstanceID:
Default: rdsdb
Description: RDS DB instance
Type: String
MinLength: '1'
MaxLength: '63'
AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
ConstraintDescription: >-
Must begin with a letter and must not end with a hyphen or contain two
consecutive hyphens.
DatabaseName:
Default: mydb
Description: Database name
Type: String
MinLength: '1'
MaxLength: '64'
AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
ConstraintDescription: Must begin with a letter and contain only alphanumeric characters.
MasterUsername:
NoEcho: 'true'
Description: Username for MySQL database access
Type: String
MinLength: '1'
MaxLength: '16'
AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
ConstraintDescription: Must begin with a letter and contain only alphanumeric characters.
MasterPassword:
NoEcho: 'true'
Description: Password for MySQL database access
Type: String
MinLength: '8'
MaxLength: '41'
AllowedPattern: '[a-zA-Z0-9]*'
ConstraintDescription: Must contain only alphanumeric characters.
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
KeyName: !Ref KeyName
ImageId: !Ref LatestAmiId
Tags:
- Key: Name
Value: "Webserver"
SecurityGroups:
- !Ref WebSecurityGroup
UserData:
Fn::Base64: |
#!/bin/bash
yum -y install httpd php mysql php-mysql
case $(ps -p 1 -o comm | tail -1) in
systemd) systemctl enable --now httpd ;;
init) chkconfig httpd on; service httpd start ;;
*) echo "Error starting httpd (OS not using init or systemd)." 2>&1
esac
if [ ! -f /var/www/html/bootcamp-app.tar.gz ]; then
cd /var/www/html
wget https://s3.amazonaws.com/immersionday-labs/bootcamp-app.tar
tar xvf bootcamp-app.tar
chown apache:root /var/www/html/rds.conf.php
fi
yum -y update
IPAddress:
Type: AWS::EC2::EIP
IPAssoc:
Type: AWS::EC2::EIPAssociation
Properties:
InstanceId: !Ref EC2Instance
EIP: !Ref IPAddress
WebSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Allow SSH and HTTP connections to EC2 instance
Tags:
- Key: Name
Value: "WebTier-sg"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
DBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow connections only from Webserver
Tags:
- Key: Name
Value: "DBTier-sg"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 3306
ToPort: 3306
SourceSecurityGroupId: !GetAtt WebSecurityGroup.GroupId
MyDB:
Type: 'AWS::RDS::DBInstance'
Properties:
DBInstanceIdentifier: !Ref DBInstanceID
DBName: !Ref DatabaseName
DBInstanceClass: db.t2.micro
AllocatedStorage: 20
Engine: MySQL
EngineVersion: 5.7.28
MasterUsername: !Ref MasterUsername
MasterUserPassword: !Ref MasterPassword
DBParameterGroupName: !Ref RDSParameterGroup
VPCSecurityGroups:
- Fn::GetAtt: [ DBSecurityGroup, GroupId ]
RDSParameterGroup:
Properties:
Description: "custom parameter group"
Family: mysql5.7
Parameters:
character_set_database: utf32
Tags:
- Key: Name
Value: "tut"
Type: "AWS::RDS::DBParameterGroup"
Outputs:
WebsiteURL:
Value: !Sub 'http://${EC2Instance.PublicDnsName}/'
Description: Webserver URL
RDSEndpoint:
Value: !GetAtt MyDB.Endpoint.Address
Description: RDS DB instance endpoint