forked from bryjbrown/vagrant-docker
-
Notifications
You must be signed in to change notification settings - Fork 1
/
dataverse.cft.yaml
159 lines (141 loc) · 4.07 KB
/
dataverse.cft.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
PublicSubnetWad:
Type: AWS::SSM::Parameter::Value<CommaDelimitedList>
Description: Parameter name of comma-separated list of public subnets.
AllowedValues:
- /vpc/dev/public_subnet_ids
- /vpc/test/public_subnet_ids
- /vpc/prod/public_subnet_ids
Default: /vpc/dev/public_subnet_ids
InstanceType:
Type: String
Default: m5.xlarge
Description: >
This template launches a demo Dataverse instance.
Resources:
CloudFormationUser:
Type: 'AWS::IAM::User'
Properties:
Path: /
Policies:
- PolicyName: root
PolicyDocument:
Statement:
- Effect: Allow
Action:
- 'cloudformation:DescribeStackResource'
Resource: '*'
CloudFormationUserKeys:
Type: 'AWS::IAM::AccessKey'
Properties:
UserName: !Ref CloudFormationUser
DataverseLaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName: datavese-demo-launch-template
LaunchTemplateData:
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
DeleteOnTermination: true
VolumeSize: 100
VolumeType: gp3
IamInstanceProfile:
Arn: !GetAtt InstanceProfile.Arn
ImageId: '{{resolve:ssm:/images/ami/docker-host-image-for-ubuntu-20-04}}'
InstanceType: !Ref InstanceType
Monitoring:
Enabled: true
NetworkInterfaces:
- NetworkInterfaceId: !Ref DataverseNetworkInterface
DeviceIndex: 0
UserData:
Fn::Base64:
!Sub |
#!/bin/bash -xe
apt update
apt install docker-compose -y
cd /
git clone https://github.com/fsulib/dataverse-demo
bash /dataverse-demo/dataverse-build.sh
TagSpecifications:
- ResourceType: instance
Tags:
- Key: Name
Value: datavese-demo-instance
- ResourceType: volume
Tags:
- Key: Name
Value: dataverse-demo-root-volume
DataverseNetworkInterface:
Type: 'AWS::EC2::NetworkInterface'
Properties:
SubnetId:
Fn::Select:
- 0
- !Ref PublicSubnetWad
Description: dataverse-demo-network-interface
GroupSet:
- !Ref DataverseSecurityGroup
SourceDestCheck: true
Tags:
- Key: Name
Value: dataverse-demo-network-interface
Instance:
Type: AWS::EC2::Instance
Properties:
LaunchTemplate:
LaunchTemplateId: !Ref DataverseLaunchTemplate
Version: !GetAtt DataverseLaunchTemplate.LatestVersionNumber
DataverseSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: dataverse-demo-sg
VpcId: "{{resolve:ssm:/vpc/dev/vpc_id}}"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 8080
ToPort: 8080
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: dataverse-demo-sg
EIP:
Type: AWS::EC2::EIP
Properties:
Tags:
- Key: Name
Value: Dataverse-Dev
- Key: lib:app
Value: dataverse
EIPAssoc:
Type: AWS::EC2::EIPAssociation
Properties:
AllocationId: !GetAtt EIP.AllocationId
NetworkInterfaceId: !Ref DataverseNetworkInterface
Role:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- 'sts:AssumeRole'
Path: '/fsulib/'
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore'
InstanceProfile:
Type: 'AWS::IAM::InstanceProfile'
Properties:
InstanceProfileName: !Sub DataverseProfile_${AWS::Region}
Roles:
- !Ref Role
Outputs:
IpAddress:
Description: Elastic IP Address
Value: !GetAtt EIP.PublicIp