AndrewBestbier · March 5, 2020 14:42 · Kaifmohd · Apr 19, 2021
diff --git a/tutorial.yaml b/tutorial.yaml
 AWSTemplateFormatVersion: 2010-09-09

 Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16

  PublicSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.0.0/24
      AvailabilityZone: !Select [0, !GetAZs ]

  PublicSubnetB:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.1.0/24
      AvailabilityZone: !Select [1, !GetAZs ]

  PrivateSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.2.0/24
      AvailabilityZone: !Select [0, !GetAZs ]

  PrivateSubnetB:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.3.0/24
      AvailabilityZone: !Select [1, !GetAZs ]

  AppLaunchConfig:
    Type: AWS::AutoScaling::LaunchConfiguration
    Properties:
      ImageId: ami-0389b2a3c4948b1a0
      InstanceType: t2.micro
      SecurityGroups:
        - !Ref InstanceSecurityGroup
      UserData:
        Fn::Base64:
          Fn::Sub: |
            #!/bin/bash -xe
            yum update -y
            yum install -y httpd
            systemctl start httpd
            systemctl enable httpd
            echo "Hello from $(hostname -f)" > /var/www/html/index.html

  InstanceSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Letting HTTP into our instance
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - FromPort: 80
          IpProtocol: tcp
          ToPort: 80
          SourceSecurityGroupId: !Ref ApplicationLoadBalancerSecurityGroup

  InternetGateway:
    Type: AWS::EC2::InternetGateway
    DependsOn: VPC

  AttachGateway:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref VPC
      InternetGatewayId: !Ref InternetGateway

  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC

  PublicRoute:
    Type: AWS::EC2::Route
    DependsOn: AttachGateway
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway

  PublicSubnetARouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnetA
      RouteTableId: !Ref PublicRouteTable

  PublicSubnetBRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnetB
      RouteTableId: !Ref PublicRouteTable

  ApplicationLoadBalancer:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      SecurityGroups:
        - !Ref ApplicationLoadBalancerSecurityGroup
      Subnets:
        - !Ref PublicSubnetA
        - !Ref PublicSubnetB

  ApplicationLoadBalancerSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: SSH and HTTP
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - CidrIp: 0.0.0.0/0
          FromPort: 80
          IpProtocol: tcp
          ToPort: 80

  Listener:
    Type: AWS::ElasticLoadBalancingV2::Listener
    Properties:
      DefaultActions:
        - Type: forward
          TargetGroupArn: !Ref TargetGroup
      LoadBalancerArn: !Ref ApplicationLoadBalancer
      Port: 80
      Protocol: HTTP

  TargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      Port: 80
      Protocol: HTTP
      VpcId: !Ref VPC

  AutoScalingGroup:
    Type: AWS::AutoScaling::AutoScalingGroup
    Properties:
      LaunchConfigurationName: !Ref AppLaunchConfig
      VPCZoneIdentifier:
        - !Ref PublicSubnetA
        - !Ref PublicSubnetB
      DesiredCapacity: 3
      MinSize: 3
      MaxSize: 3
      TargetGroupARNs:
        - !Ref TargetGroup

  Database:
    Type: AWS::RDS::DBInstance
    Properties:
      VPCSecurityGroups:
        - !Ref DbSecurityGroup
      AllocatedStorage: "10"
      DBSubnetGroupName: !Ref DbSubnetGroup
      DBInstanceClass: "db.t2.micro"
      Engine: "postgres"
      MasterUsername: Username
      MasterUserPassword: Password
      MultiAZ: true

  DbSubnetGroup:
    Type: "AWS::RDS::DBSubnetGroup"
    Properties:
      DBSubnetGroupDescription: DBSubnetGroup
      SubnetIds: # (6)
        - !Ref PrivateSubnetA
        - !Ref PrivateSubnetB

  DbSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Database
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - FromPort: -1
          IpProtocol: -1
          ToPort: -1
          SourceSecurityGroupId: !Ref InstanceSecurityGroup
	AWSTemplateFormatVersion: 2010-09-09

	Resources:
	VPC:
	Type: AWS::EC2::VPC
	Properties:
	CidrBlock: 10.0.0.0/16

	PublicSubnetA:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	CidrBlock: 10.0.0.0/24
	AvailabilityZone: !Select [0, !GetAZs ]

	PublicSubnetB:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	CidrBlock: 10.0.1.0/24
	AvailabilityZone: !Select [1, !GetAZs ]

	PrivateSubnetA:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	CidrBlock: 10.0.2.0/24
	AvailabilityZone: !Select [0, !GetAZs ]

	PrivateSubnetB:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	CidrBlock: 10.0.3.0/24
	AvailabilityZone: !Select [1, !GetAZs ]

	AppLaunchConfig:
	Type: AWS::AutoScaling::LaunchConfiguration
	Properties:
	ImageId: ami-0389b2a3c4948b1a0
	InstanceType: t2.micro
	SecurityGroups:
	- !Ref InstanceSecurityGroup
	UserData:
	Fn::Base64:
	Fn::Sub: \|
	#!/bin/bash -xe
	yum update -y
	yum install -y httpd
	systemctl start httpd
	systemctl enable httpd
	echo "Hello from $(hostname -f)" > /var/www/html/index.html

	InstanceSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: Letting HTTP into our instance
	VpcId: !Ref VPC
	SecurityGroupIngress:
	- FromPort: 80
	IpProtocol: tcp
	ToPort: 80
	SourceSecurityGroupId: !Ref ApplicationLoadBalancerSecurityGroup

	InternetGateway:
	Type: AWS::EC2::InternetGateway
	DependsOn: VPC

	AttachGateway:
	Type: AWS::EC2::VPCGatewayAttachment
	Properties:
	VpcId: !Ref VPC
	InternetGatewayId: !Ref InternetGateway

	PublicRouteTable:
	Type: AWS::EC2::RouteTable
	Properties:
	VpcId: !Ref VPC

	PublicRoute:
	Type: AWS::EC2::Route
	DependsOn: AttachGateway
	Properties:
	RouteTableId: !Ref PublicRouteTable
	DestinationCidrBlock: 0.0.0.0/0
	GatewayId: !Ref InternetGateway

	PublicSubnetARouteTableAssociation:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	SubnetId: !Ref PublicSubnetA
	RouteTableId: !Ref PublicRouteTable

	PublicSubnetBRouteTableAssociation:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	SubnetId: !Ref PublicSubnetB
	RouteTableId: !Ref PublicRouteTable

	ApplicationLoadBalancer:
	Type: AWS::ElasticLoadBalancingV2::LoadBalancer
	Properties:
	SecurityGroups:
	- !Ref ApplicationLoadBalancerSecurityGroup
	Subnets:
	- !Ref PublicSubnetA
	- !Ref PublicSubnetB

	ApplicationLoadBalancerSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: SSH and HTTP
	VpcId: !Ref VPC
	SecurityGroupIngress:
	- CidrIp: 0.0.0.0/0
	FromPort: 80
	IpProtocol: tcp
	ToPort: 80

	Listener:
	Type: AWS::ElasticLoadBalancingV2::Listener
	Properties:
	DefaultActions:
	- Type: forward
	TargetGroupArn: !Ref TargetGroup
	LoadBalancerArn: !Ref ApplicationLoadBalancer
	Port: 80
	Protocol: HTTP

	TargetGroup:
	Type: AWS::ElasticLoadBalancingV2::TargetGroup
	Properties:
	Port: 80
	Protocol: HTTP
	VpcId: !Ref VPC

	AutoScalingGroup:
	Type: AWS::AutoScaling::AutoScalingGroup
	Properties:
	LaunchConfigurationName: !Ref AppLaunchConfig
	VPCZoneIdentifier:
	- !Ref PublicSubnetA
	- !Ref PublicSubnetB
	DesiredCapacity: 3
	MinSize: 3
	MaxSize: 3
	TargetGroupARNs:
	- !Ref TargetGroup

	Database:
	Type: AWS::RDS::DBInstance
	Properties:
	VPCSecurityGroups:
	- !Ref DbSecurityGroup
	AllocatedStorage: "10"
	DBSubnetGroupName: !Ref DbSubnetGroup
	DBInstanceClass: "db.t2.micro"
	Engine: "postgres"
	MasterUsername: Username
	MasterUserPassword: Password
	MultiAZ: true

	DbSubnetGroup:
	Type: "AWS::RDS::DBSubnetGroup"
	Properties:
	DBSubnetGroupDescription: DBSubnetGroup
	SubnetIds: # (6)
	- !Ref PrivateSubnetA
	- !Ref PrivateSubnetB

	DbSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: Database
	VpcId: !Ref VPC
	SecurityGroupIngress:
	- FromPort: -1
	IpProtocol: -1
	ToPort: -1
	SourceSecurityGroupId: !Ref InstanceSecurityGroup