Last active
October 16, 2017 05:29
-
-
Save eMahtab/0100da8d5637503136ce0a6e1cffee2d to your computer and use it in GitHub Desktop.
Signaling EC2 bootstrapping with cfn-signal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion" : "2010-09-09", | |
| "Description" : "AWS CloudFormation Sample Template VPC_with_PublicIPs_And_DNS: Sample template that creates a VPC with DNS and public IPs enabled. Note that you are billed for the AWS resources that you use when you create a stack from this template.", | |
| "Parameters": { | |
| "KeyPair": { | |
| "Description": "Name of the keypair to use for SSH access", | |
| "Type": "String" | |
| }, | |
| "BucketName" : { | |
| "Description" : "Name of bucket containing application war", | |
| "Type" : "String", | |
| "Default" : "war.bucket" | |
| } | |
| }, | |
| "Resources" : { | |
| "VPC" : { | |
| "Type" : "AWS::EC2::VPC", | |
| "Properties" : { | |
| "EnableDnsSupport" : "true", | |
| "EnableDnsHostnames" : "true", | |
| "CidrBlock" : "10.0.0.0/16" | |
| } | |
| }, | |
| "PublicSubnet" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.0.0.0/24" | |
| } | |
| }, | |
| "InternetGateway" : { | |
| "Type" : "AWS::EC2::InternetGateway" | |
| }, | |
| "VPCGatewayAttachment" : { | |
| "Type" : "AWS::EC2::VPCGatewayAttachment", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "InternetGatewayId" : { "Ref" : "InternetGateway" } | |
| } | |
| }, | |
| "PublicRouteTable" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" } | |
| } | |
| }, | |
| "PublicRoute" : { | |
| "Type" : "AWS::EC2::Route", | |
| "DependsOn" : "VPCGatewayAttachment", | |
| "Properties" : { | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" }, | |
| "DestinationCidrBlock" : "0.0.0.0/0", | |
| "GatewayId" : { "Ref" : "InternetGateway" } | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociation" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet" }, | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" } | |
| } | |
| }, | |
| "PublicSubnetNetworkAclAssociation" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet" }, | |
| "NetworkAclId" : { "Fn::GetAtt" : ["VPC", "DefaultNetworkAcl"] } | |
| } | |
| }, | |
| "WebServerSecurityGroup" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : { | |
| "GroupDescription" : "Enable HTTP ingress", | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "SecurityGroupIngress" : [ | |
| {"IpProtocol" : "tcp","FromPort" : "80","ToPort" : "80","CidrIp" : "0.0.0.0/0"}, | |
| {"IpProtocol" : "tcp","FromPort" : "8080","ToPort" : "8080","CidrIp" : "0.0.0.0/0"}, | |
| {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"}] | |
| } | |
| }, | |
| "CfnUser" : { | |
| "Type" : "AWS::IAM::User", | |
| "Properties" : { | |
| "Path": "/", | |
| "Policies": [{ | |
| "PolicyName": "root", | |
| "PolicyDocument": { "Statement":[{ | |
| "Effect" : "Allow", | |
| "Action" : [ | |
| "s3:GetObject" | |
| ], | |
| "Resource" :{"Fn::Join": ["",["arn:aws:s3:::",{"Ref":"BucketName"},"/*"]]} | |
| }]} | |
| }] | |
| } | |
| }, | |
| "CfnKeys" : { | |
| "Type" : "AWS::IAM::AccessKey", | |
| "Properties" : { | |
| "UserName" : {"Ref": "CfnUser"} | |
| } | |
| }, | |
| "WebServerInstance": { | |
| "Type": "AWS::EC2::Instance", | |
| "Metadata" : { | |
| "AWS::CloudFormation::Init" : { | |
| "config" : { | |
| "files" : { | |
| "/usr/share/tomcat7/webapps/sample.war" : { | |
| "source" : { | |
| "Fn::Join" : ["", ["https://s3.amazonaws.com/",{ "Ref" : "BucketName" },"/","sample.war"]] | |
| }, | |
| "owner" : "root", | |
| "mode" : "000777", | |
| "authentication": "S3AccessCreds" | |
| } | |
| } | |
| } | |
| }, | |
| "AWS::CloudFormation::Authentication" : { | |
| "S3AccessCreds" : { | |
| "type" : "S3", | |
| "accessKeyId" : { "Ref" : "CfnKeys" }, | |
| "secretKey" : {"Fn::GetAtt": ["CfnKeys", "SecretAccessKey"]}, | |
| "buckets" : [ { "Ref" : "BucketName" } ] | |
| } | |
| } | |
| }, | |
| "Properties": { | |
| "InstanceType": "t2.micro", | |
| "ImageId": "ami-8c1be5f6", | |
| "NetworkInterfaces" : [{ | |
| "GroupSet" : [{"Ref": "WebServerSecurityGroup"}], | |
| "AssociatePublicIpAddress" : "true", | |
| "DeviceIndex" : "0", | |
| "DeleteOnTermination" : "true", | |
| "SubnetId" : {"Ref": "PublicSubnet"} | |
| }], | |
| "KeyName": { | |
| "Ref": "KeyPair" | |
| }, | |
| "UserData": { | |
| "Fn::Base64": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "#!/bin/bash -xe\n", | |
| "sudo yum update -y\n", | |
| "sudo yum install -y tomcat7-webapps tomcat7-docs-webapp tomcat7-admin-webapps\n", | |
| "sudo service tomcat7 start\n", | |
| "yum update -y aws-cfn-bootstrap\n", | |
| "# Installing application\n", | |
| "/opt/aws/bin/cfn-init -s ",{ "Ref" : "AWS::StackName" }, | |
| " -r WebServerInstance ", | |
| " --region ", { "Ref" : "AWS::Region" },"\n", | |
| "# Signal the status from cfn-init\n", | |
| "/opt/aws/bin/cfn-signal -e $? ", | |
| " --stack ", | |
| { "Ref": "AWS::StackName" }, | |
| " --resource WebServerInstance ", | |
| " --region ", | |
| { "Ref": "AWS::Region" },"\n" | |
| ] | |
| ] | |
| } | |
| } | |
| }, | |
| "CreationPolicy": { | |
| "ResourceSignal": { "Timeout": "PT5M"} | |
| } | |
| } | |
| }, | |
| "Outputs" : { | |
| "URL" : { | |
| "Description" : "URL of the sample website", | |
| "Value" : { "Fn::Join" : [ "", [ "http://", { "Fn::GetAtt" : [ "WebServerInstance", "PublicDnsName" ]},":8080"]]} | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment