Skip to content

Instantly share code, notes, and snippets.

@hairyhenderson

hairyhenderson/deletion_policies.diff

Last active February 8, 2018 20:06
Show Gist options
  • Save hairyhenderson/0676eb235c8ecf09d548ba7d6341ca84 to your computer and use it in GitHub Desktop.
Save hairyhenderson/0676eb235c8ecf09d548ba7d6341ca84 to your computer and use it in GitHub Desktop.
Download ZIP
files for post
Raw
deletion_policies.diff
--- Docker.tmpl.orig 2018-02-07 22:31:45.000000000 -0500
+++ Docker.tmpl 2018-02-07 22:31:37.000000000 -0500
@@ -900,6 +900,7 @@
"Ref": "Vpc"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::VPCGatewayAttachment"
},
"CloudstorEBSPolicy": {
@@ -1219,6 +1220,7 @@
}
]
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::InternetGateway"
},
"LambdaExecutionRole": {
@@ -2372,6 +2374,7 @@
"Ref": "PubSubnetAz1"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::SubnetRouteTableAssociation"
},
"PubSubnet2RouteTableAssociation": {
@@ -2387,6 +2390,7 @@
"Ref": "PubSubnetAz2"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::SubnetRouteTableAssociation"
},
"PubSubnet3RouteTableAssociation": {
@@ -2402,6 +2406,7 @@
"Ref": "PubSubnetAz3"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::SubnetRouteTableAssociation"
},
"PubSubnetAz1": {
@@ -2463,6 +2468,7 @@
"Ref": "Vpc"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::Subnet"
},
"PubSubnetAz2": {
@@ -2524,6 +2530,7 @@
"Ref": "Vpc"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::Subnet"
},
"PubSubnetAz3": {
@@ -2585,6 +2592,7 @@
"Ref": "Vpc"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::Subnet"
},
"PublicRouteViaIgw": {
@@ -2601,6 +2609,7 @@
"Ref": "RouteViaIgw"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::Route"
},
"RouteViaIgw": {
@@ -2626,6 +2635,7 @@
"Ref": "Vpc"
}
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::RouteTable"
},
"SwarmAPIPolicy": {
@@ -2942,6 +2952,7 @@
}
]
},
+ "DeletionPolicy": "Retain",
"Type": "AWS::EC2::VPC"
},
"WorkerInstanceProfile": {
Raw
new_resources.tf
variable "VpcCidr" {
default = "172.31.0.0/16"
}
variable "PubSubnetCidrs" {
type = "list"
default = [ "172.31.0.0/20", "172.31.16.0/20", "172.31.32.0/20" ]
}
variable "Azs" {
type = "list"
default = [ "us-east-1a", "us-east-1b", "us-east-1c" ]
}
resource "aws_vpc" "Vpc" {
cidr_block = "${var.VpcCidr}"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Name = "${var.stack_name}-VPC"
}
}
resource "aws_subnet" "PubSubnetAz1" {
availability_zone = "${var.Azs[0]}"
cidr_block = "${var.PubSubnetCidrs[0]}"
vpc_id = "${aws_vpc.Vpc.id}"
tags {
Name = "${var.stack_name}-Subnet1"
}
}
resource "aws_subnet" "PubSubnetAz2" {
availability_zone = "${var.Azs[1]}"
cidr_block = "${var.PubSubnetCidrs[1]}"
vpc_id = "${aws_vpc.Vpc.id}"
tags {
Name = "${var.stack_name}-Subnet2"
}
}
resource "aws_subnet" "PubSubnetAz3" {
availability_zone = "${var.Azs[2]}"
cidr_block = "${var.PubSubnetCidrs[2]}"
vpc_id = "${aws_vpc.Vpc.id}"
tags {
Name = "${var.stack_name}-Subnet3"
}
}
resource "aws_internet_gateway" "InternetGateway" {
vpc_id = "${aws_vpc.Vpc.id}"
tags {
Name = "${var.stack_name}-IGW"
}
}
resource "aws_route_table" "RouteViaIgw" {
vpc_id = "${aws_vpc.Vpc.id}"
tags {
Name = "${var.stack_name}-RT"
}
}
resource "aws_route_table_association" "RouteViaIgw-1" {
subnet_id = "${aws_subnet.PubSubnetAz1.id}"
route_table_id = "${aws_route_table.RouteViaIgw.id}"
}
resource "aws_route_table_association" "RouteViaIgw-2" {
subnet_id = "${aws_subnet.PubSubnetAz2.id}"
route_table_id = "${aws_route_table.RouteViaIgw.id}"
}
resource "aws_route_table_association" "RouteViaIgw" {
subnet_id = "${aws_subnet.PubSubnetAz3.id}"
route_table_id = "${aws_route_table.RouteViaIgw.id}"
}
resource "aws_route" "RouteViaIgw" {
route_table_id = "${aws_route_table.RouteViaIgw.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.InternetGateway.id}"
}
Raw
removed_resources.diff
--- Docker.tmpl.orig 2018-02-07 22:31:37.000000000 -0500
+++ Docker.tmpl 2018-02-08 15:06:01.000000000 -0500
@@ -502,6 +502,18 @@
"WorkerDiskSize",
"WorkerDiskType"
]
+ },
+ {
+ "Label": {
+ "default": "VPC/Network"
+ },
+ "Parameters": [
+ "Vpc",
+ "VpcCidr",
+ "PubSubnetAz1",
+ "PubSubnetAz2",
+ "PubSubnetAz3"
+ ]
}
],
"ParameterLabels": {
@@ -541,6 +553,21 @@
"ManagerSize": {
"default": "Number of Swarm managers?"
},
+ "PubSubnetAz1": {
+ "default": "Public Subnet 1"
+ },
+ "PubSubnetAz2": {
+ "default": "Public Subnet 2"
+ },
+ "PubSubnetAz3": {
+ "default": "Public Subnet 3"
+ },
+ "Vpc": {
+ "default": "VPC"
+ },
+ "VpcCidr": {
+ "default": "VPC CIDR Range"
+ },
"WorkerDiskSize": {
"default": "Worker ephemeral storage volume size?"
},
@@ -610,12 +637,6 @@
"Ref": "SwarmWideSG"
}
},
- "VPCID": {
- "Description": "Use this as the VPC for configuring Private Hosted Zones",
- "Value": {
- "Ref": "Vpc"
- }
- },
"ZoneAvailabilityComment": {
"Description": "Availabilty Zones Comment",
"Value": {
@@ -813,6 +834,27 @@
"Description": "Number of Swarm manager nodes (1, 3, 5)",
"Type": "Number"
},
+ "PubSubnetAz1": {
+ "Description": "Public Subnet 1",
+ "Type": "AWS::EC2::Subnet::Id"
+ },
+ "PubSubnetAz2": {
+ "Description": "Public Subnet 2",
+ "Type": "AWS::EC2::Subnet::Id"
+ },
+ "PubSubnetAz3": {
+ "Description": "Public Subnet 3",
+ "Type": "AWS::EC2::Subnet::Id"
+ },
+ "Vpc": {
+ "Description": "VPC must have internet access (with Internet Gateway or Virtual Private Gateway)",
+ "Type": "AWS::EC2::VPC::Id"
+ },
+ "VpcCidr": {
+ "ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x.",
+ "Description": "The CIDR range for your VPC in form x.x.x.x/x",
+ "Type": "String"
+ },
"WorkerDiskSize": {
"Default": "20",
"Description": "Size of Workers's ephemeral storage volume in GiB",
@@ -887,22 +929,6 @@
},
"Type": "AWS::Lambda::Function"
},
- "AttachGateway": {
- "DependsOn": [
- "Vpc",
- "InternetGateway"
- ],
- "Properties": {
- "InternetGatewayId": {
- "Ref": "InternetGateway"
- },
- "VpcId": {
- "Ref": "Vpc"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::VPCGatewayAttachment"
- },
"CloudstorEBSPolicy": {
"DependsOn": [
"ProxyRole",
@@ -1057,11 +1083,7 @@
},
"ExternalLoadBalancer": {
"DependsOn": [
- "AttachGateway",
- "ExternalLoadBalancerSG",
- "PubSubnetAz1",
- "PubSubnetAz2",
- "PubSubnetAz3"
+ "ExternalLoadBalancerSG"
],
"Properties": {
"ConnectionSettings": {
@@ -1131,7 +1153,6 @@
"Type": "AWS::ElasticLoadBalancing::LoadBalancer"
},
"ExternalLoadBalancerSG": {
- "DependsOn": "Vpc",
"Properties": {
"GroupDescription": "External Load Balancer SecurityGroup",
"SecurityGroupIngress": [
@@ -1200,29 +1221,6 @@
},
"Type": "AWS::EFS::FileSystem"
},
- "InternetGateway": {
- "DependsOn": "Vpc",
- "Properties": {
- "Tags": [
- {
- "Key": "Name",
- "Value": {
- "Fn::Join": [
- "-",
- [
- {
- "Ref": "AWS::StackName"
- },
- "IGW"
- ]
- ]
- }
- }
- ]
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::InternetGateway"
- },
"LambdaExecutionRole": {
"Condition": "LambdaSupported",
"Properties": {
@@ -1283,9 +1281,6 @@
},
"DependsOn": [
"SwarmDynDBTable",
- "PubSubnetAz1",
- "PubSubnetAz2",
- "PubSubnetAz3",
"ExternalLoadBalancer"
],
"Properties": {
@@ -2242,7 +2237,6 @@
"Type": "AWS::AutoScaling::LaunchConfiguration"
},
"NodeVpcSG": {
- "DependsOn": "Vpc",
"Properties": {
"GroupDescription": "Node SecurityGroup",
"SecurityGroupEgress": [
@@ -2278,11 +2272,7 @@
"SecurityGroupIngress": [
{
"CidrIp": {
- "Fn::FindInMap": [
- "VpcCidrs",
- "vpc",
- "cidr"
- ]
+ "Ref": "VpcCidr"
},
"FromPort": "0",
"IpProtocol": "-1",
@@ -2361,283 +2351,6 @@
},
"Type": "AWS::IAM::Role"
},
- "PubSubnet1RouteTableAssociation": {
- "DependsOn": [
- "PubSubnetAz1",
- "RouteViaIgw"
- ],
- "Properties": {
- "RouteTableId": {
- "Ref": "RouteViaIgw"
- },
- "SubnetId": {
- "Ref": "PubSubnetAz1"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::SubnetRouteTableAssociation"
- },
- "PubSubnet2RouteTableAssociation": {
- "DependsOn": [
- "PubSubnetAz2",
- "RouteViaIgw"
- ],
- "Properties": {
- "RouteTableId": {
- "Ref": "RouteViaIgw"
- },
- "SubnetId": {
- "Ref": "PubSubnetAz2"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::SubnetRouteTableAssociation"
- },
- "PubSubnet3RouteTableAssociation": {
- "DependsOn": [
- "PubSubnetAz3",
- "RouteViaIgw"
- ],
- "Properties": {
- "RouteTableId": {
- "Ref": "RouteViaIgw"
- },
- "SubnetId": {
- "Ref": "PubSubnetAz3"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::SubnetRouteTableAssociation"
- },
- "PubSubnetAz1": {
- "DependsOn": "Vpc",
- "Properties": {
- "AvailabilityZone": {
- "Fn::If": [
- "LambdaSupported",
- {
- "Fn::GetAtt": [
- "AZInfo",
- "AZ0"
- ]
- },
- {
- "Fn::Select": [
- {
- "Fn::FindInMap": [
- "AWSRegion2AZ",
- {
- "Ref": "AWS::Region"
- },
- "AZ0"
- ]
- },
- {
- "Fn::GetAZs": {
- "Ref": "AWS::Region"
- }
- }
- ]
- }
- ]
- },
- "CidrBlock": {
- "Fn::FindInMap": [
- "VpcCidrs",
- "pubsubnet1",
- "cidr"
- ]
- },
- "Tags": [
- {
- "Key": "Name",
- "Value": {
- "Fn::Join": [
- "-",
- [
- {
- "Ref": "AWS::StackName"
- },
- "Subnet1"
- ]
- ]
- }
- }
- ],
- "VpcId": {
- "Ref": "Vpc"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::Subnet"
- },
- "PubSubnetAz2": {
- "DependsOn": "Vpc",
- "Properties": {
- "AvailabilityZone": {
- "Fn::If": [
- "LambdaSupported",
- {
- "Fn::GetAtt": [
- "AZInfo",
- "AZ1"
- ]
- },
- {
- "Fn::Select": [
- {
- "Fn::FindInMap": [
- "AWSRegion2AZ",
- {
- "Ref": "AWS::Region"
- },
- "AZ1"
- ]
- },
- {
- "Fn::GetAZs": {
- "Ref": "AWS::Region"
- }
- }
- ]
- }
- ]
- },
- "CidrBlock": {
- "Fn::FindInMap": [
- "VpcCidrs",
- "pubsubnet2",
- "cidr"
- ]
- },
- "Tags": [
- {
- "Key": "Name",
- "Value": {
- "Fn::Join": [
- "-",
- [
- {
- "Ref": "AWS::StackName"
- },
- "Subnet2"
- ]
- ]
- }
- }
- ],
- "VpcId": {
- "Ref": "Vpc"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::Subnet"
- },
- "PubSubnetAz3": {
- "DependsOn": "Vpc",
- "Properties": {
- "AvailabilityZone": {
- "Fn::If": [
- "LambdaSupported",
- {
- "Fn::GetAtt": [
- "AZInfo",
- "AZ2"
- ]
- },
- {
- "Fn::Select": [
- {
- "Fn::FindInMap": [
- "AWSRegion2AZ",
- {
- "Ref": "AWS::Region"
- },
- "AZ2"
- ]
- },
- {
- "Fn::GetAZs": {
- "Ref": "AWS::Region"
- }
- }
- ]
- }
- ]
- },
- "CidrBlock": {
- "Fn::FindInMap": [
- "VpcCidrs",
- "pubsubnet3",
- "cidr"
- ]
- },
- "Tags": [
- {
- "Key": "Name",
- "Value": {
- "Fn::Join": [
- "-",
- [
- {
- "Ref": "AWS::StackName"
- },
- "Subnet3"
- ]
- ]
- }
- }
- ],
- "VpcId": {
- "Ref": "Vpc"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::Subnet"
- },
- "PublicRouteViaIgw": {
- "DependsOn": [
- "AttachGateway",
- "RouteViaIgw"
- ],
- "Properties": {
- "DestinationCidrBlock": "0.0.0.0/0",
- "GatewayId": {
- "Ref": "InternetGateway"
- },
- "RouteTableId": {
- "Ref": "RouteViaIgw"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::Route"
- },
- "RouteViaIgw": {
- "DependsOn": "Vpc",
- "Properties": {
- "Tags": [
- {
- "Key": "Name",
- "Value": {
- "Fn::Join": [
- "-",
- [
- {
- "Ref": "AWS::StackName"
- },
- "RT"
- ]
- ]
- }
- }
- ],
- "VpcId": {
- "Ref": "Vpc"
- }
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::RouteTable"
- },
"SwarmAPIPolicy": {
"DependsOn": "ProxyRole",
"Properties": {
@@ -2878,17 +2591,12 @@
"Type": "AWS::IAM::Policy"
},
"SwarmWideSG": {
- "DependsOn": "Vpc",
"Properties": {
"GroupDescription": "Swarm wide access",
"SecurityGroupIngress": [
{
"CidrIp": {
- "Fn::FindInMap": [
- "VpcCidrs",
- "vpc",
- "cidr"
- ]
+ "Ref": "VpcCidr"
},
"FromPort": "0",
"IpProtocol": "-1",
@@ -2924,37 +2632,6 @@
},
"Type": "AWS::AutoScaling::LifecycleHook"
},
- "Vpc": {
- "Properties": {
- "CidrBlock": {
- "Fn::FindInMap": [
- "VpcCidrs",
- "vpc",
- "cidr"
- ]
- },
- "EnableDnsHostnames": "true",
- "EnableDnsSupport": "true",
- "Tags": [
- {
- "Key": "Name",
- "Value": {
- "Fn::Join": [
- "-",
- [
- {
- "Ref": "AWS::StackName"
- },
- "VPC"
- ]
- ]
- }
- }
- ]
- },
- "DeletionPolicy": "Retain",
- "Type": "AWS::EC2::VPC"
- },
"WorkerInstanceProfile": {
"DependsOn": "WorkerRole",
"Properties": {
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment