karlospn · February 17, 2019 23:03
diff --git a/gistfile1.txt b/gistfile1.txt
 Parameters:
  Ec2Name:
    Description: ec2 name
    Type: String
  Ec2AvailZone:
    Description: availability zone
    Type: AWS::EC2::AvailabilityZone::Name
  RdsAvailZone1:
    Description: availability zone
    Type: AWS::EC2::AvailabilityZone::Name
  RdsAvailZone2:
    Description: availability zone
    Type: AWS::EC2::AvailabilityZone::Name
  Ec2KeyPair: 
    Description: Amazon EC2 Key Pair
    Type: "AWS::EC2::KeyPair::KeyName"
  EnvironmentSize:
    Type: String
    Default: SMALL
    AllowedValues:
      - SMALL
      - MEDIUM
      - LARGE
  DatabaseName:
    Type: String
    Default: wordpress
  DatabaseUser:
    Type: String
    Default: wordpress
  DatabasePassword:
    Type: String
    Default: w0rdpr355
    NoEcho: true

 Mappings:
  EnvSize:
    SMALL:
      EC2: t2.micro
      DB: db.t2.micro
    MEDIUM:
      EC2: t2.medium
      DB: db.t2.medium
    LARGE:
      EC2: t2.large
      DB: db.t2.large


 Outputs:
  Ec2DnsName:
    Description: dns name
    Value: !GetAtt EC2LinuxServer.PublicDnsName
  Ec2IpPublic:
    Description: public ip
    Value: !GetAtt EC2LinuxServer.PublicIp

 Resources:
  EC2LinuxServer:
    Type: AWS::EC2::Instance  
    DependsOn:
    - RDS
    Properties:
      AvailabilityZone: !Ref Ec2AvailZone
      InstanceType: !FindInMap [EnvSize, !Ref EnvironmentSize, EC2]
      ImageId: ami-08935252a36e25f85
      KeyName: !Ref Ec2KeyPair
      NetworkInterfaces: 
      - AssociatePublicIpAddress: "true"
        DeviceIndex: "0"
        GroupSet: 
        - !Ref EC2SecGroup
        SubnetId: !Ref EC2Subnet
      Tags:
        - Key: Name
          Value: !Ref Ec2Name
      UserData:
        "Fn::Base64":
          !Sub |
            #!/bin/bash
            yum update -y aws-cfn-bootstrap # good practice - always do this.
            /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2 --configsets wordpress --region ${AWS::Region}
            yum -y update
    Metadata:
      AWS::CloudFormation::Init:
        configSets:
          wordpress:
            - "install_wordpress"
            - "config_wordpress"
        install_wordpress:
          packages:
            yum:
              httpd: []
              php: []
              mysql: []
              php-mysql: []
          sources:
            /var/www/html: "http://wordpress.org/latest.tar.gz"
          services:
            sysvinit:
              httpd:
                enabled: "true"
                ensureRunning: "true"
        config_wordpress:
          commands:
            01_clone_config:
              cwd: "/var/www/html/wordpress"
              test: "test ! -e /var/www/html/wordpress/wp-config.php"
              command: "cp wp-config-sample.php wp-config.php"
            02_inject_dbhost:
              cwd: "/var/www/html/wordpress"
              command: !Sub |
                sed -i 's/localhost/${RDS.Endpoint.Address}/g' wp-config.php
            03_inject_dbname:
              cwd: "/var/www/html/wordpress"
              command: !Sub |
                sed -i 's/database_name_here/${DatabaseName}/g' wp-config.php
            04_inject_dbuser:
              cwd: "/var/www/html/wordpress"
              command: !Sub |
                sed -i 's/username_here/${DatabaseUser}/g' wp-config.php
            05_inject_dbpassword:
              cwd: "/var/www/html/wordpress"
              command: !Sub |
                sed -i 's/password_here/${DatabasePassword}/g' wp-config.php
  InternetGateway:
    Type: AWS::EC2::InternetGateway
  VPCGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties: 
      InternetGatewayId: !Ref InternetGateway
      VpcId: !Ref VPC
  SecondaryRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
  SubnetRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref EC2Subnet
      RouteTableId: !Ref SecondaryRouteTable
  Route:
    Type: AWS::EC2::Route
    DependsOn: 
    - InternetGateway
    - VPCGatewayAttachment
    Properties:
      RouteTableId: !Ref SecondaryRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: true
      EnableDnsHostnames: true
  EC2SecGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Allow ssh
      VpcId: !Ref VPC
      SecurityGroupIngress:
      - IpProtocol : tcp
        FromPort : 80
        ToPort : 80
        CidrIp : 0.0.0.0/0
      - IpProtocol : tcp
        FromPort : 22
        ToPort : 22
        CidrIp : 0.0.0.0/0
  EC2Subnet:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Ref Ec2AvailZone
      VpcId: !Ref VPC
      CidrBlock: 10.0.1.0/24
  RDSSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Ref RdsAvailZone1
      VpcId: !Ref VPC
      CidrBlock: 10.0.2.0/24
  RDSSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Ref RdsAvailZone2
      VpcId: !Ref VPC
      CidrBlock: 10.0.3.0/24
  RDSSubnetGroup:
    Type: AWS::RDS::DBSubnetGroup
    DependsOn:
    - RDSSubnet1
    - RDSSubnet2
    Properties: 
      DBSubnetGroupDescription: Lab DB Subnet Group
      DBSubnetGroupName: Lab DB Subnet Group
      SubnetIds:
        - !Ref RDSSubnet1
        - !Ref RDSSubnet2
  S3:
    Type: AWS::S3::Bucket
    DeletionPolicy: Retain
    Properties: 
      BucketName: wp-s3-cf-bucket-test
  DBEC2SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    DependsOn:
    - EC2SecGroup
    Properties:
      GroupDescription: Open database for access
      VpcId: !Ref VPC
      SecurityGroupIngress:
      - IpProtocol: tcp
        FromPort: '3306'
        ToPort: '3306'
        SourceSecurityGroupId: !GetAtt EC2SecGroup.GroupId
  RDS:
    Type: AWS::RDS::DBInstance
    DependsOn:
    - DBEC2SecurityGroup
    - RDSSubnetGroup
    Properties:
      AllocatedStorage: 10
      DBInstanceClass: !FindInMap [EnvSize, !Ref EnvironmentSize, DB]
      AvailabilityZone: !Ref Ec2AvailZone
      DBName: !Ref DatabaseName
      Engine: mysql
      MasterUsername: !Ref DatabaseUser
      MasterUserPassword: !Ref DatabasePassword
      StorageType: gp2
      DBSubnetGroupName:  
        !Ref RDSSubnetGroup
      VPCSecurityGroups:
        - !GetAtt DBEC2SecurityGroup.GroupId
	Parameters:
	Ec2Name:
	Description: ec2 name
	Type: String
	Ec2AvailZone:
	Description: availability zone
	Type: AWS::EC2::AvailabilityZone::Name
	RdsAvailZone1:
	Description: availability zone
	Type: AWS::EC2::AvailabilityZone::Name
	RdsAvailZone2:
	Description: availability zone
	Type: AWS::EC2::AvailabilityZone::Name
	Ec2KeyPair:
	Description: Amazon EC2 Key Pair
	Type: "AWS::EC2::KeyPair::KeyName"
	EnvironmentSize:
	Type: String
	Default: SMALL
	AllowedValues:
	- SMALL
	- MEDIUM
	- LARGE
	DatabaseName:
	Type: String
	Default: wordpress
	DatabaseUser:
	Type: String
	Default: wordpress
	DatabasePassword:
	Type: String
	Default: w0rdpr355
	NoEcho: true

	Mappings:
	EnvSize:
	SMALL:
	EC2: t2.micro
	DB: db.t2.micro
	MEDIUM:
	EC2: t2.medium
	DB: db.t2.medium
	LARGE:
	EC2: t2.large
	DB: db.t2.large


	Outputs:
	Ec2DnsName:
	Description: dns name
	Value: !GetAtt EC2LinuxServer.PublicDnsName
	Ec2IpPublic:
	Description: public ip
	Value: !GetAtt EC2LinuxServer.PublicIp

	Resources:
	EC2LinuxServer:
	Type: AWS::EC2::Instance
	DependsOn:
	- RDS
	Properties:
	AvailabilityZone: !Ref Ec2AvailZone
	InstanceType: !FindInMap [EnvSize, !Ref EnvironmentSize, EC2]
	ImageId: ami-08935252a36e25f85
	KeyName: !Ref Ec2KeyPair
	NetworkInterfaces:
	- AssociatePublicIpAddress: "true"
	DeviceIndex: "0"
	GroupSet:
	- !Ref EC2SecGroup
	SubnetId: !Ref EC2Subnet
	Tags:
	- Key: Name
	Value: !Ref Ec2Name
	UserData:
	"Fn::Base64":
	!Sub \|
	#!/bin/bash
	yum update -y aws-cfn-bootstrap # good practice - always do this.
	/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2 --configsets wordpress --region ${AWS::Region}
	yum -y update
	Metadata:
	AWS::CloudFormation::Init:
	configSets:
	wordpress:
	- "install_wordpress"
	- "config_wordpress"
	install_wordpress:
	packages:
	yum:
	httpd: []
	php: []
	mysql: []
	php-mysql: []
	sources:
	/var/www/html: "http://wordpress.org/latest.tar.gz"
	services:
	sysvinit:
	httpd:
	enabled: "true"
	ensureRunning: "true"
	config_wordpress:
	commands:
	01_clone_config:
	cwd: "/var/www/html/wordpress"
	test: "test ! -e /var/www/html/wordpress/wp-config.php"
	command: "cp wp-config-sample.php wp-config.php"
	02_inject_dbhost:
	cwd: "/var/www/html/wordpress"
	command: !Sub \|
	sed -i 's/localhost/${RDS.Endpoint.Address}/g' wp-config.php
	03_inject_dbname:
	cwd: "/var/www/html/wordpress"
	command: !Sub \|
	sed -i 's/database_name_here/${DatabaseName}/g' wp-config.php
	04_inject_dbuser:
	cwd: "/var/www/html/wordpress"
	command: !Sub \|
	sed -i 's/username_here/${DatabaseUser}/g' wp-config.php
	05_inject_dbpassword:
	cwd: "/var/www/html/wordpress"
	command: !Sub \|
	sed -i 's/password_here/${DatabasePassword}/g' wp-config.php
	InternetGateway:
	Type: AWS::EC2::InternetGateway
	VPCGatewayAttachment:
	Type: AWS::EC2::VPCGatewayAttachment
	Properties:
	InternetGatewayId: !Ref InternetGateway
	VpcId: !Ref VPC
	SecondaryRouteTable:
	Type: AWS::EC2::RouteTable
	Properties:
	VpcId: !Ref VPC
	SubnetRouteTableAssociation:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	SubnetId: !Ref EC2Subnet
	RouteTableId: !Ref SecondaryRouteTable
	Route:
	Type: AWS::EC2::Route
	DependsOn:
	- InternetGateway
	- VPCGatewayAttachment
	Properties:
	RouteTableId: !Ref SecondaryRouteTable
	DestinationCidrBlock: 0.0.0.0/0
	GatewayId: !Ref InternetGateway
	VPC:
	Type: AWS::EC2::VPC
	Properties:
	CidrBlock: 10.0.0.0/16
	EnableDnsSupport: true
	EnableDnsHostnames: true
	EC2SecGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: Allow ssh
	VpcId: !Ref VPC
	SecurityGroupIngress:
	- IpProtocol : tcp
	FromPort : 80
	ToPort : 80
	CidrIp : 0.0.0.0/0
	- IpProtocol : tcp
	FromPort : 22
	ToPort : 22
	CidrIp : 0.0.0.0/0
	EC2Subnet:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Ref Ec2AvailZone
	VpcId: !Ref VPC
	CidrBlock: 10.0.1.0/24
	RDSSubnet1:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Ref RdsAvailZone1
	VpcId: !Ref VPC
	CidrBlock: 10.0.2.0/24
	RDSSubnet2:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Ref RdsAvailZone2
	VpcId: !Ref VPC
	CidrBlock: 10.0.3.0/24
	RDSSubnetGroup:
	Type: AWS::RDS::DBSubnetGroup
	DependsOn:
	- RDSSubnet1
	- RDSSubnet2
	Properties:
	DBSubnetGroupDescription: Lab DB Subnet Group
	DBSubnetGroupName: Lab DB Subnet Group
	SubnetIds:
	- !Ref RDSSubnet1
	- !Ref RDSSubnet2
	S3:
	Type: AWS::S3::Bucket
	DeletionPolicy: Retain
	Properties:
	BucketName: wp-s3-cf-bucket-test
	DBEC2SecurityGroup:
	Type: AWS::EC2::SecurityGroup
	DependsOn:
	- EC2SecGroup
	Properties:
	GroupDescription: Open database for access
	VpcId: !Ref VPC
	SecurityGroupIngress:
	- IpProtocol: tcp
	FromPort: '3306'
	ToPort: '3306'
	SourceSecurityGroupId: !GetAtt EC2SecGroup.GroupId
	RDS:
	Type: AWS::RDS::DBInstance
	DependsOn:
	- DBEC2SecurityGroup
	- RDSSubnetGroup
	Properties:
	AllocatedStorage: 10
	DBInstanceClass: !FindInMap [EnvSize, !Ref EnvironmentSize, DB]
	AvailabilityZone: !Ref Ec2AvailZone
	DBName: !Ref DatabaseName
	Engine: mysql
	MasterUsername: !Ref DatabaseUser
	MasterUserPassword: !Ref DatabasePassword
	StorageType: gp2
	DBSubnetGroupName:
	!Ref RDSSubnetGroup
	VPCSecurityGroups:
	- !GetAtt DBEC2SecurityGroup.GroupId