forked from bhargavamin/devops-techtalk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathec2-instance.yml
162 lines (159 loc) · 4.17 KB
/
ec2-instance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
AWSTemplateFormatVersion: '2010-09-09'
Description: 'Create a instance with codedeploy agent'
Parameters:
InstanceType:
AllowedValues:
- t2.micro
- t2.small
- t2.medium
- t2.large
ConstraintDescription: must be a valid EC2 instance type.
Default: t2.micro
Description: TestInstance EC2 instance type
Type: String
KeyName:
ConstraintDescription: must be the name of an existing EC2 KeyPair.
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
Type: AWS::EC2::KeyPair::KeyName
Default: techtalk
SSHLocation:
AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Default: 0.0.0.0/0
Description: The IP address range that can be used to SSH to the EC2 instances
MaxLength: '18'
MinLength: '9'
Type: String
Mappings:
AWSInstanceType2Arch:
t1.micro:
Arch: PV64
t2.large:
Arch: HVM64
t2.medium:
Arch: HVM64
t2.micro:
Arch: HVM64
t2.nano:
Arch: HVM64
t2.small:
Arch: HVM64
AWSInstanceType2NATArch:
t1.micro:
Arch: NATPV64
t2.large:
Arch: NATHVM64
t2.medium:
Arch: NATHVM64
t2.micro:
Arch: NATHVM64
t2.nano:
Arch: NATHVM64
t2.small:
Arch: NATHVM64
AWSRegionArch2AMI:
ap-northeast-1:
HVM64: ami-383c1956
HVMG2: ami-08e5c166
PV64: ami-393c1957
ap-northeast-2:
HVM64: ami-249b554a
HVMG2: NOT_SUPPORTED
PV64: NOT_SUPPORTED
ap-southeast-1:
HVM64: ami-c9b572aa
HVMG2: ami-5a15d239
PV64: ami-34bd7a57
ap-southeast-2:
HVM64: ami-48d38c2b
HVMG2: ami-0c1a446f
PV64: ami-ced887ad
cn-north-1:
HVM64: ami-43a36a2e
HVMG2: NOT_SUPPORTED
PV64: ami-18ac6575
eu-central-1:
HVM64: ami-bc5b48d0
HVMG2: ami-ba1a09d6
PV64: ami-794a5915
eu-west-1:
HVM64: ami-bff32ccc
HVMG2: ami-83fd23f0
PV64: ami-95e33ce6
sa-east-1:
HVM64: ami-6817af04
HVMG2: NOT_SUPPORTED
PV64: ami-7d15ad11
us-east-1:
HVM64: ami-60b6c60a
HVMG2: ami-e998ea83
PV64: ami-5fb8c835
us-west-1:
HVM64: ami-d5ea86b5
HVMG2: ami-943956f4
PV64: ami-56ea8636
us-west-2:
HVM64: ami-f0091d91
HVMG2: ami-315f4850
PV64: ami-d93622b8
Resources:
CodeDeployRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service:
- "ec2.amazonaws.com"
- "codedeploy.amazonaws.com"
Action:
- "sts:AssumeRole"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/AdministratorAccess"
Path: "/"
CDInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Path: "/"
Roles:
- !Ref CodeDeployRole
TestInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: !FindInMap [AWSRegionArch2AMI, !Ref 'AWS::Region', !FindInMap [AWSInstanceType2Arch, !Ref InstanceType, Arch]]
InstanceType:
Ref: InstanceType
KeyName:
Ref: KeyName
IamInstanceProfile: !Ref CDInstanceProfile
SecurityGroups:
- Ref: TestInstanceSecurityGroup
UserData:
Fn::Base64: !Sub |
#!/bin/bash -xe
yum update -y aws-cfn-bootstrap
yum install ruby wget -y
cd /home/ec2-user
wget https://aws-codedeploy-${AWS::Region}.s3.amazonaws.com/latest/install
chmod +x ./install
sudo ./install auto
TestInstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: "Enable HTTP access via port 80 locked down to the load balancer + SSH access"
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
FromPort: '80'
IpProtocol: tcp
ToPort: '80'
- CidrIp: !Ref SSHLocation
FromPort: '22'
IpProtocol: tcp
ToPort: '22'
Outputs:
PublicIP:
Description: EC2 public IP
Value: !GetAtt TestInstance.PublicIp