Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "AWSTemplateFormatVersion": "2010-09-09",
- "Description": "SES IAM user creation example.",
- "Parameters": {
- "InstanceType": {
- "Description": "Instance Type of the EC2 instances in the Autoscale group.",
- "Type": "String",
- "AllowedValues": [ "t1.micro", "m1.small", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.medium", "c1.xlarge", "cc1.4xlarge" ],
- "ConstraintDescription": "must be a valid EC2 instance type.",
- "Default": "t1.micro"
- },
- "KeyName": {
- "Description": "SSH Key name to install on the EC2 instances.",
- "Type": "String"
- },
- "BucketName": {
- "Description": "Bucket used to retrieve package of the app from.",
- "Type": "String"
- }
- },
- "Mappings": {
- "AWSRegion2AMI": {
- "us-east-1": { "AMI": "ami-05355a6c" },
- "us-west-1": { "AMI": "ami-0358ce33" },
- "us-west-2": { "AMI": "ami-3ffed17a" },
- "eu-west-1": { "AMI": "ami-c7c0d6b3" },
- "sa-east-1": { "AMI": "ami-39b23d38" },
- "ap-southeast-1": { "AMI": "ami-39b23d38" },
- "ap-southeast-2": { "AMI": "ami-d16bfbeb" },
- "ap-northeast-1": { "AMI": "ami-39b23d38" }
- }
- },
- "Resources": {
- "SESUser": {
- "Type": "AWS::IAM::User",
- "Description": "User used to send email through SES",
- "Properties": {
- "Path": "/application/",
- "Policies": [ {
- "PolicyName": "SESIAM",
- "PolicyDocument": { "Statement": [
- { "Effect": "Allow", "Action": "ses:SendRawEmail", "Resource": "*" },
- { "Effect": "Allow", "Action": "cloudformation:DescribeStackResource", "Resource": "*" },
- { "Effect": "Allow", "Action": "s3:GetObject", "Resource": "*" }
- ] }
- } ]
- }
- },
- "SESKeys": {
- "Type": "AWS::IAM::AccessKey",
- "Properties": {
- "UserName": { "Ref": "SESUser" }
- }
- },
- "PermitICMPSSH": {
- "Type": "AWS::EC2::SecurityGroup",
- "Properties": {
- "GroupDescription": "Allowing incoming on ssh port",
- "SecurityGroupIngress": [ {
- "CidrIp": "0.0.0.0/0",
- "IpProtocol": "tcp",
- "FromPort": "22",
- "ToPort": "22"
- },
- {
- "CidrIp": "0.0.0.0/0",
- "IpProtocol": "icmp",
- "FromPort": "-1",
- "ToPort": "-1"
- } ]
- }
- },
- "SESInstance": {
- "Type": "AWS::EC2::Instance",
- "Metadata": {
- "AWS::CloudFormation::Init": {
- "configSets": {
- "default": [ "prepare_env", "postfix_conf", "finish_conf" ]
- },
- "prepare_env": {
- "packages": {
- "yum": {
- "postfix": []
- }
- },
- "services": {
- "sysvinit": {
- "sendmail": {
- "enabled": "false",
- "ensureRunning": "false"
- }
- }
- },
- "files": {
- "/etc/cfn/cfn-hup.conf": {
- "content": { "Fn::Join" : ["", [
- "[main]\n",
- "stack=", { "Ref": "AWS::StackName" }, "\n",
- "credential-file=/etc/cfn/cfn-credentials\n",
- "interval=5\n",
- "region=", { "Ref": "AWS::Region" }, "\n"
- ]]},
- "mode" : "000400",
- "owner" : "root",
- "group" : "root"
- },
- "/etc/cfn/cfn-credentials": {
- "content": { "Fn::Join" : ["", [
- "AWSAccessKeyId=", { "Ref": "SESKeys" }, "\n",
- "AWSSecretKey=", {"Fn::GetAtt": ["SESKeys", "SecretAccessKey"]}, "\n"
- ]]},
- "mode" : "000400",
- "owner" : "root",
- "group" : "root"
- },
- "/etc/cfn/hooks.d/cfn-auto-reloader.conf": {
- "content": { "Fn::Join": ["", [
- "[cfn-auto-reloader-hook]\n",
- "triggers=post.update\n",
- "path=Resources.SESInstance.Metadata.AWS::CloudFormation::Init\n",
- "action=/opt/aws/bin/cfn-init -s ", { "Ref": "AWS::StackName" }, " -r SESInstance ",
- " --region ", { "Ref": "AWS::Region" }, "\n",
- "runas=root\n"
- ]]}
- },
- "/tmp/sasl_passwd.rb": {
- "source" : { "Fn::Join": [ "", ["https://", { "Ref" : "BucketName" }, ".s3.amazonaws.com/ses_example/postfix_sasl_passwd.rb" ] ] },
- "context": {
- "access_key": { "Ref": "SESKeys" },
- "secret_key": { "Fn::GetAtt": [ "SESKeys", "SecretAccessKey" ] }
- },
- "mode" : "000755",
- "owner" : "root",
- "group" : "root"
- }
- }
- },
- "postfix_conf": {
- "files": {
- "/etc/postfix/main.cf": {
- "source" : { "Fn::Join": [ "", ["https://", { "Ref" : "BucketName" }, ".s3.amazonaws.com/ses_example/postfix_main.cf" ] ] },
- "mode" : "000644",
- "owner" : "root",
- "group" : "root"
- }
- },
- "commands": {
- "generate_sasl_passwd": {
- "command": "ruby /tmp/sasl_passwd.rb"
- }
- }
- },
- "finish_conf": {
- "commands": {
- "makedb_postfix": {
- "command": "postmap hash:/etc/postfix/sasl_passwd && /etc/init.d/postfix restart"
- }
- },
- "services": {
- "sysvinit": {
- "cfn-hup": {
- "enabled": "true",
- "ensureRunning": "true"
- },
- "postfix": {
- "enabled": "true",
- "ensureRunning": "true"
- }
- }
- }
- }
- },
- "AWS::CloudFormation::Authentication": {
- "S3AccessCreds": {
- "type": "S3",
- "accessKeyId": { "Ref": "SESKeys" },
- "secretKey": { "Fn::GetAtt": [ "SESKeys", "SecretAccessKey" ] },
- "buckets": [ { "Ref": "BucketName" } ]
- }
- }
- },
- "Properties": {
- "KeyName": { "Ref": "KeyName" },
- "ImageId": { "Fn::FindInMap": [ "AWSRegion2AMI", { "Ref": "AWS::Region" }, "AMI" ] },
- "InstanceType": { "Ref": "InstanceType" },
- "SecurityGroups": [ { "Ref": "PermitICMPSSH" } ],
- "UserData": { "Fn::Base64": { "Fn::Join": [ "", [
- "#!/bin/bash\n",
- "#########################################\n",
- "#########################################\n",
- "#########################################\n",
- "## CloudFormation Instances Bootstrap\n",
- "#########################################\n",
- "# Helper function\n",
- "function error_exit\n",
- "{\n",
- " /opt/aws/bin/cfn-signal -e 1 -r \"$1\" '", { "Ref": "WaitHandle" }, "'\n",
- " exit 1\n",
- "}\n",
- "yum -y update aws-cfn-bootstrap || error_exit \"ERROR: Could not update aws-cfn-bootstrap.\"\n",
- "/opt/aws/bin/cfn-init -v -s ", { "Ref": "AWS::StackName" }, " -r SESInstance",
- " --region ", { "Ref": "AWS::Region" }, " || error_exit 'Failed to run cfn-init'\n",
- "/opt/aws/bin/cfn-signal -e 0 -r 'Stack Complete.' '", { "Ref": "WaitHandle" }, "'\n"
- ]
- ] }
- },
- "Tags": [
- {
- "Key": "Name",
- "Value": "ses_example"
- }
- ]
- }
- },
- "WaitHandle": {
- "Type": "AWS::CloudFormation::WaitConditionHandle"
- },
- "WaitCondition": {
- "Type": "AWS::CloudFormation::WaitCondition",
- "DependsOn": "SESInstance",
- "Properties": {
- "Handle": {"Ref": "WaitHandle"},
- "Timeout": "300"
- }
- }
- },
- "Outputs": {
- "InstanceID": {
- "Value": { "Ref": "SESInstance" }
- }
- }
- }
Add Comment
Please, Sign In to add comment