Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- AWSTemplateFormatVersion: '2010-09-09'
- Description: Innovation Lab - ECS infra - ALB/ECS with autoscaling/EFS -
- Parameters:
- BoundaryPolicyArn:
- Type: String
- Description: Enter the boundary policy to be able to create role
- Default: 'arn:aws:iam::342854766398:policy/AdminBoundary'
- PrivateSubnetIDs:
- Type: List<AWS::EC2::Subnet::Id>
- Description: Select private subnets in your selected VPC.
- VpcId:
- Type: AWS::EC2::VPC::Id
- Description: The VPC in which the laod balancer will run
- DesiredCapacity:
- Type: Number
- Default: '3'
- Description: Number of instances to launch in your ECS cluster.
- MaxSize:
- Type: Number
- Default: '3'
- Description: Maximum number of instances that can be launched in your ECS cluster.e
- TargetGroupALB:
- Type: String
- Default: 'arn:aws:elasticloadbalancing:eu-west-3:342854766398:targetgroup/lb-routage-wordpress-data/e8e1c4be923c6b0e'
- Description: Target Group de Wordpress
- # LaunchTemplateId:
- # Type: String
- # Default: 'lt-0b61ccc34e0cfc521'
- # VersionName:
- # Type: String
- # Default: "2"
- ALBSecurityGroup:
- Type: String
- Default: 'sg-054d148f867b66a74'
- Description: Security Group du Load Balancer
- ImageID:
- Type: String
- Default: "ami-0c92bbec450169d8d"
- InstanceType:
- Description: EC2 instance type
- Type: String
- Default: t2.micro
- AllowedValues:
- - t2.micro
- - t2.small
- - t2.medium
- - t2.large
- - m3.medium
- - m3.large
- - m3.xlarge
- - m3.2xlarge
- - m4.large
- - m4.xlarge
- - m4.2xlarge
- - m4.4xlarge
- - m4.10xlarge
- - c4.large
- - c4.xlarge
- - c4.2xlarge
- - c4.4xlarge
- - c4.8xlarge
- - c3.large
- - c3.xlarge
- - c3.2xlarge
- - c3.4xlarge
- - c3.8xlarge
- - r3.large
- - r3.xlarge
- - r3.2xlarge
- - r3.4xlarge
- - r3.8xlarge
- - i2.xlarge
- - i2.2xlarge
- - i2.4xlarge
- - i2.8xlarge
- ConstraintDescription: Please choose a valid instance type.
- Resources:
- S3Policy:
- Type: AWS::IAM::Policy
- DependsOn:
- - InstanceRole
- Properties:
- PolicyName: S3Policy
- PolicyDocument:
- Version: 2012-10-17
- Statement:
- - Effect: Allow
- Action:
- - "s3:GetBucketLocation"
- - "s3:ListAllMyBuckets"
- Resource: "*"
- - Effect: Allow
- Action:
- - "s3:ListBucket"
- Resource:
- - "arn:aws:s3:::wordpress-data-medias"
- - Effect: Allow
- Action:
- - "s3:PutObject"
- - "s3:GetObject"
- - "s3:DeleteObject"
- Resource:
- - "arn:aws:s3:::wordpress-data-medias/*"
- Roles:
- - !Ref InstanceRole
- InstanceRole:
- Type: AWS::IAM::Role
- Properties:
- AssumeRolePolicyDocument:
- Statement:
- - Effect: Allow
- Principal:
- Service:
- - ec2.amazonaws.com
- Action:
- - sts:AssumeRole
- PermissionsBoundary: !Ref BoundaryPolicyArn
- Tags:
- - Key: Name
- Value: !Sub "${AWS::StackName}"
- WordpressDataTargetGroup2:
- Type: AWS::ElasticLoadBalancingV2::TargetGroup
- Properties:
- Name: WordpressDataTargetGroup2
- HealthCheckIntervalSeconds: 10
- HealthCheckPath: "/"
- HealthCheckProtocol: HTTP
- HealthCheckTimeoutSeconds: 5
- HealthyThresholdCount: 2
- Matcher:
- HttpCode: "200-399"
- Port: 80
- Protocol: HTTP
- UnhealthyThresholdCount: 2
- VpcId: !Ref VpcId
- WebInstanceProfile:
- Type: AWS::IAM::InstanceProfile
- Properties:
- Roles:
- - !Ref InstanceRole
- AutoscalingGroup:
- Type: AWS::AutoScaling::AutoScalingGroup
- Properties:
- VPCZoneIdentifier: !Ref PrivateSubnetIDs
- # LaunchTemplate:
- # LaunchTemplateId: !Ref LaunchTemplateId
- # Version: !Ref VersionName
- LaunchConfigurationName: !Ref LaunchConfig
- MinSize: 1
- TargetGroupARNs:
- - !Ref TargetGroupALB
- MaxSize: !Ref MaxSize
- DesiredCapacity: !Ref DesiredCapacity
- Tags:
- - Key: Name
- Value: !Sub "${AWS::StackName}"
- PropagateAtLaunch: "true"
- CreationPolicy:
- ResourceSignal:
- Timeout: PT15M
- UpdatePolicy:
- AutoScalingReplacingUpdate:
- WillReplace: 'true'
- InstanceSecurityGroup:
- Type: AWS::EC2::SecurityGroup
- Properties:
- GroupDescription: SecurityGroup for our Instances
- VpcId: !Ref VpcId
- Tags:
- - Key: Name
- Value: !Sub "${AWS::StackName}-InstanceSG"
- EcsSecurityGroupIngressALB80:
- Type: AWS::EC2::SecurityGroupIngress
- Properties:
- GroupId: !Ref 'InstanceSecurityGroup'
- SourceSecurityGroupId: !Ref 'ALBSecurityGroup'
- IpProtocol: tcp
- FromPort: '80'
- ToPort: '80'
- EcsSecurityGroupIngressALB443:
- Type: AWS::EC2::SecurityGroupIngress
- Properties:
- GroupId: !Ref 'InstanceSecurityGroup'
- SourceSecurityGroupId: !Ref 'ALBSecurityGroup'
- IpProtocol: tcp
- FromPort: '443'
- ToPort: '443'
- # LaunchTemplate:
- # Type: AWS::EC2::LaunchTemplate
- # Properties:
- # LaunchTemplateData:
- # ImageId:
- # Fn::FindInMap:
- # - VersionMapping
- # - Ref: ImageVersion
- # - AMI
- # InstanceType: !Ref InstanceType
- # TagSpecifications:
- # - ResourceType: instance
- # Tags:
- # - Key: Name
- # Value: CFN EC2 Spot Instance
- # LaunchTemplateName: !Sub "${AWS::StackName}-template"
- LaunchConfig:
- Type: AWS::AutoScaling::LaunchConfiguration
- Properties:
- ImageId: !Ref ImageID
- AssociatePublicIpAddress: true
- InstanceType: !Ref InstanceType
- IamInstanceProfile: !Ref WebInstanceProfile
- KeyName: "aws-prod-laboinnocation"
- UserData: !Base64
- 'Fn::Join':
- - ''
- - - |
- #!/bin/bash -x
- - |
- # Signal the status from cfn-init
- - '/opt/aws/bin/cfn-signal -e $? '
- - ' --stack '
- - !Ref 'AWS::StackName'
- - ' --resource AutoscalingGroup '
- - ' --region '
- - !Ref 'AWS::Region'
- - |+
- SecurityGroups:
- - !Ref InstanceSecurityGroup
- CreationPolicy:
- ResourceSignal:
- Timeout: PT5M
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement