API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 27th, 2020
178
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.46 KB | None | 0 0
raw download clone embed print report
  1. AWSTemplateFormatVersion: '2010-09-09'
  2. Description: Innovation Lab - ECS infra - ALB/ECS with autoscaling/EFS -
  3. Parameters:
  4. BoundaryPolicyArn:
  5. Type: String
  6. Description: Enter the boundary policy to be able to create role
  7. Default: 'arn:aws:iam::342854766398:policy/AdminBoundary'
  8. PrivateSubnetIDs:
  9. Type: List<AWS::EC2::Subnet::Id>
  10. Description: Select private subnets in your selected VPC.
  11. VpcId:
  12. Type: AWS::EC2::VPC::Id
  13. Description: The VPC in which the laod balancer will run
  14. DesiredCapacity:
  15. Type: Number
  16. Default: '3'
  17. Description: Number of instances to launch in your ECS cluster.
  18. MaxSize:
  19. Type: Number
  20. Default: '3'
  21. Description: Maximum number of instances that can be launched in your ECS cluster.e
  22. TargetGroupALB:
  23. Type: String
  24. Default: 'arn:aws:elasticloadbalancing:eu-west-3:342854766398:targetgroup/lb-routage-wordpress-data/e8e1c4be923c6b0e'
  25. Description: Target Group de Wordpress
  26. # LaunchTemplateId:
  27. # Type: String
  28. # Default: 'lt-0b61ccc34e0cfc521'
  29. # VersionName:
  30. # Type: String
  31. # Default: "2"
  32. ALBSecurityGroup:
  33. Type: String
  34. Default: 'sg-054d148f867b66a74'
  35. Description: Security Group du Load Balancer
  36. ImageID:
  37. Type: String
  38. Default: "ami-0c92bbec450169d8d"
  39. InstanceType:
  40. Description: EC2 instance type
  41. Type: String
  42. Default: t2.micro
  43. AllowedValues:
  44. - t2.micro
  45. - t2.small
  46. - t2.medium
  47. - t2.large
  48. - m3.medium
  49. - m3.large
  50. - m3.xlarge
  51. - m3.2xlarge
  52. - m4.large
  53. - m4.xlarge
  54. - m4.2xlarge
  55. - m4.4xlarge
  56. - m4.10xlarge
  57. - c4.large
  58. - c4.xlarge
  59. - c4.2xlarge
  60. - c4.4xlarge
  61. - c4.8xlarge
  62. - c3.large
  63. - c3.xlarge
  64. - c3.2xlarge
  65. - c3.4xlarge
  66. - c3.8xlarge
  67. - r3.large
  68. - r3.xlarge
  69. - r3.2xlarge
  70. - r3.4xlarge
  71. - r3.8xlarge
  72. - i2.xlarge
  73. - i2.2xlarge
  74. - i2.4xlarge
  75. - i2.8xlarge
  76. ConstraintDescription: Please choose a valid instance type.
  77.  
  78. Resources:
  79.  
  80. S3Policy:
  81. Type: AWS::IAM::Policy
  82. DependsOn:
  83. - InstanceRole
  84. Properties:
  85. PolicyName: S3Policy
  86. PolicyDocument:
  87. Version: 2012-10-17
  88. Statement:
  89. - Effect: Allow
  90. Action:
  91. - "s3:GetBucketLocation"
  92. - "s3:ListAllMyBuckets"
  93. Resource: "*"
  94. - Effect: Allow
  95. Action:
  96. - "s3:ListBucket"
  97. Resource:
  98. - "arn:aws:s3:::wordpress-data-medias"
  99. - Effect: Allow
  100. Action:
  101. - "s3:PutObject"
  102. - "s3:GetObject"
  103. - "s3:DeleteObject"
  104. Resource:
  105. - "arn:aws:s3:::wordpress-data-medias/*"
  106. Roles:
  107. - !Ref InstanceRole
  108. InstanceRole:
  109. Type: AWS::IAM::Role
  110. Properties:
  111. AssumeRolePolicyDocument:
  112. Statement:
  113. - Effect: Allow
  114. Principal:
  115. Service:
  116. - ec2.amazonaws.com
  117. Action:
  118. - sts:AssumeRole
  119. PermissionsBoundary: !Ref BoundaryPolicyArn
  120. Tags:
  121. - Key: Name
  122. Value: !Sub "${AWS::StackName}"
  123. WordpressDataTargetGroup2:
  124. Type: AWS::ElasticLoadBalancingV2::TargetGroup
  125. Properties:
  126. Name: WordpressDataTargetGroup2
  127. HealthCheckIntervalSeconds: 10
  128. HealthCheckPath: "/"
  129. HealthCheckProtocol: HTTP
  130. HealthCheckTimeoutSeconds: 5
  131. HealthyThresholdCount: 2
  132. Matcher:
  133. HttpCode: "200-399"
  134. Port: 80
  135. Protocol: HTTP
  136. UnhealthyThresholdCount: 2
  137. VpcId: !Ref VpcId
  138. WebInstanceProfile:
  139. Type: AWS::IAM::InstanceProfile
  140. Properties:
  141. Roles:
  142. - !Ref InstanceRole
  143. AutoscalingGroup:
  144. Type: AWS::AutoScaling::AutoScalingGroup
  145. Properties:
  146. VPCZoneIdentifier: !Ref PrivateSubnetIDs
  147. # LaunchTemplate:
  148. # LaunchTemplateId: !Ref LaunchTemplateId
  149. # Version: !Ref VersionName
  150. LaunchConfigurationName: !Ref LaunchConfig
  151. MinSize: 1
  152. TargetGroupARNs:
  153. - !Ref TargetGroupALB
  154. MaxSize: !Ref MaxSize
  155. DesiredCapacity: !Ref DesiredCapacity
  156. Tags:
  157. - Key: Name
  158. Value: !Sub "${AWS::StackName}"
  159. PropagateAtLaunch: "true"
  160. CreationPolicy:
  161. ResourceSignal:
  162. Timeout: PT15M
  163. UpdatePolicy:
  164. AutoScalingReplacingUpdate:
  165. WillReplace: 'true'
  166.  
  167. InstanceSecurityGroup:
  168. Type: AWS::EC2::SecurityGroup
  169. Properties:
  170. GroupDescription: SecurityGroup for our Instances
  171. VpcId: !Ref VpcId
  172. Tags:
  173. - Key: Name
  174. Value: !Sub "${AWS::StackName}-InstanceSG"
  175. EcsSecurityGroupIngressALB80:
  176. Type: AWS::EC2::SecurityGroupIngress
  177. Properties:
  178. GroupId: !Ref 'InstanceSecurityGroup'
  179. SourceSecurityGroupId: !Ref 'ALBSecurityGroup'
  180. IpProtocol: tcp
  181. FromPort: '80'
  182. ToPort: '80'
  183. EcsSecurityGroupIngressALB443:
  184. Type: AWS::EC2::SecurityGroupIngress
  185. Properties:
  186. GroupId: !Ref 'InstanceSecurityGroup'
  187. SourceSecurityGroupId: !Ref 'ALBSecurityGroup'
  188. IpProtocol: tcp
  189. FromPort: '443'
  190. ToPort: '443'
  191. # LaunchTemplate:
  192. # Type: AWS::EC2::LaunchTemplate
  193. # Properties:
  194. # LaunchTemplateData:
  195. # ImageId:
  196. # Fn::FindInMap:
  197. # - VersionMapping
  198. # - Ref: ImageVersion
  199. # - AMI
  200. # InstanceType: !Ref InstanceType
  201. # TagSpecifications:
  202. # - ResourceType: instance
  203. # Tags:
  204. # - Key: Name
  205. # Value: CFN EC2 Spot Instance
  206. # LaunchTemplateName: !Sub "${AWS::StackName}-template"
  207.  
  208. LaunchConfig:
  209. Type: AWS::AutoScaling::LaunchConfiguration
  210. Properties:
  211. ImageId: !Ref ImageID
  212. AssociatePublicIpAddress: true
  213. InstanceType: !Ref InstanceType
  214. IamInstanceProfile: !Ref WebInstanceProfile
  215. KeyName: "aws-prod-laboinnocation"
  216. UserData: !Base64
  217. 'Fn::Join':
  218. - ''
  219. - - |
  220. #!/bin/bash -x
  221. - |
  222. # Signal the status from cfn-init
  223. - '/opt/aws/bin/cfn-signal -e $? '
  224. - ' --stack '
  225. - !Ref 'AWS::StackName'
  226. - ' --resource AutoscalingGroup '
  227. - ' --region '
  228. - !Ref 'AWS::Region'
  229. - |+
  230.  
  231. SecurityGroups:
  232. - !Ref InstanceSecurityGroup
  233. CreationPolicy:
  234. ResourceSignal:
  235. Timeout: PT5M
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!