AWS CF - ASG ELB DNS
Updated at 2016-06-04 13:54
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "",
"Parameters": {
"KeyName": {
"Description": "EC2 key pair name.",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"Domain" : {
"Type": "String",
"Description": "Route53 hosted zone e.g. example.com.",
"Default": "example.com"
},
"Subdomain" : {
"Type": "String",
"Description": "e.g. balancer becomes balancer.example.com etc.",
"Default": "balancer"
}
},
"Conditions": {},
"Mappings": {
"RegionMap": {
"us-west-1": {"AmazonLinuxAMI": "ami-6e84fa0e"},
"us-west-2": {"AmazonLinuxAMI": "ami-d0f506b0"},
"eu-west-1": {"AmazonLinuxAMI": "ami-b0ac25c3"}
}
},
"Resources": {
"VPC": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "10.0.0.0/16",
"EnableDnsHostnames": "true"
}
},
"IG": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {}
},
"AttachIGtoVPC": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {"Ref": "VPC"},
"InternetGatewayId": {"Ref": "IG"}
}
},
"PublicSubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"AvailabilityZone": {"Fn::Select": ["0", {"Fn::GetAZs": ""}]},
"CidrBlock": "10.0.0.0/24",
"VpcId": {"Ref": "VPC"},
"MapPublicIpOnLaunch": true
}
},
"RT" : {
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"VpcId" : {"Ref" : "VPC"}
}
},
"PublicRoute" : {
"Type" : "AWS::EC2::Route",
"DependsOn" : "AttachIGtoVPC",
"Properties" : {
"RouteTableId" : {"Ref" : "RT"},
"DestinationCidrBlock" : "0.0.0.0/0",
"GatewayId" : {"Ref" : "IG"}
}
},
"AssociateRTtoSubnet" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : {"Ref" : "PublicSubnet"},
"RouteTableId" : {"Ref" : "RT"}
}
},
"InstanceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"Service": ["ec2.amazonaws.com"]},
"Action": ["sts:AssumeRole"]
}]
},
"Path": "/"
}
},
"PolicyExample": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "ExamplePolicyName",
"PolicyDocument": {
"Version" : "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": ["arn:aws:s3:::*/*"]
}]
},
"Roles": [{"Ref": "InstanceRole"}]
}
},
"InstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [{"Ref": "InstanceRole"}]
}
},
"InstanceSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Security group for instances",
"VpcId": {"Ref": "VPC"},
"SecurityGroupIngress": [
{
"CidrIp": "0.0.0.0/0",
"FromPort": 22,
"IpProtocol": "tcp",
"ToPort": 22
},
{
"CidrIp": "0.0.0.0/0",
"FromPort": 80,
"IpProtocol": "tcp",
"ToPort": 80
}
]
}
},
"LC": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Metadata": { "AWS::CloudFormation::Init": {} },
"Properties": {
"ImageId": {"Fn::FindInMap": ["RegionMap", {"Ref": "AWS::Region"}, "AmazonLinuxAMI"]},
"InstanceType": "t2.micro",
"BlockDeviceMappings": [{
"DeviceName" : "/dev/xvda",
"Ebs" : {"VolumeSize" : "10"}
}],
"IamInstanceProfile": {"Ref": "InstanceProfile"},
"SecurityGroups": [{"Ref": "InstanceSG"}],
"KeyName": {"Ref": "KeyName"},
"AssociatePublicIpAddress": true,
"UserData": {"Fn::Base64": {"Fn::Join": ["", [
"#!/bin/bash -ex\n",
"yum update -y\n",
"yum install -y httpd\n",
"service httpd start\n",
"chkconfig httpd on\n",
"groupadd www\n",
"usermod -a -G www ec2-user\n",
"chown -R root:www /var/www\n",
"chmod 2775 /var/www\n",
"find /var/www -type d -exec chmod 2775 {} +\n",
"find /var/www -type f -exec chmod 0664 {} +\n",
"echo 'Hello World' > /var/www/html/index.html\n"
]]}}
}
},
"BalancerSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Security group for ELB",
"VpcId": {"Ref": "VPC"},
"SecurityGroupIngress": [
{
"CidrIp": "0.0.0.0/0",
"FromPort": 80,
"IpProtocol": "tcp",
"ToPort": 80
}
]
}
},
"BalancerRS" : {
"Type" : "AWS::Route53::RecordSet",
"Properties" : {
"HostedZoneName" : {"Fn::Join": ["", [{"Ref" : "Domain"}, "."]]},
"Name" : {"Fn::Join": ["", [{"Ref" : "Subdomain"}, ".", {"Ref" : "Domain"}]]},
"Type" : "CNAME",
"TTL" : "300",
"ResourceRecords" : [{"Fn::GetAtt" : ["Balancer", "CanonicalHostedZoneName"]}]
}
},
"Balancer" : {
"Type" : "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties" : {
"Subnets" : [{"Ref": "PublicSubnet"}],
"SecurityGroups": [{"Ref": "BalancerSG"}],
"Scheme" : "internet-facing",
"CrossZone" : "true",
"Listeners" : [{
"LoadBalancerPort" : "80",
"InstancePort" : "80",
"Protocol" : "HTTP"
}],
"HealthCheck" : {
"Target" : "HTTP:80/",
"HealthyThreshold" : "3",
"UnhealthyThreshold" : "5",
"Interval" : "30",
"Timeout" : "5"
}
},
"DependsOn": ["AttachIGtoVPC", "PublicSubnet"]
},
"ASG": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"LaunchConfigurationName": {"Ref": "LC"},
"VPCZoneIdentifier": [{"Ref": "PublicSubnet"}],
"LoadBalancerNames": [{"Ref" : "Balancer"}],
"MinSize": "1",
"MaxSize": "1",
"DesiredCapacity": "1"
},
"DependsOn": ["PublicSubnet", "LC", "Balancer"]
}
},
"Outputs": {}
}