-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathudagram-server.yml
153 lines (148 loc) · 4.33 KB
/
udagram-server.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
AWSTemplateFormatVersion: 2010-09-09
Description: This is a stack that deploys resources for Instagram like application, Udagram.
Parameters:
EnvironmentName:
Description: This reference an Environment that will be prefixe to resources/Infrastructure name
Type: String
KeyPairName:
Description: This is a key pair name for our servers (.pem)
Type: String
Resources:
UdagramS3ReadOnlyAccessRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- "sts:AssumeRole"
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
UdagramInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Path: /
Roles:
- !Ref UdagramS3ReadOnlyAccessRole
LoadBalancerSecGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group rule to Udagram Load balancer
VpcId:
Fn::ImportValue: !Sub ${EnvironmentName}-VPCID
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
WebAppSecGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group rule to Udagram WebApp
VpcId:
Fn::ImportValue: !Sub ${EnvironmentName}-VPCID
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 0
ToPort: 65535
CidrIp: 0.0.0.0/0
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
WebAppLaunchConfiguration:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId: ami-0b152cfd354c4c7a4
InstanceType: t3.medium
KeyName: !Ref KeyPairName
SecurityGroups:
- !Ref WebAppSecGroup
BlockDeviceMappings:
- DeviceName: "/dev/sdk"
Ebs:
VolumeSize: "10"
UserData:
Fn::Base64: !Sub |
#!/bin/bash
apt-get update -y
apt-get install apache2 -y
systemctl start apache2.service
cd /var/www/html
echo "<h1>It works! Udagram, Udacity.</h1>" > index.html
WebAppAutoScalingGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
LaunchConfigurationName: !Ref WebAppLaunchConfiguration
VPCZoneIdentifier:
- Fn::ImportValue: !Sub ${EnvironmentName}-PRIV-NETS
MinSize: 4
MaxSize: 4
HealthCheckType: ELB
HealthCheckGracePeriod: 60
TargetGroupARNs:
- Ref: WebAppTargetGroup
WebAppTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
HealthCheckIntervalSeconds: 35
HealthCheckPath: /
HealthCheckProtocol: HTTP
HealthCheckTimeoutSeconds: 24
HealthyThresholdCount: 2
Port: 80
Protocol: HTTP
UnhealthyThresholdCount: 5
VpcId:
Fn::ImportValue: !Sub ${EnvironmentName}-VPCID
WebAppLoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Subnets:
- Fn::ImportValue: !Sub ${EnvironmentName}-PUBLIC1-SN
- Fn::ImportValue: !Sub ${EnvironmentName}-PUBLIC2-SN
SecurityGroups:
- Ref: LoadBalancerSecGroup
LBListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: forward
TargetGroupArn:
Ref: WebAppTargetGroup
LoadBalancerArn:
Ref: WebAppLoadBalancer
Port: "80"
Protocol: HTTP
AppLBListenerRule:
Type: AWS::ElasticLoadBalancingV2::ListenerRule
Properties:
Actions:
- Type: forward
TargetGroupArn: !Ref WebAppTargetGroup
Conditions:
- Field: path-pattern
Values: [/]
ListenerArn: !Ref LBListener
Priority: 1
Outputs:
LBDnsName:
Description: A reference to the DNS name of the load balancer.
Value: !GetAtt WebAppLoadBalancer.DNSName
Export:
Name: !Sub ${EnvironmentName}-WebAppDnsName