-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathec2.yaml
139 lines (131 loc) · 3.33 KB
/
ec2.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
AWSTemplateFormatVersion: "2010-09-09"
Description: EC2 for webserver
Parameters:
KeyName:
Description: Name of KeyPair
Type: AWS::EC2::KeyPair::KeyName
AMI:
Description: AMI of EC2
Type: AWS::EC2::Image::Id
Default: ami-0094965d55b3bb1ff
AZpublic:
Description: AvailabilityZone for public
Type: AWS::EC2::AvailabilityZone::Name
AZprivate:
Description: AvailabilityZone for private
Type: AWS::EC2::AvailabilityZone::Name
VPCCidr:
Description: Cidr Block for VPC
Type: String
Default: 10.0.0.0/16
PublicSubnetCidr:
Description: Cidr Block for Public Subnet
Type: String
Default: 10.0.0.0/24
PrivateSubnetCidr:
Description: Cidr Block for Private Subnet
Type: String
Default: 10.0.10.0/24
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCCidr
EnableDnsHostnames: true
Tags:
- Key: Name
Value: myVPC
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PublicSubnetCidr
AvailabilityZone: !Ref AZpublic
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: public subnet
PrivateSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PrivateSubnetCidr
AvailabilityZone: !Ref AZprivate
Tags:
- Key: Name
Value: private subnet
IGW:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: myigw
Attachigw:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref IGW
VpcId: !Ref VPC
PublicRT:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Public RT
PublicRoute:
Type: AWS::EC2::Route
DependsOn: Attachigw
Properties:
RouteTableId: !Ref PublicRT
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref IGW
PublicSubnetRTAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRT
SubnetId: !Ref PublicSubnet
SGforWeb:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: allow 22, 80
GroupName: webaccess
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
VpcId: !Ref VPC
SGforDB:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: allow webserver
GroupName: dbaccess
SecurityGroupIngress:
- IpProtocol: -1
SourceSecurityGroupId : !GetAtt SGforWeb.GroupId
VpcId: !Ref VPC
EC2forWeb:
Type: AWS::EC2::Instance
Properties:
ImageId: !Ref AMI
KeyName: !Ref KeyName
AvailabilityZone: !GetAtt PublicSubnet.AvailabilityZone
InstanceType: t3.micro
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref SGforWeb
UserData:
Fn::Base64:
!Join [ "", [
"#!/bin/bash\n",
"#Install APM for Web Server\n",
"yum install -y mariadb* php httpd php-mysql\n",
"systemctl enable httpd mariadb\n",
"systemctl start httpd mariadb\n"] ]
Tags:
- Key: Name
Value: Web Server