Created
November 16, 2016 20:33
-
-
Save aleGpereira/d1d9c1ee3efd9c03e0815aae0d912248 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Resources" : { | |
"CFVPC": { | |
"Type": "AWS::EC2::VPC", | |
"Properties": { | |
"CidrBlock": "10.0.0.0/16", | |
"EnableDnsSupport": "true", | |
"EnableDnsHostnames": "true", | |
"InstanceTenancy": "default" | |
} | |
}, | |
"MyInternetGateway" : { | |
"Type" : "AWS::EC2::InternetGateway", | |
"Properties" : { | |
} | |
}, | |
"GatewayToInternet": { | |
"DependsOn": [ | |
"CFVPC", | |
"MyInternetGateway" | |
], | |
"Type": "AWS::EC2::VPCGatewayAttachment", | |
"Properties": { | |
"VpcId": { | |
"Ref": "CFVPC" | |
}, | |
"InternetGatewayId": { | |
"Ref": "MyInternetGateway" | |
} | |
} | |
}, | |
"PublicSubnet": { | |
"DependsOn": ["CFVPC"], | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"VpcId": { | |
"Ref": "CFVPC" | |
}, | |
"CidrBlock": "10.0.0.0/24", | |
"MapPublicIpOnLaunch": "true" | |
} | |
}, | |
"PrivateSubnet": { | |
"DependsOn": ["CFVPC"], | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"VpcId": { | |
"Ref": "CFVPC" | |
}, | |
"CidrBlock": "10.0.1.0/24" | |
} | |
}, | |
"EIP": { | |
"Type" : "AWS::EC2::EIP", | |
"Properties" : { | |
"Domain" : "vpc" | |
} | |
}, | |
"MyNAT": { | |
"Type": "AWS::EC2::NatGateway", | |
"Properties":{ | |
"AllocationId" : { "Fn::GetAtt" : ["EIP", "AllocationId"]}, | |
"SubnetId" : { "Ref" : "PrivateSubnet"} | |
} | |
}, | |
"PrivateRouteTable": { | |
"DependsOn": ["CFVPC"], | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"VpcId": { | |
"Ref": "CFVPC" | |
} | |
} | |
}, | |
"PublicRouteTable": { | |
"DependsOn": ["CFVPC"], | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"VpcId": { | |
"Ref": "CFVPC" | |
} | |
} | |
}, | |
"PublicRouteToWorld": { | |
"Type" : "AWS::EC2::Route", | |
"DependsOn": ["MyInternetGateway"], | |
"Properties" : { | |
"DestinationCidrBlock" : "0.0.0.0/0", | |
"GatewayId" : { "Ref" : "MyInternetGateway" }, | |
"RouteTableId" : { "Ref" : "PublicRouteTable" } | |
} | |
}, | |
"PrivateRouteToWorld": { | |
"Type" : "AWS::EC2::Route", | |
"DependsOn": ["MyNAT"], | |
"Properties" : { | |
"DestinationCidrBlock" : "0.0.0.0/0", | |
"NatGatewayId" : { "Ref" : "MyNAT" }, | |
"RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
} | |
}, | |
"PublicRouteTableAssociation": { | |
"Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
"DependsOn": [ | |
"PublicRouteTable", | |
"PublicSubnet" | |
], | |
"Properties" : { | |
"RouteTableId" : { "Ref" : "PublicRouteTable" }, | |
"SubnetId" : { "Ref" : "PublicSubnet" } | |
} | |
}, | |
"PrivateRouteTableAssociation": { | |
"Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
"DependsOn": [ | |
"PrivateRouteTable", | |
"PrivateSubnet" | |
], | |
"Properties" : { | |
"RouteTableId" : { "Ref" : "PrivateRouteTable" }, | |
"SubnetId" : { "Ref" : "PrivateSubnet" } | |
} | |
}, | |
"PublicACL": { | |
"DependsOn": ["CFVPC"], | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"VpcId" : { "Ref" : "CFVPC" } | |
} | |
}, | |
"PublicACLInboundAllowAll": { | |
"Type" : "AWS::EC2::NetworkAclEntry", | |
"DependsOn": ["PublicACL"], | |
"Properties" : { | |
"CidrBlock" : "0.0.0.0/0", | |
"Egress" : "true", | |
"NetworkAclId" : { "Ref" : "PublicACL" }, | |
"Protocol" : -1, | |
"RuleAction" : "allow", | |
"RuleNumber" : "1" | |
} | |
}, | |
"PrivateACL": { | |
"DependsOn": ["CFVPC"], | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"VpcId" : { "Ref" : "CFVPC" } | |
} | |
}, | |
"PrivateACLInboundAllowAll": { | |
"Type" : "AWS::EC2::NetworkAclEntry", | |
"DependsOn": ["PrivateACL"], | |
"Properties" : { | |
"CidrBlock" : "0.0.0.0/0", | |
"Egress" : "true", | |
"NetworkAclId" : { "Ref" : "PrivateACL" }, | |
"Protocol" : -1, | |
"RuleAction" : "allow", | |
"RuleNumber" : "1" | |
} | |
}, | |
"UbuntuInstance":{ | |
"Type" : "AWS::EC2::Instance", | |
"DependsOn" : [ | |
"UbuntuSecurityGroup", | |
"PublicSubnet" | |
], | |
"Properties" : { | |
"KeyName": "waina", | |
"ImageId" : "ami-0143e161", | |
"InstanceType": "t2.micro", | |
"SourceDestCheck": "false", | |
"InstanceInitiatedShutdownBehavior" : "stop", | |
"UserData": { | |
"Fn::Base64": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#!/bin/bash \n", | |
"apt-get update \n", | |
"apt-get install apt-transport-https ca-certificates \n", | |
"apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D \n", | |
"echo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main' | sudo tee /etc/apt/sources.list.d/docker.list \n", | |
"apt-get update \n", | |
"apt-cache policy docker-engine \n", | |
"apt-get update \n", | |
"apt-get install -y linux-image-extra-$(uname -r) linux-image-extra-virtual \n", | |
"apt-get update \n", | |
"apt-get install -y docker-engine \n", | |
"service docker start \n", | |
"docker login -u alegpereira -p metallica \n", | |
"docker pull alegpereira/dinocourse \n", | |
"docker run -v /opt/data:/data --restart 'always' -p 8080:8080 --name 'my-java-server' alegpereira/dinocourse \n" | |
] | |
] | |
} | |
}, | |
"NetworkInterfaces" : [ | |
{ | |
"DeviceIndex" : "0", | |
"AssociatePublicIpAddress": "true", | |
"DeleteOnTermination": "true", | |
"GroupSet" : [ | |
{ | |
"Ref": "UbuntuSecurityGroup" | |
} | |
], | |
"SubnetId" : { "Ref" : "PublicSubnet" } | |
} | |
] | |
} | |
}, | |
"UbuntuSecurityGroup": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"DependsOn": [ | |
"CFVPC" | |
], | |
"Properties": { | |
"GroupDescription" : "Allow only SSH and HTTP", | |
"VpcId": { | |
"Ref": "CFVPC" | |
}, | |
"SecurityGroupEgress" : [ | |
{ | |
"CidrIp" : "0.0.0.0/0", | |
"FromPort" : 0, | |
"IpProtocol" : "tcp", | |
"ToPort" : 65535 | |
} | |
], | |
"SecurityGroupIngress" : [ | |
{ | |
"CidrIp" : "0.0.0.0/0", | |
"FromPort" : 22, | |
"IpProtocol" : "tcp", | |
"ToPort" : 22 | |
}, | |
{ | |
"CidrIp" : "0.0.0.0/0", | |
"FromPort" : 8080, | |
"IpProtocol" : "tcp", | |
"ToPort" : 8080 | |
} | |
] | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment