Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Cloudformation template for creating a simple OpenVPN server
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "OpenVPN server template",
"Mappings": {
"AWSRegion2AMI": {
"ap-northeast-1": {
"AMI": "ami-5ea72b5e"
},
"ap-southeast-1": {
"AMI": "ami-365c5764"
},
"ap-southeast-2": {
"AMI": "ami-831d51b9"
},
"eu-central-1": {
"AMI": "ami-507f7e4d"
},
"eu-west-1": {
"AMI": "ami-03644074"
},
"sa-east-1": {
"AMI": "ami-4fd55f52"
},
"us-east-1": {
"AMI": "ami-5fe36434"
},
"us-west-1": {
"AMI": "ami-8bf40fcf"
},
"us-west-2": {
"AMI": "ami-9fe2f2af"
}
}
},
"Parameters": {
"InstanceType": {
"AllowedValues": [
"t2.micro",
"t2.medium",
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge"
],
"ConstraintDescription": "must be a valid EC2 instance type.",
"Default": "t2.micro",
"Description": "Instance type for EC2 instance.",
"Type": "String"
},
"KeyName": {
"ConstraintDescription": "must be the name of an existing EC2 KeyPair.",
"Default": "openvpn",
"Description": "Name of an existing EC2 KeyPair to enable SSH access to the instances",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"Project": {
"AllowedPattern": "[\\x20-\\x7E]*",
"ConstraintDescription": "can contain only ASCII characters.",
"Default": "OpenVPN-server",
"Description": "OpenVPN-server",
"MaxLength": "255",
"MinLength": "1",
"Type": "String"
}
},
"Resources": {
"OpenVPNInstance": {
"Properties": {
"ImageId": {
"Fn::FindInMap": [
"AWSRegion2AMI",
{
"Ref": "AWS::Region"
},
"AMI"
]
},
"InstanceType": {
"Ref": "InstanceType"
},
"KeyName": {
"Ref": "KeyName"
},
"SecurityGroups": [
{
"Ref": "VPNSecurityGroup"
}
],
"Tags": [
{
"Key": "Name",
"Value": {
"Fn::Join": [
"-",
[
"EC2-VPN",
{
"Ref": "Project"
}
]
]
}
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"public_hostname=openvpn\n",
"admin_user=openvpn\n",
"admin_pw=openvpn\n",
"reroute_gw=1\n",
"reroute_dns=1\n"
]
]
}
}
},
"Type": "AWS::EC2::Instance"
},
"VPNSecurityGroup": {
"Properties": {
"GroupDescription": "Enable SSH access to the instance and VPN access via configured port. ",
"SecurityGroupIngress": [
{
"CidrIp": "0.0.0.0/0",
"FromPort": "443",
"IpProtocol": "tcp",
"ToPort": "443"
},
{
"CidrIp": "0.0.0.0/0",
"FromPort": "1194",
"IpProtocol": "udp",
"ToPort": "1194"
}
],
"Tags": [
{
"Key": "Name",
"Value": {
"Fn::Join": [
"-",
[
"SG-VPN",
{
"Ref": "Project"
}
]
]
}
}
]
},
"Type": "AWS::EC2::SecurityGroup"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.