Cloudformation template for creating a simple OpenVPN server
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Description": "OpenVPN server template", | |
| "Mappings": { | |
| "AWSRegion2AMI": { | |
| "ap-northeast-1": { | |
| "AMI": "ami-5ea72b5e" | |
| }, | |
| "ap-southeast-1": { | |
| "AMI": "ami-365c5764" | |
| }, | |
| "ap-southeast-2": { | |
| "AMI": "ami-831d51b9" | |
| }, | |
| "eu-central-1": { | |
| "AMI": "ami-507f7e4d" | |
| }, | |
| "eu-west-1": { | |
| "AMI": "ami-03644074" | |
| }, | |
| "sa-east-1": { | |
| "AMI": "ami-4fd55f52" | |
| }, | |
| "us-east-1": { | |
| "AMI": "ami-5fe36434" | |
| }, | |
| "us-west-1": { | |
| "AMI": "ami-8bf40fcf" | |
| }, | |
| "us-west-2": { | |
| "AMI": "ami-9fe2f2af" | |
| } | |
| } | |
| }, | |
| "Parameters": { | |
| "InstanceType": { | |
| "AllowedValues": [ | |
| "t2.micro", | |
| "t2.medium", | |
| "m3.medium", | |
| "m3.large", | |
| "m3.xlarge", | |
| "m3.2xlarge" | |
| ], | |
| "ConstraintDescription": "must be a valid EC2 instance type.", | |
| "Default": "t2.micro", | |
| "Description": "Instance type for EC2 instance.", | |
| "Type": "String" | |
| }, | |
| "KeyName": { | |
| "ConstraintDescription": "must be the name of an existing EC2 KeyPair.", | |
| "Default": "openvpn", | |
| "Description": "Name of an existing EC2 KeyPair to enable SSH access to the instances", | |
| "Type": "AWS::EC2::KeyPair::KeyName" | |
| }, | |
| "Project": { | |
| "AllowedPattern": "[\\x20-\\x7E]*", | |
| "ConstraintDescription": "can contain only ASCII characters.", | |
| "Default": "OpenVPN-server", | |
| "Description": "OpenVPN-server", | |
| "MaxLength": "255", | |
| "MinLength": "1", | |
| "Type": "String" | |
| } | |
| }, | |
| "Resources": { | |
| "OpenVPNInstance": { | |
| "Properties": { | |
| "ImageId": { | |
| "Fn::FindInMap": [ | |
| "AWSRegion2AMI", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "AMI" | |
| ] | |
| }, | |
| "InstanceType": { | |
| "Ref": "InstanceType" | |
| }, | |
| "KeyName": { | |
| "Ref": "KeyName" | |
| }, | |
| "SecurityGroups": [ | |
| { | |
| "Ref": "VPNSecurityGroup" | |
| } | |
| ], | |
| "Tags": [ | |
| { | |
| "Key": "Name", | |
| "Value": { | |
| "Fn::Join": [ | |
| "-", | |
| [ | |
| "EC2-VPN", | |
| { | |
| "Ref": "Project" | |
| } | |
| ] | |
| ] | |
| } | |
| } | |
| ], | |
| "UserData": { | |
| "Fn::Base64": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "public_hostname=openvpn\n", | |
| "admin_user=openvpn\n", | |
| "admin_pw=openvpn\n", | |
| "reroute_gw=1\n", | |
| "reroute_dns=1\n" | |
| ] | |
| ] | |
| } | |
| } | |
| }, | |
| "Type": "AWS::EC2::Instance" | |
| }, | |
| "VPNSecurityGroup": { | |
| "Properties": { | |
| "GroupDescription": "Enable SSH access to the instance and VPN access via configured port. ", | |
| "SecurityGroupIngress": [ | |
| { | |
| "CidrIp": "0.0.0.0/0", | |
| "FromPort": "443", | |
| "IpProtocol": "tcp", | |
| "ToPort": "443" | |
| }, | |
| { | |
| "CidrIp": "0.0.0.0/0", | |
| "FromPort": "1194", | |
| "IpProtocol": "udp", | |
| "ToPort": "1194" | |
| } | |
| ], | |
| "Tags": [ | |
| { | |
| "Key": "Name", | |
| "Value": { | |
| "Fn::Join": [ | |
| "-", | |
| [ | |
| "SG-VPN", | |
| { | |
| "Ref": "Project" | |
| } | |
| ] | |
| ] | |
| } | |
| } | |
| ] | |
| }, | |
| "Type": "AWS::EC2::SecurityGroup" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment