Skip to content

Instantly share code, notes, and snippets.

@robsquires

robsquires/testing_webserver.json Secret

Created August 2, 2013 13:51
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save robsquires/629fb6da2d10869363e5 to your computer and use it in GitHub Desktop.
Save robsquires/629fb6da2d10869363e5 to your computer and use it in GitHub Desktop.
Download ZIP
testing_webserver.json
Raw
testing_webserver.json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "UVd Testing WebServer Stack",
"Parameters": {
"KeyName": {
"Type": "String",
"Description": "Name of an existing EC2 Key Pair to enable SSH access to the webserver",
"Default": "XXXX"
},
"InstanceType": {
"Description": "Application Server EC2 instance type",
"Type": "String",
"Default": "t1.micro",
"AllowedValues": [
"t1.micro",
"m1.small",
"m1.medium",
"m1.large",
"m1.xlarge",
"m2.xlarge",
"m2.2xlarge",
"m2.4xlarge",
"c1.medium",
"c1.xlarge",
"cc1.4xlarge",
"cc2.8xlarge",
"cg1.4xlarge"
],
"ConstraintDescription": "must be a valid EC2 instance type."
},
"SNSTopic": {
"Description": "Email address for notifications.",
"Type": "String",
"Default": "XXXX"
},
"SecurityGroup": {
"Description": "The security group for the webserver.",
"Type": "String",
"Default": "testing"
},
"UVdBucket": {
"Description": "S3 bucket for the Testing WebServer",
"Type": "String",
"Default": "XXXX"
}
},
"Mappings": {
"AWSInstanceType2Arch": {
"t1.micro": {
"Arch": "64"
},
"m1.small": {
"Arch": "64"
},
"m1.medium": {
"Arch": "64"
},
"m1.large": {
"Arch": "64"
},
"m1.xlarge": {
"Arch": "64"
},
"m2.xlarge": {
"Arch": "64"
},
"m2.2xlarge": {
"Arch": "64"
},
"m2.4xlarge": {
"Arch": "64"
},
"c1.medium": {
"Arch": "64"
},
"c1.xlarge": {
"Arch": "64"
}
},
"AWSRegionArch2AMI": {
"us-east-1": {
"64": "ami-XXX"
},
"us-west-1": {
"64": "ami-XXX"
},
"us-west-2": {
"64": "ami-XXX"
},
"eu-west-1": {
"64": "ami-XXX"
},
"sa-east-1": {
"64": "ami-XXX"
},
"ap-southeast-1": {
"64": "ami-XXX"
},
"ap-northeast-1": {
"64": "ami-XXX"
}
}
},
"Resources": {
"TestingServerUser": {
"Type": "AWS::IAM::User",
"Properties": {
"Path": "/",
"Policies": [
{
"PolicyName": "root",
"PolicyDocument": {
"Statement": [
{
"Effect": "Allow",
"Action": [
"cloudformation:*",
"s3:*",
"iam:*",
"ec2:*",
"sns:*"
],
"Resource": "*"
}
]
}
}
]
}
},
"HostKeys": {
"Type": "AWS::IAM::AccessKey",
"DependsOn": "TestingServerUser",
"Properties": {
"UserName": {
"Ref": "TestingServerUser"
}
}
},
"BucketPolicy": {
"Type": "AWS::S3::BucketPolicy",
"DependsOn": "HostKeys",
"Properties": {
"PolicyDocument": {
"Version": "2008-10-17",
"Id": "ReadPolicy",
"Statement": [
{
"Sid": "ReadAccess",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "XXXX"
},
"/*"
]
]
},
"Principal": {
"AWS": {
"Fn::GetAtt": [
"TestingServerUser",
"Arn"
]
}
}
}
]
},
"Bucket": {
"Ref": "XXXX"
}
}
},
"AppServerSNSTopic": {
"Type": "AWS::SNS::Topic",
"Properties": {
"Subscription": [
{
"Endpoint": {
"Ref": "SNSTopic"
},
"Protocol": "email"
}
]
}
},
"TestingServer": {
"Type": "AWS::EC2::Instance",
"Metadata": {
"AWS::CloudFormation::Init": {
"config": {
"command" :{
"mkawsdir" : {
"command" : "mkdir /home/ubuntu/.aws"
}
},
"files": {
"/home/ubuntu/.aws/aws-credential-file": {
"content": {
"Fn::Join": [
"",
[
"AWSAccessKeyId=",
{
"Ref": "HostKeys"
},
"\n",
"AWSSecretKey=",
{
"Fn::GetAtt": [
"HostKeys",
"SecretAccessKey"
]
},
"\n"
]
]
},
"mode": "000600",
"owner": "ubuntu",
"group": "ubuntu"
},
"/home/ubuntu/.s3cfg": {
"content": {
"Fn::Join": [
"",
[
"[default]\n",
"access_key = ",
{
"Ref": "HostKeys"
},
"\n",
"secret_key = ",
{
"Fn::GetAtt": [
"HostKeys",
"SecretAccessKey"
]
},
"\n",
"use_https = True\n"
]
]
},
"mode": "000644",
"owner": "ubuntu",
"group": "ubuntu"
}
}
}
}
},
"Properties": {
"SecurityGroups": [
{
"Ref": "SecurityGroup"
}
],
"ImageId": {
"Fn::FindInMap": [
"AWSRegionArch2AMI",
{
"Ref": "AWS::Region"
},
{
"Fn::FindInMap": [
"AWSInstanceType2Arch",
{
"Ref": "InstanceType"
},
"Arch"
]
}
]
},
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/sh -v\n",
"#function error exit defined\n",
"error_exit()\n",
"{\n",
" cfn-signal -e 1 -r \"$1\" '",
{
"Ref": "TestingServerWaitHandle"
},
"'\n",
" exit 1\n",
"}\n",
"apt-get -y install python-setuptools\n",
"easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-1.0-6.tar.gz\n",
"cfn-init -s ",
{
"Ref": "AWS::StackName"
},
" -r TestingServer ",
" --access-key ",
{
"Ref": "HostKeys"
},
" --secret-key ",
{
"Fn::GetAtt": [
"HostKeys",
"SecretAccessKey"
]
},
" --region ",
{
"Ref": "AWS::Region"
},
" > /tmp/cfn_init.log || error_exit 'Failed to run cfn-init'\n",
"user-data 'testing' '",
{
"Ref": "TestingServerWaitHandle"
},
"' '",
{
"Ref": "AWS::StackName"
},
"' '",
{
"Ref": "HostKeys"
},
"' '",
{
"Fn::GetAtt": [
"HostKeys",
"SecretAccessKey"
]
},
"' '",
{
"Ref": "AWS::Region"
},
"'\n",
"# If all went well, signal success\n",
"cfn-signal -e $? -r 'Testing WebServer configuration' '",
{
"Ref": "TestingServerWaitHandle"
},
"'\n"
]
]
}
},
"KeyName": {
"Ref": "KeyName"
},
"InstanceType": {
"Ref": "InstanceType"
},
"Tags": [
{ "Key" : "Name", "Value": "Testing WebServer" },
{ "Key" : "Role", "Value": "Testing WebServer Instance" },
{ "Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }
]
}
},
"TestingServerWaitHandle": {
"Type": "AWS::CloudFormation::WaitConditionHandle"
},
"TestingServerWaitCondition": {
"Type": "AWS::CloudFormation::WaitCondition",
"DependsOn": "TestingServer",
"Properties": {
"Handle": {
"Ref": "TestingServerWaitHandle"
},
"Timeout": "1200"
}
},
"IPAssoc": {
"Type": "AWS::EC2::EIPAssociation",
"Properties": {
"InstanceId": {
"Ref": "TestingServer"
},
"EIP": "XXXX"
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment