Created
April 22, 2018 11:22
-
-
Save sakamaki-kazuyoshi/8e56b1c67bee1924959654bd09a6a380 to your computer and use it in GitHub Desktop.
fluentd-test.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: "Create VPC,EC2 for Fluentd Test" | |
| Parameters: | |
| KeyPairName: | |
| Type: "AWS::EC2::KeyPair::KeyName" | |
| S3BucketName: | |
| Type: String | |
| SecurityGroupCidrIp: | |
| Type: String | |
| Default: 0.0.0.0/0 | |
| Mappings: | |
| prd: | |
| IPAddress: | |
| VpcCider: 10.0.0.0/16 | |
| FrontCider: 10.0.1.0/24 | |
| ResourceName: | |
| InstanceName: test-ec2 | |
| RoleName: test-role | |
| VPCName: test-vpc | |
| SubnetName: test-subnet | |
| RouteTableName: test-route | |
| InternetGatewayName: test-igw | |
| NetworkAclName: test-nacl | |
| SecurityGroupName: test-sg | |
| InstanceType: | |
| Ec2: t2.micro | |
| AvailabilityZone: | |
| AvailabilityZone1: ap-northeast-1a | |
| AMI: | |
| AmazonLinux: ami-a77c30c1 | |
| Resources: | |
| VPC: | |
| Type: "AWS::EC2::VPC" | |
| Properties: | |
| CidrBlock: !FindInMap [ prd, IPAddress, VpcCider ] | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, VPCName ] | |
| IGW: | |
| Type: "AWS::EC2::InternetGateway" | |
| Properties: | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, InternetGatewayName ] | |
| AttachIGW: | |
| Type: "AWS::EC2::VPCGatewayAttachment" | |
| Properties: | |
| VpcId: !Ref VPC | |
| InternetGatewayId: !Ref IGW | |
| RouteTable: | |
| Type: "AWS::EC2::RouteTable" | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, RouteTableName ] | |
| Publicrtb: | |
| Type: "AWS::EC2::Route" | |
| Properties: | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref IGW | |
| RouteTableId: !Ref RouteTable | |
| NetworkAcl: | |
| Type: "AWS::EC2::NetworkAcl" | |
| Properties: | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, NetworkAclName ] | |
| VpcId: !Ref VPC | |
| NetworkEgressAclEgressEntry: | |
| Type: "AWS::EC2::NetworkAclEntry" | |
| Properties: | |
| CidrBlock: 0.0.0.0/0 | |
| Egress: true | |
| NetworkAclId: !Ref NetworkAcl | |
| Protocol: -1 | |
| RuleAction : allow | |
| RuleNumber : 100 | |
| NetworkEgressAclIngressEntry: | |
| Type: "AWS::EC2::NetworkAclEntry" | |
| Properties: | |
| CidrBlock: 0.0.0.0/0 | |
| Egress: false | |
| NetworkAclId: !Ref NetworkAcl | |
| Protocol: -1 | |
| RuleAction : allow | |
| RuleNumber : 100 | |
| Subnet: | |
| Type: "AWS::EC2::Subnet" | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !FindInMap [ prd, AvailabilityZone, AvailabilityZone1 ] | |
| CidrBlock: !FindInMap [ prd, IPAddress, FrontCider ] | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, SubnetName ] | |
| PublicrtbAssociation: | |
| Type: "AWS::EC2::SubnetRouteTableAssociation" | |
| Properties: | |
| SubnetId: !Ref Subnet | |
| RouteTableId: !Ref RouteTable | |
| NetworkAclAssociation: | |
| Type: "AWS::EC2::SubnetNetworkAclAssociation" | |
| Properties: | |
| SubnetId: !Ref Subnet | |
| NetworkAclId: !Ref NetworkAcl | |
| IAMRole: | |
| Type: "AWS::IAM::Role" | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Version: "2012-10-17" | |
| Statement: | |
| - | |
| Effect: "Allow" | |
| Principal: | |
| Service: | |
| - "ec2.amazonaws.com" | |
| Action: | |
| - "sts:AssumeRole" | |
| Path: "/" | |
| ManagedPolicyArns: | |
| - arn:aws:iam::aws:policy/AmazonS3FullAccess | |
| RoleName: !FindInMap [ prd, ResourceName, RoleName ] | |
| InstanceProfile: | |
| Type: "AWS::IAM::InstanceProfile" | |
| Properties: | |
| Path: "/" | |
| Roles: | |
| - !Ref IAMRole | |
| WebSecurityGroup: | |
| Type: "AWS::EC2::SecurityGroup" | |
| Properties: | |
| VpcId: !Ref VPC | |
| GroupName: !FindInMap [ prd, ResourceName, SecurityGroupName ] | |
| GroupDescription: "SecurityGroup for Web" | |
| SecurityGroupIngress: | |
| - IpProtocol: tcp | |
| FromPort: '22' | |
| ToPort: '22' | |
| CidrIp: !Ref SecurityGroupCidrIp | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, SecurityGroupName ] | |
| Ec2Instance: | |
| Type: "AWS::EC2::Instance" | |
| Properties: | |
| AvailabilityZone: !FindInMap [ prd, AvailabilityZone, AvailabilityZone1 ] | |
| ImageId: !FindInMap [ prd, AMI, AmazonLinux ] | |
| InstanceType: !FindInMap [ prd, InstanceType, Ec2 ] | |
| IamInstanceProfile: !Ref InstanceProfile | |
| KeyName: !Ref KeyPairName | |
| SecurityGroupIds: | |
| - !Ref WebSecurityGroup | |
| SubnetId: !Ref Subnet | |
| Tags: | |
| - Key: Name | |
| Value: !FindInMap [ prd, ResourceName, InstanceName ] | |
| EIP: | |
| Type: "AWS::EC2::EIP" | |
| Properties: | |
| InstanceId: !Ref Ec2Instance | |
| S3Bucket: | |
| Type: AWS::S3::Bucket | |
| Properties: | |
| BucketName: !Ref S3BucketName |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment