AWS CloudFormation template for on-demand general-purpose VPC (t2.micro, ports: 22, 80, 443)

README.md

1. First copy the template to vpc.yaml to make changes (UserData ?)
2. Check template with aws cloudformation validate-template --template-body file://vpc.yaml
3. Run script with parameters you want: ./launch.sh <stack-name> BaseName=SOMETHING KeyName=PROD_KEY

launch.sh

#!/usr/bin/bash

# Script to launch a standalone EC2 instance with parameters

set -ueo pipefail

if [ $# -lt 2 ]; then
    echo "Usage: $0 <stack-name> [Key=Value]..."
    exit 1
fi

STACK_NAME="$1"
shift

# Get script parameters (formated as Key=Value) and convert to parameters for AWS CLI (ParameterKey=Key,ParameterValue=Value)
PARAMETERS=()
for PARAM in "$@"; do
    # fail if parameter is not in the form Key=Value
    REPLACED=$(echo "$PARAM" | sed -e 's/\([[:upper:]][[:alpha:]]*\)=\(.*\)/ParameterKey=\1,ParameterValue=\2/g; t; g1')
    PARAMETERS+=("$REPLACED")
done

# Launch the stack and wait for its creation
aws cloudformation create-stack --stack-name $STACK_NAME --template-body file://vpc.yaml --parameters "${PARAMETERS[@]}"
aws cloudformation wait stack-create-complete --stack-name $STACK_NAME

vpc.template.yaml

Parameters:

  LinuxImageId:
    Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
    Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2
  
  BaseName:
    Type: String
    Default: "MY_PROJECT"
    Description: "Base name for all resources"
  
  KeyName:
    Type: AWS::EC2::KeyPair::KeyName
    Description: "Name of an existing EC2 KeyPair to enable SSH access to the instances"

Resources:
  
  Vpc:
    Type: 'AWS::EC2::VPC'
    Properties:
      CidrBlock: 10.0.0.0/16
      Tags:
        - Key: Name
          Value: !Sub ${BaseName}_VPC

  Gateway:
    Type: 'AWS::EC2::InternetGateway'
    Properties:
      Tags:
        - Key: Name
          Value: !Sub ${BaseName}_GATEWAY

  GatewayAttachment:
    Type: 'AWS::EC2::VPCGatewayAttachment'
    Properties:
      InternetGatewayId: !Ref Gateway
      VpcId: !Ref Vpc

  RouteTable:
    Type: 'AWS::EC2::RouteTable'
    Properties:
      VpcId: !Ref Vpc
      Tags:
        - Key: Name
          Value: !Sub ${BaseName}_ROUTE_TABLE
  
  Route:
    Type: 'AWS::EC2::Route'
    DependsOn: Gateway
    Properties:
      RouteTableId: !Ref RouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref Gateway
  
  Subnet:
    Type: 'AWS::EC2::Subnet'
    Properties:
      CidrBlock: 10.0.1.0/24
      MapPublicIpOnLaunch: true
      VpcId: !Ref Vpc
      Tags:
        - Key: Name
          Value: !Sub ${BaseName}_SUBNET_1

  SubnetRouteTableAttachment:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      RouteTableId: !Ref RouteTable
      SubnetId: !Ref Subnet

  SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      VpcId: !Ref Vpc
      GroupDescription: allow connections from specified source security group
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 443
          ToPort: 443
          CidrIp: 0.0.0.0/0

  Instance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      SubnetId: !Ref Subnet
      ImageId: !Ref LatestLinuxImageId
      SecurityGroupIds:
        - !Ref SecurityGroup
      KeyName: !Ref KeyName
          
Outputs:

  VpcId:
    Value: !Ref Vpc
    Description: VPC ID

  AZ:
    Value: !GetAtt
      - Subnet
      - AvailabilityZone
    Description: Subnet AZ

  SubnetId:
    Value: !Ref Subnet
    Description: Subnet ID

  PublicIp:
    Value: !GetAtt Instance.PublicIp
    Description: Instance Public Ip