sshplendid/cf-ec2.yml

## cf-ec2.yml
AWSTemplateFormatVersion: 2010-09-09
Description: stack description
Parameters:
  EC2KeyPair:
    Description: EC2 keypair name
    Type: AWS::EC2::KeyPair::KeyName
    Default: 'EC2 tutorial'
  myStamp:
    Description: My Stamp
    Type: String
    Default: This resource is created by cloudformation.
  MyVPCStackName:
    Description: VPC stack name to import value.
    Type: String
    Default: wrong-stack-name
Mappings:
  RegionMap:
    us-east-1:
      amzn2ami: 'ami-00068cd7555f543d5'
    ap-northeast-2:
      amzn2ami: 'ami-0d59ddf55cdda6e21'
Resources:
  MyEC2:
    Type: 'AWS::EC2::Instance'
    Properties:
      KeyName: !Ref EC2KeyPair
      SubnetId:
        Fn::ImportValue:
          !Sub "${MyVPCStackName}-public-subnet0"
      ImageId: !FindInMap [ RegionMap, !Ref "AWS::Region", amzn2ami ]
      InstanceType: 't2.micro'
      Monitoring: true
      SecurityGroupIds:
        - !Ref MyWebServerSG
        - !Ref MySecureShellSG
      UserData: !Base64 |
        #!/bin/bash -ex
        yum update -y
        yum install -y httpd.x86_64
        systemctl start httpd.service
        systemctl enable httpd.service
        echo "Hello... $(hostname -f)" > /var/www/html/index.html
  MyWebServerSG:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: 'my-web-sg'
      GroupDescription: 'Web Server security group'
      VpcId:
        Fn::ImportValue:
          !Sub "${MyVPCStackName}-VPCID"
      SecurityGroupIngress:
        - IpProtocol: tcp
          CidrIp: 0.0.0.0/0
          FromPort: 80
          ToPort: 80
  MySecureShellSG:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: 'my-ssh-sg'
      GroupDescription: 'web server security group'
      VpcId:
        Fn::ImportValue:
          !Sub "${MyVPCStackName}-VPCID"
      SecurityGroupIngress:
        - IpProtocol: tcp
          CidrIp: 0.0.0.0/0
          FromPort: 22
          ToPort: 22

# aws cloudformation --profile my delete-stack --stack-name ec2-stack
# aws cloudformation --profile admin create-stack --stack-name ec2-stack --template-body file://./cf-ec2.yml --parameters ParameterKey=myStamp,ParameterValue=cli ParameterKey=MyVPCStackName,ParameterValue=my-vpc
# aws cloudformation --profile admin update-stack --stack-name ec2-stack --template-body file://./cf-ec2.yml --parameters ParameterKey=myStamp,ParameterValue=cli ParameterKey=MyVPCStackName,ParameterValue=my-vpc

## cf-vpc.yml
AWSTemplateFormatVersion: 2010-09-09
Description: This is my VPC template
Parameters:
  myStamp:
    Description: This parameter will be tagged at all resources as 'CreatedBy'.
    Type: String
    Default: This resource is created by CloudFormation.
Resources:
  MyVPC:
    Type: AWS::EC2::VPC
    Properties:
      # EnableDnsHostnames: true
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: true
      Tags:
        - Key: Name
          Value: My-VPC
        - Key: create-stamp
          Value: !Ref myStamp
  MyInternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: create-stamp
          Value: !Ref myStamp
  MyAttachGateway:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref MyVPC
      InternetGatewayId: !Ref MyInternetGateway
  MyPrivateSubnet0:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 0
        - Fn::GetAZs: !Ref 'AWS::Region'
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.100.0/24
      Tags:
        - Key: Name
          Value: !Sub "MY-PRV-0"
  MyPrivateSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 1
        - Fn::GetAZs: !Ref 'AWS::Region'
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.101.0/24
      Tags:
        - Key: Name
          Value: !Sub "MY-PRV-1"
  MyPrivateSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 2
        - Fn::GetAZs: !Ref 'AWS::Region'
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.102.0/24
      Tags:
        - Key: Name
          Value: !Sub "MY-PRV-2"
  MyPublicSubnet0:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 0
        - Fn::GetAZs: !Ref 'AWS::Region'
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.200.0/24
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub "MY-Pub-0"
  MyPublicSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 1
        - Fn::GetAZs: !Ref 'AWS::Region'
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.201.0/24
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub "MY-Pub-2"
  MyPublicSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Select
        - 2
        - Fn::GetAZs: !Ref 'AWS::Region'
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.202.0/24
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub "MY-Pub-2"
  # PrivateRouteTable:
  #   Type: AWS::EC2::RouteTable
  #   Properties:
  #     Tags:
  #       - Key: Name
  #         Value: My private route table
  #     VpcId: !Ref MyVPC
  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      Tags:
        - Key: Name
          Value: My public route table
      VpcId: !Ref MyVPC
  # MyPrivateInnerRoute:
  #   Type: AWS::EC2::Route
  #   Properties:
  #     RouteTableId: !Ref PrivateRouteTable
  #     DestinationCidrBlock: !GetAtt MyVPC.CidrBlock
  # MyPublicInnerRoute:
  #   Type: AWS::EC2::Route
  #   Properties:
  #     RouteTableId: !Ref PublicRouteTable
  #     DestinationCidrBlock: !GetAtt MyVPC.CidrBlock
  MyInternetGatewayRoute:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: '0.0.0.0/0'
      GatewayId: !Ref MyInternetGateway
  PubAtoInternetRouteAsso:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref MyPublicSubnet0
      RouteTableId: !Ref PublicRouteTable
  PubBtoInternetRouteAsso:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref MyPublicSubnet1
      RouteTableId: !Ref PublicRouteTable
  PubCtoInternetRouteAsso:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref MyPublicSubnet2
      RouteTableId: !Ref PublicRouteTable
  # PrvAtoVPCRouteAsso:
  #   Type: AWS::EC2::SubnetRouteTableAssociation
  #   Properties:
  #     SubnetId: !Ref MyPrivateSubnet0
  #     RouteTableId: !Ref PrivateRouteTable
  # PrvBtoVPCRouteAsso:
  #   Type: AWS::EC2::SubnetRouteTableAssociation
  #   Properties:
  #     SubnetId: !Ref MyPrivateSubnet1
  #     RouteTableId: !Ref PrivateRouteTable
  # PrvCtoVPCRouteAsso:
  #   Type: AWS::EC2::SubnetRouteTableAssociation
  #   Properties:
  #     SubnetId: !Ref MyPrivateSubnet2
  #     RouteTableId: !Ref PrivateRouteTable
Outputs:
  MyVPC:
    Description: This output represents VPC ID.
    Value: !Ref MyVPC
    Export:
      Name: !Sub "${AWS::StackName}-VPCID"
  MyPrivateSubnets:
    Description: Private Subnet list
    Value: !Join [',', [!Ref MyPrivateSubnet0, !Ref MyPrivateSubnet1, !Ref MyPrivateSubnet2]]
    Export:
      Name: !Sub "${AWS::StackName}-private-subnets"
  MyPublicSubnets:
    Description: Public Subnet list
    Value: !Join [',', [!Ref MyPublicSubnet0, !Ref MyPublicSubnet1, !Ref MyPublicSubnet2]]
    Export:
      Name: !Sub "${AWS::StackName}-public-subnets"
  MyPublicSubnet:
    Description: Information about the value
    Value: !Ref MyPublicSubnet0
    Export:
      Name: !Sub "${AWS::StackName}-public-subnet0"

# aws s3 cp ./cf-ec2.yml s3://japdongsany/cf-vpc.yml --profile my
# aws cloudformation --profile my delete-stack --stack-name my-vpc
# aws cloudformation --profile my create-stack --stack-name my-vpc --template-body file://./cf-vpc.yml --parameters ParameterKey=myStamp,ParameterValue=cli
# aws cloudformation --profile admin update-stack --stack-name my-vpc --template-body file://./cf-vpc.yml --parameters ParameterKey=myStamp,ParameterValue=cli
	AWSTemplateFormatVersion: 2010-09-09
	Description: stack description
	Parameters:
	EC2KeyPair:
	Description: EC2 keypair name
	Type: AWS::EC2::KeyPair::KeyName
	Default: 'EC2 tutorial'
	myStamp:
	Description: My Stamp
	Type: String
	Default: This resource is created by cloudformation.
	MyVPCStackName:
	Description: VPC stack name to import value.
	Type: String
	Default: wrong-stack-name
	Mappings:
	RegionMap:
	us-east-1:
	amzn2ami: 'ami-00068cd7555f543d5'
	ap-northeast-2:
	amzn2ami: 'ami-0d59ddf55cdda6e21'
	Resources:
	MyEC2:
	Type: 'AWS::EC2::Instance'
	Properties:
	KeyName: !Ref EC2KeyPair
	SubnetId:
	Fn::ImportValue:
	!Sub "${MyVPCStackName}-public-subnet0"
	ImageId: !FindInMap [ RegionMap, !Ref "AWS::Region", amzn2ami ]
	InstanceType: 't2.micro'
	Monitoring: true
	SecurityGroupIds:
	- !Ref MyWebServerSG
	- !Ref MySecureShellSG
	UserData: !Base64 \|
	#!/bin/bash -ex
	yum update -y
	yum install -y httpd.x86_64
	systemctl start httpd.service
	systemctl enable httpd.service
	echo "Hello... $(hostname -f)" > /var/www/html/index.html
	MyWebServerSG:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupName: 'my-web-sg'
	GroupDescription: 'Web Server security group'
	VpcId:
	Fn::ImportValue:
	!Sub "${MyVPCStackName}-VPCID"
	SecurityGroupIngress:
	- IpProtocol: tcp
	CidrIp: 0.0.0.0/0
	FromPort: 80
	ToPort: 80
	MySecureShellSG:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupName: 'my-ssh-sg'
	GroupDescription: 'web server security group'
	VpcId:
	Fn::ImportValue:
	!Sub "${MyVPCStackName}-VPCID"
	SecurityGroupIngress:
	- IpProtocol: tcp
	CidrIp: 0.0.0.0/0
	FromPort: 22
	ToPort: 22

	# aws cloudformation --profile my delete-stack --stack-name ec2-stack
	# aws cloudformation --profile admin create-stack --stack-name ec2-stack --template-body file://./cf-ec2.yml --parameters ParameterKey=myStamp,ParameterValue=cli ParameterKey=MyVPCStackName,ParameterValue=my-vpc
	# aws cloudformation --profile admin update-stack --stack-name ec2-stack --template-body file://./cf-ec2.yml --parameters ParameterKey=myStamp,ParameterValue=cli ParameterKey=MyVPCStackName,ParameterValue=my-vpc
	AWSTemplateFormatVersion: 2010-09-09
	Description: This is my VPC template
	Parameters:
	myStamp:
	Description: This parameter will be tagged at all resources as 'CreatedBy'.
	Type: String
	Default: This resource is created by CloudFormation.
	Resources:
	MyVPC:
	Type: AWS::EC2::VPC
	Properties:
	# EnableDnsHostnames: true
	CidrBlock: 10.0.0.0/16
	EnableDnsSupport: true
	Tags:
	- Key: Name
	Value: My-VPC
	- Key: create-stamp
	Value: !Ref myStamp
	MyInternetGateway:
	Type: AWS::EC2::InternetGateway
	Properties:
	Tags:
	- Key: create-stamp
	Value: !Ref myStamp
	MyAttachGateway:
	Type: AWS::EC2::VPCGatewayAttachment
	Properties:
	VpcId: !Ref MyVPC
	InternetGatewayId: !Ref MyInternetGateway
	MyPrivateSubnet0:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select
	- 0
	- Fn::GetAZs: !Ref 'AWS::Region'
	VpcId: !Ref MyVPC
	CidrBlock: 10.0.100.0/24
	Tags:
	- Key: Name
	Value: !Sub "MY-PRV-0"
	MyPrivateSubnet1:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select
	- 1
	- Fn::GetAZs: !Ref 'AWS::Region'
	VpcId: !Ref MyVPC
	CidrBlock: 10.0.101.0/24
	Tags:
	- Key: Name
	Value: !Sub "MY-PRV-1"
	MyPrivateSubnet2:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select
	- 2
	- Fn::GetAZs: !Ref 'AWS::Region'
	VpcId: !Ref MyVPC
	CidrBlock: 10.0.102.0/24
	Tags:
	- Key: Name
	Value: !Sub "MY-PRV-2"
	MyPublicSubnet0:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select
	- 0
	- Fn::GetAZs: !Ref 'AWS::Region'
	VpcId: !Ref MyVPC
	CidrBlock: 10.0.200.0/24
	MapPublicIpOnLaunch: true
	Tags:
	- Key: Name
	Value: !Sub "MY-Pub-0"
	MyPublicSubnet1:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select
	- 1
	- Fn::GetAZs: !Ref 'AWS::Region'
	VpcId: !Ref MyVPC
	CidrBlock: 10.0.201.0/24
	MapPublicIpOnLaunch: true
	Tags:
	- Key: Name
	Value: !Sub "MY-Pub-2"
	MyPublicSubnet2:
	Type: AWS::EC2::Subnet
	Properties:
	AvailabilityZone: !Select
	- 2
	- Fn::GetAZs: !Ref 'AWS::Region'
	VpcId: !Ref MyVPC
	CidrBlock: 10.0.202.0/24
	MapPublicIpOnLaunch: true
	Tags:
	- Key: Name
	Value: !Sub "MY-Pub-2"
	# PrivateRouteTable:
	# Type: AWS::EC2::RouteTable
	# Properties:
	# Tags:
	# - Key: Name
	# Value: My private route table
	# VpcId: !Ref MyVPC
	PublicRouteTable:
	Type: AWS::EC2::RouteTable
	Properties:
	Tags:
	- Key: Name
	Value: My public route table
	VpcId: !Ref MyVPC
	# MyPrivateInnerRoute:
	# Type: AWS::EC2::Route
	# Properties:
	# RouteTableId: !Ref PrivateRouteTable
	# DestinationCidrBlock: !GetAtt MyVPC.CidrBlock
	# MyPublicInnerRoute:
	# Type: AWS::EC2::Route
	# Properties:
	# RouteTableId: !Ref PublicRouteTable
	# DestinationCidrBlock: !GetAtt MyVPC.CidrBlock
	MyInternetGatewayRoute:
	Type: AWS::EC2::Route
	Properties:
	RouteTableId: !Ref PublicRouteTable
	DestinationCidrBlock: '0.0.0.0/0'
	GatewayId: !Ref MyInternetGateway
	PubAtoInternetRouteAsso:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	SubnetId: !Ref MyPublicSubnet0
	RouteTableId: !Ref PublicRouteTable
	PubBtoInternetRouteAsso:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	SubnetId: !Ref MyPublicSubnet1
	RouteTableId: !Ref PublicRouteTable
	PubCtoInternetRouteAsso:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	SubnetId: !Ref MyPublicSubnet2
	RouteTableId: !Ref PublicRouteTable
	# PrvAtoVPCRouteAsso:
	# Type: AWS::EC2::SubnetRouteTableAssociation
	# Properties:
	# SubnetId: !Ref MyPrivateSubnet0
	# RouteTableId: !Ref PrivateRouteTable
	# PrvBtoVPCRouteAsso:
	# Type: AWS::EC2::SubnetRouteTableAssociation
	# Properties:
	# SubnetId: !Ref MyPrivateSubnet1
	# RouteTableId: !Ref PrivateRouteTable
	# PrvCtoVPCRouteAsso:
	# Type: AWS::EC2::SubnetRouteTableAssociation
	# Properties:
	# SubnetId: !Ref MyPrivateSubnet2
	# RouteTableId: !Ref PrivateRouteTable
	Outputs:
	MyVPC:
	Description: This output represents VPC ID.
	Value: !Ref MyVPC
	Export:
	Name: !Sub "${AWS::StackName}-VPCID"
	MyPrivateSubnets:
	Description: Private Subnet list
	Value: !Join [',', [!Ref MyPrivateSubnet0, !Ref MyPrivateSubnet1, !Ref MyPrivateSubnet2]]
	Export:
	Name: !Sub "${AWS::StackName}-private-subnets"
	MyPublicSubnets:
	Description: Public Subnet list
	Value: !Join [',', [!Ref MyPublicSubnet0, !Ref MyPublicSubnet1, !Ref MyPublicSubnet2]]
	Export:
	Name: !Sub "${AWS::StackName}-public-subnets"
	MyPublicSubnet:
	Description: Information about the value
	Value: !Ref MyPublicSubnet0
	Export:
	Name: !Sub "${AWS::StackName}-public-subnet0"

	# aws s3 cp ./cf-ec2.yml s3://japdongsany/cf-vpc.yml --profile my
	# aws cloudformation --profile my delete-stack --stack-name my-vpc
	# aws cloudformation --profile my create-stack --stack-name my-vpc --template-body file://./cf-vpc.yml --parameters ParameterKey=myStamp,ParameterValue=cli
	# aws cloudformation --profile admin update-stack --stack-name my-vpc --template-body file://./cf-vpc.yml --parameters ParameterKey=myStamp,ParameterValue=cli