Created
November 22, 2019 15:21
-
-
Save sshplendid/1a935e22f7e036dd8d7b34801cfe01fe to your computer and use it in GitHub Desktop.
클라우드 포메이션을 사용해서 (1) VPC 스택을 생성하고, 퍼블릭 서브넷에 (2) EC2 인스턴스를 생성하는 스택 템플릿
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AWSTemplateFormatVersion: 2010-09-09 | |
Description: stack description | |
Parameters: | |
EC2KeyPair: | |
Description: EC2 keypair name | |
Type: AWS::EC2::KeyPair::KeyName | |
Default: 'EC2 tutorial' | |
myStamp: | |
Description: My Stamp | |
Type: String | |
Default: This resource is created by cloudformation. | |
MyVPCStackName: | |
Description: VPC stack name to import value. | |
Type: String | |
Default: wrong-stack-name | |
Mappings: | |
RegionMap: | |
us-east-1: | |
amzn2ami: 'ami-00068cd7555f543d5' | |
ap-northeast-2: | |
amzn2ami: 'ami-0d59ddf55cdda6e21' | |
Resources: | |
MyEC2: | |
Type: 'AWS::EC2::Instance' | |
Properties: | |
KeyName: !Ref EC2KeyPair | |
SubnetId: | |
Fn::ImportValue: | |
!Sub "${MyVPCStackName}-public-subnet0" | |
ImageId: !FindInMap [ RegionMap, !Ref "AWS::Region", amzn2ami ] | |
InstanceType: 't2.micro' | |
Monitoring: true | |
SecurityGroupIds: | |
- !Ref MyWebServerSG | |
- !Ref MySecureShellSG | |
UserData: !Base64 | | |
#!/bin/bash -ex | |
yum update -y | |
yum install -y httpd.x86_64 | |
systemctl start httpd.service | |
systemctl enable httpd.service | |
echo "Hello... $(hostname -f)" > /var/www/html/index.html | |
MyWebServerSG: | |
Type: AWS::EC2::SecurityGroup | |
Properties: | |
GroupName: 'my-web-sg' | |
GroupDescription: 'Web Server security group' | |
VpcId: | |
Fn::ImportValue: | |
!Sub "${MyVPCStackName}-VPCID" | |
SecurityGroupIngress: | |
- IpProtocol: tcp | |
CidrIp: 0.0.0.0/0 | |
FromPort: 80 | |
ToPort: 80 | |
MySecureShellSG: | |
Type: AWS::EC2::SecurityGroup | |
Properties: | |
GroupName: 'my-ssh-sg' | |
GroupDescription: 'web server security group' | |
VpcId: | |
Fn::ImportValue: | |
!Sub "${MyVPCStackName}-VPCID" | |
SecurityGroupIngress: | |
- IpProtocol: tcp | |
CidrIp: 0.0.0.0/0 | |
FromPort: 22 | |
ToPort: 22 | |
# aws cloudformation --profile my delete-stack --stack-name ec2-stack | |
# aws cloudformation --profile admin create-stack --stack-name ec2-stack --template-body file://./cf-ec2.yml --parameters ParameterKey=myStamp,ParameterValue=cli ParameterKey=MyVPCStackName,ParameterValue=my-vpc | |
# aws cloudformation --profile admin update-stack --stack-name ec2-stack --template-body file://./cf-ec2.yml --parameters ParameterKey=myStamp,ParameterValue=cli ParameterKey=MyVPCStackName,ParameterValue=my-vpc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AWSTemplateFormatVersion: 2010-09-09 | |
Description: This is my VPC template | |
Parameters: | |
myStamp: | |
Description: This parameter will be tagged at all resources as 'CreatedBy'. | |
Type: String | |
Default: This resource is created by CloudFormation. | |
Resources: | |
MyVPC: | |
Type: AWS::EC2::VPC | |
Properties: | |
# EnableDnsHostnames: true | |
CidrBlock: 10.0.0.0/16 | |
EnableDnsSupport: true | |
Tags: | |
- Key: Name | |
Value: My-VPC | |
- Key: create-stamp | |
Value: !Ref myStamp | |
MyInternetGateway: | |
Type: AWS::EC2::InternetGateway | |
Properties: | |
Tags: | |
- Key: create-stamp | |
Value: !Ref myStamp | |
MyAttachGateway: | |
Type: AWS::EC2::VPCGatewayAttachment | |
Properties: | |
VpcId: !Ref MyVPC | |
InternetGatewayId: !Ref MyInternetGateway | |
MyPrivateSubnet0: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select | |
- 0 | |
- Fn::GetAZs: !Ref 'AWS::Region' | |
VpcId: !Ref MyVPC | |
CidrBlock: 10.0.100.0/24 | |
Tags: | |
- Key: Name | |
Value: !Sub "MY-PRV-0" | |
MyPrivateSubnet1: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select | |
- 1 | |
- Fn::GetAZs: !Ref 'AWS::Region' | |
VpcId: !Ref MyVPC | |
CidrBlock: 10.0.101.0/24 | |
Tags: | |
- Key: Name | |
Value: !Sub "MY-PRV-1" | |
MyPrivateSubnet2: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select | |
- 2 | |
- Fn::GetAZs: !Ref 'AWS::Region' | |
VpcId: !Ref MyVPC | |
CidrBlock: 10.0.102.0/24 | |
Tags: | |
- Key: Name | |
Value: !Sub "MY-PRV-2" | |
MyPublicSubnet0: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select | |
- 0 | |
- Fn::GetAZs: !Ref 'AWS::Region' | |
VpcId: !Ref MyVPC | |
CidrBlock: 10.0.200.0/24 | |
MapPublicIpOnLaunch: true | |
Tags: | |
- Key: Name | |
Value: !Sub "MY-Pub-0" | |
MyPublicSubnet1: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select | |
- 1 | |
- Fn::GetAZs: !Ref 'AWS::Region' | |
VpcId: !Ref MyVPC | |
CidrBlock: 10.0.201.0/24 | |
MapPublicIpOnLaunch: true | |
Tags: | |
- Key: Name | |
Value: !Sub "MY-Pub-2" | |
MyPublicSubnet2: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select | |
- 2 | |
- Fn::GetAZs: !Ref 'AWS::Region' | |
VpcId: !Ref MyVPC | |
CidrBlock: 10.0.202.0/24 | |
MapPublicIpOnLaunch: true | |
Tags: | |
- Key: Name | |
Value: !Sub "MY-Pub-2" | |
# PrivateRouteTable: | |
# Type: AWS::EC2::RouteTable | |
# Properties: | |
# Tags: | |
# - Key: Name | |
# Value: My private route table | |
# VpcId: !Ref MyVPC | |
PublicRouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
Tags: | |
- Key: Name | |
Value: My public route table | |
VpcId: !Ref MyVPC | |
# MyPrivateInnerRoute: | |
# Type: AWS::EC2::Route | |
# Properties: | |
# RouteTableId: !Ref PrivateRouteTable | |
# DestinationCidrBlock: !GetAtt MyVPC.CidrBlock | |
# MyPublicInnerRoute: | |
# Type: AWS::EC2::Route | |
# Properties: | |
# RouteTableId: !Ref PublicRouteTable | |
# DestinationCidrBlock: !GetAtt MyVPC.CidrBlock | |
MyInternetGatewayRoute: | |
Type: AWS::EC2::Route | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
DestinationCidrBlock: '0.0.0.0/0' | |
GatewayId: !Ref MyInternetGateway | |
PubAtoInternetRouteAsso: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref MyPublicSubnet0 | |
RouteTableId: !Ref PublicRouteTable | |
PubBtoInternetRouteAsso: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref MyPublicSubnet1 | |
RouteTableId: !Ref PublicRouteTable | |
PubCtoInternetRouteAsso: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref MyPublicSubnet2 | |
RouteTableId: !Ref PublicRouteTable | |
# PrvAtoVPCRouteAsso: | |
# Type: AWS::EC2::SubnetRouteTableAssociation | |
# Properties: | |
# SubnetId: !Ref MyPrivateSubnet0 | |
# RouteTableId: !Ref PrivateRouteTable | |
# PrvBtoVPCRouteAsso: | |
# Type: AWS::EC2::SubnetRouteTableAssociation | |
# Properties: | |
# SubnetId: !Ref MyPrivateSubnet1 | |
# RouteTableId: !Ref PrivateRouteTable | |
# PrvCtoVPCRouteAsso: | |
# Type: AWS::EC2::SubnetRouteTableAssociation | |
# Properties: | |
# SubnetId: !Ref MyPrivateSubnet2 | |
# RouteTableId: !Ref PrivateRouteTable | |
Outputs: | |
MyVPC: | |
Description: This output represents VPC ID. | |
Value: !Ref MyVPC | |
Export: | |
Name: !Sub "${AWS::StackName}-VPCID" | |
MyPrivateSubnets: | |
Description: Private Subnet list | |
Value: !Join [',', [!Ref MyPrivateSubnet0, !Ref MyPrivateSubnet1, !Ref MyPrivateSubnet2]] | |
Export: | |
Name: !Sub "${AWS::StackName}-private-subnets" | |
MyPublicSubnets: | |
Description: Public Subnet list | |
Value: !Join [',', [!Ref MyPublicSubnet0, !Ref MyPublicSubnet1, !Ref MyPublicSubnet2]] | |
Export: | |
Name: !Sub "${AWS::StackName}-public-subnets" | |
MyPublicSubnet: | |
Description: Information about the value | |
Value: !Ref MyPublicSubnet0 | |
Export: | |
Name: !Sub "${AWS::StackName}-public-subnet0" | |
# aws s3 cp ./cf-ec2.yml s3://japdongsany/cf-vpc.yml --profile my | |
# aws cloudformation --profile my delete-stack --stack-name my-vpc | |
# aws cloudformation --profile my create-stack --stack-name my-vpc --template-body file://./cf-vpc.yml --parameters ParameterKey=myStamp,ParameterValue=cli | |
# aws cloudformation --profile admin update-stack --stack-name my-vpc --template-body file://./cf-vpc.yml --parameters ParameterKey=myStamp,ParameterValue=cli |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment