Created
April 3, 2018 00:39
-
-
Save xsqian/c2b025df93373d8094167b1465c33f43 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion": "2010-09-09", | |
"Parameters": { | |
"PrestoCoordinatorURL": { | |
"Description": "URL of the Presto Server. example: http://ec2-xx-xx-xx-xx.compute-1.amazonaws.com:8889", | |
"Type": "String" | |
}, | |
"AirpalPort": { | |
"Description": "Airpal Port", | |
"Type": "String", | |
"Default": "8193" | |
}, | |
"AirpalAdminPort": { | |
"Description": "Airpal Admin Port", | |
"Type": "String", | |
"Default": "8082" | |
}, | |
"MyInstanceType": { | |
"Description": "Amazon EC2 instance type.", | |
"Type": "String", | |
"Default": "t2.small", | |
"ConstraintDescription": "Must be a valid Amazon EC2 instance type." | |
}, | |
"MyKeyPairName": { | |
"Description": "Name of an existing Amazon EC2 key pair to enable SSH access to the instances.", | |
"Type": "AWS::EC2::KeyPair::KeyName" | |
}, | |
"S3BootstrapBucket": { | |
"Description": "S3 Bucket bootstrap artifact is stored", | |
"Type": "String", | |
"Default": "emr.presto.airpal" | |
}, | |
"InstallAirpal": { | |
"Description": "Bootstrap artifact to execute", | |
"Type": "String", | |
"Default": "scripts/install_airpal.sh" | |
}, | |
"StartAirpal": { | |
"Description": "Script to start Airpal", | |
"Type": "String", | |
"Default": "scripts/start_airpal.sh" | |
}, | |
"SSHCidrWhiteList": { | |
"Description": "The IP address range that can be used to connect using SSH or RDP to the Amazon EC2 instances.", | |
"Type": "String", | |
"MinLength": "9", | |
"MaxLength": "18", | |
"Default": "0.0.0.0/0", | |
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", | |
"ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x." | |
}, | |
"VpcIpBlock": { | |
"Description": "Cidr for the entire VPC", | |
"Type": "String", | |
"Default": "173.25.0.0/16" | |
}, | |
"PublicSubnetIpBlocks": { | |
"Description": "CSV of Cidrs for Public Subnets", | |
"Type": "String", | |
"Default": "173.25.96.0/20" | |
} | |
}, | |
"Mappings": { | |
"AWSNatAmisByRegion": { | |
"us-east-1": { "AMI": "ami-0d4cfd66" }, | |
"us-west-1": { "AMI": "ami-87ea13c3" }, | |
"us-west-2": { "AMI": "ami-d5c5d1e5" }, | |
"eu-west-1": { "AMI": "ami-e4d18e93" }, | |
"eu-central-1": { "AMI": "ami-a6b0b7bb" }, | |
"ap-southeast-1": { "AMI": "ami-d44b4286" }, | |
"ap-southeast-2": { "AMI": "ami-db7b39e1" }, | |
"ap-northeast-1": { "AMI": "ami-1c1b9f1c" }, | |
"sa-east-1": { "AMI": "ami-55098148" } | |
} | |
}, | |
"Resources": { | |
"MyVPC": { | |
"Type": "AWS::EC2::VPC", | |
"Properties": { | |
"CidrBlock": { "Ref": "VpcIpBlock" }, | |
"InstanceTenancy": "default", | |
"EnableDnsSupport": "true", | |
"EnableDnsHostnames": "true" | |
} | |
}, | |
"MySubnet": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"CidrBlock": { "Ref": "PublicSubnetIpBlocks"}, | |
"AvailabilityZone": { | |
"Fn::Select": [ 1, { "Fn::GetAZs" : "" } ] | |
}, | |
"VpcId": { | |
"Ref": "MyVPC" | |
} | |
} | |
}, | |
"MyIGW": { | |
"Type": "AWS::EC2::InternetGateway", | |
"Properties": { | |
} | |
}, | |
"MyDHCPOption": { | |
"Type": "AWS::EC2::DHCPOptions", | |
"Properties": { | |
"DomainName": "ec2.internal", | |
"DomainNameServers": [ | |
"AmazonProvidedDNS" | |
] | |
} | |
}, | |
"MyNACL": { | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"VpcId": { | |
"Ref": "MyVPC" | |
} | |
} | |
}, | |
"MyRouteTable": { | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"VpcId": { | |
"Ref": "MyVPC" | |
} | |
} | |
}, | |
"MyRouteTableAssociation": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"SubnetId": { "Ref": "MySubnet" | |
}, | |
"RouteTableId": { "Ref": "MyRouteTable" | |
} | |
} | |
}, | |
"AirpalServer": { | |
"Type": "AWS::EC2::Instance", | |
"DependsOn" : "gw1", | |
"Properties": { | |
"DisableApiTermination": "false", | |
"InstanceInitiatedShutdownBehavior": "stop", | |
"ImageId": { "Fn::FindInMap" : [ "AWSNatAmisByRegion", { "Ref" : "AWS::Region" }, "AMI" ]}, | |
"InstanceType": { "Ref": "MyInstanceType" }, | |
"KeyName": { "Ref": "MyKeyPairName" }, | |
"Monitoring": "false", | |
"IamInstanceProfile": { "Ref": "MyRoleInstanceProfile" }, | |
"Tags": [ | |
{ | |
"Key": "Name", | |
"Value": "Airpal-Server" | |
} | |
], | |
"UserData": { | |
"Fn::Base64": { | |
"Fn::Join": [ | |
"", | |
[ | |
"#!/bin/bash -ex\n", | |
"aws s3 cp s3://", | |
{ "Ref": "S3BootstrapBucket" }, "/", { "Ref": "InstallAirpal" }, " /tmp/", { "Ref": "InstallAirpal" }, " --region us-east-1\n", | |
"aws s3 cp s3://", | |
{ "Ref": "S3BootstrapBucket" }, "/", { "Ref": "StartAirpal" }, " /tmp/", { "Ref": "StartAirpal" }, " --region us-east-1\n", | |
"cd /tmp\n", | |
"chmod +x ", { "Ref": "InstallAirpal" }, "\n", | |
"chmod +x ", { "Ref": "StartAirpal" }, "\n", | |
"./", { "Ref": "InstallAirpal" }, "\n", | |
"sed -i ", "\"s|http://presto-coordinator-url.com|", { "Ref": "PrestoCoordinatorURL" }, "|g\" ", "/home/ec2-user/airpal-master/reference.yml\n", | |
"sed -i ", "\"s|8081|", { "Ref": "AirpalPort" }, "|g\" ", "/home/ec2-user/airpal-master/reference.yml\n", | |
"sed -i ", "\"s|8082|", { "Ref": "AirpalAdminPort" }, "|g\" ", "/home/ec2-user/airpal-master/reference.yml\n", | |
"/tmp/", { "Ref": "StartAirpal" }, "\n" | |
] | |
] | |
} | |
}, | |
"NetworkInterfaces": [ | |
{ | |
"AssociatePublicIpAddress" : "true", | |
"DeleteOnTermination": "true", | |
"DeviceIndex": 0, | |
"SubnetId": { | |
"Ref": "MySubnet" | |
}, | |
"GroupSet": [ | |
{ | |
"Ref": "MySG" | |
} | |
] | |
} | |
] | |
} | |
}, | |
"MySG": { | |
"Type": "AWS::EC2::SecurityGroup", | |
"Properties": { | |
"GroupDescription": "launch-wizard-1 created 2015-08-04T16:57:14.003-04:00", | |
"VpcId": { | |
"Ref": "MyVPC" | |
} | |
} | |
}, | |
"acl1": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"CidrBlock": "0.0.0.0/0", | |
"Egress": "true", | |
"Protocol": "-1", | |
"RuleAction": "allow", | |
"RuleNumber": "100", | |
"NetworkAclId": { | |
"Ref": "MyNACL" | |
} | |
} | |
}, | |
"acl2": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"CidrBlock": "0.0.0.0/0", | |
"Protocol": "-1", | |
"RuleAction": "allow", | |
"RuleNumber": "100", | |
"NetworkAclId": { | |
"Ref": "MyNACL" | |
} | |
} | |
}, | |
"SubnetACL": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "MyNACL" | |
}, | |
"SubnetId": { | |
"Ref": "MySubnet" | |
} | |
} | |
}, | |
"gw1": { | |
"Type": "AWS::EC2::VPCGatewayAttachment", | |
"Properties": { | |
"VpcId": { | |
"Ref": "MyVPC" | |
}, | |
"InternetGatewayId": { | |
"Ref": "MyIGW" | |
} | |
} | |
}, | |
"route1": { | |
"Type": "AWS::EC2::Route", | |
"Properties": { | |
"DestinationCidrBlock": "0.0.0.0/0", | |
"RouteTableId": { | |
"Ref": "MyRouteTable" | |
}, | |
"GatewayId": { | |
"Ref": "MyIGW" | |
} | |
}, | |
"DependsOn": "gw1" | |
}, | |
"dchpassoc1": { | |
"Type": "AWS::EC2::VPCDHCPOptionsAssociation", | |
"Properties": { | |
"VpcId": { | |
"Ref": "MyVPC" | |
}, | |
"DhcpOptionsId": { | |
"Ref": "MyDHCPOption" | |
} | |
} | |
}, | |
"ingress1": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"GroupId": { | |
"Ref": "MySG" | |
}, | |
"IpProtocol": "tcp", | |
"FromPort": "443", | |
"ToPort": "443", | |
"CidrIp": "0.0.0.0/0" | |
} | |
}, | |
"ingress2": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"GroupId": { | |
"Ref": "MySG" | |
}, | |
"IpProtocol": "tcp", | |
"FromPort": "80", | |
"ToPort": "80", | |
"CidrIp": "0.0.0.0/0" | |
} | |
}, | |
"ingress3": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"GroupId": { | |
"Ref": "MySG" | |
}, | |
"IpProtocol": "tcp", | |
"FromPort": "22", | |
"ToPort": "22", | |
"CidrIp": "0.0.0.0/0" | |
} | |
}, | |
"ingress4": { | |
"Type": "AWS::EC2::SecurityGroupIngress", | |
"Properties": { | |
"GroupId": { | |
"Ref": "MySG" | |
}, | |
"IpProtocol": "tcp", | |
"FromPort": "0", | |
"ToPort": "65535", | |
"CidrIp": "0.0.0.0/0" | |
} | |
}, | |
"egress1": { | |
"Type": "AWS::EC2::SecurityGroupEgress", | |
"Properties": { | |
"GroupId": { | |
"Ref": "MySG" | |
}, | |
"IpProtocol": "-1", | |
"CidrIp": "0.0.0.0/0" | |
} | |
}, | |
"MyRole": { | |
"Type": "AWS::IAM::Role", | |
"Properties": { | |
"AssumeRolePolicyDocument": { | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"Service": [ | |
"ec2.amazonaws.com" | |
] | |
}, | |
"Action": [ | |
"sts:AssumeRole" | |
] | |
} | |
] | |
}, | |
"Path": "/" | |
} | |
}, | |
"MyRolePolicy": { | |
"Type": "AWS::IAM::Policy", | |
"Properties": { | |
"PolicyName": "MyRole", | |
"PolicyDocument": { | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"logs:CreateLogGroup", | |
"logs:CreateLogStream", | |
"logs:PutLogEvents", | |
"logs:DescribeLogStreams" | |
], | |
"Resource": [ | |
"arn:aws:logs:*:*:*" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:Get*", | |
"s3:List*" | |
], | |
"Resource": [ | |
{ "Fn::Join" : ["", [ "arn:aws:s3:::", { "Ref" : "S3BootstrapBucket" }, "/", { "Ref" : "InstallAirpal" }]]}, | |
{ "Fn::Join" : ["", [ "arn:aws:s3:::", { "Ref" : "S3BootstrapBucket" }, "/", { "Ref" : "StartAirpal" }]]} | |
] | |
} | |
] | |
}, | |
"Roles": [ | |
{ "Ref": "MyRole" } | |
] | |
} | |
}, | |
"MyRoleInstanceProfile": { | |
"Type": "AWS::IAM::InstanceProfile", | |
"Properties": { | |
"Path": "/", | |
"Roles": [ | |
{ "Ref": "MyRole" } | |
] | |
} | |
} | |
}, | |
"Description": "Airpal-test-v1" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment