Skip to content

Instantly share code, notes, and snippets.

@rummykhan

rummykhan/cfn-ec2.yaml

Created January 25, 2023 03:43
Show Gist options
  • Save rummykhan/224178d15b7349c68760e464aea4784b to your computer and use it in GitHub Desktop.
Save rummykhan/224178d15b7349c68760e464aea4784b to your computer and use it in GitHub Desktop.
Download ZIP
CFN stack to create EC2 Instances
Raw
cfn-ec2.yaml
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
EnvironmentTypeParameter:
Description: Environment Type
Type: String
Default: dev
InstanceTypeParameter:
Description: Instance type parameter
Type: String
Default: t2.micro
InstanceSSHKey:
Type: AWS::EC2::KeyPair::KeyName
Description: Name of the existing key pair
OwnIp:
Type: String
Description: Enter your ip
Default: 87.201.52.139/32
InstanceAZ:
Type: AWS::EC2::AvailabilityZone::Name
Description: Instance availability zone
Mappings:
RegionMap:
us-east-1:
"32": "ami-0149b2da6ceec4bb0"
"64": "ami-08c40ec9ead489470"
eu-west-1:
"32": "ami-0fd8802f94ed1c969"
"64": "ami-096800910c1b781ba"
Environment:
dev:
"TagKeyName": "EnvironmentType"
"TagKeyValue": "Devo"
prod:
"TagKeyName": "EnvironmentType"
"TagKeyValue": "Prod"
# https://stackoverflow.com/questions/41106216/negate-a-condition-in-cloudformation-template
Conditions:
CreateProdResources: !Equals [!Ref EnvironmentTypeParameter, prod]
CreateDevoResources: !Not [Condition: CreateProdResources]
Resources:
DevoEc2Instance:
Type: "AWS::EC2::Instance"
Condition: CreateDevoResources
Properties:
AvailabilityZone: !Ref InstanceAZ
ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", 64]
KeyName: !Ref InstanceSSHKey
InstanceType: !Ref InstanceTypeParameter
SecurityGroups:
- !Ref SSHAndHttpSecurityGroup
UserData:
Fn::Base64: |
#!/bin/bash -xe
apt update
apt install -y nginx
systemctl restart nginx
echo "<h1>Hello World from user data @ $(hostname -f) -- devo</h1>" > /var/www/html/index.html
Tags:
- Key: !FindInMap [Environment, !Ref EnvironmentTypeParameter, TagKeyName]
Value: !FindInMap [Environment, !Ref EnvironmentTypeParameter, TagKeyValue]
- Key: Name
Value: Mapping Dev Instance
ProdEc2Instance:
Type: "AWS::EC2::Instance"
Condition: CreateProdResources
Properties:
AvailabilityZone: !Ref InstanceAZ
KeyName: !Ref InstanceSSHKey
ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", 64]
InstanceType: !Ref InstanceTypeParameter
SecurityGroups:
- !Ref SSHAndHttpSecurityGroup
UserData:
Fn::Base64: |
#!/bin/bash -xe
apt update
apt install -y nginx
systemctl restart nginx
echo "<h1>Hello World from user data @ $(hostname -f) -- prod</h1>" > /var/www/html/index.html
Tags:
- Key: !FindInMap [Environment, !Ref EnvironmentTypeParameter, TagKeyName]
Value: !FindInMap [Environment, !Ref EnvironmentTypeParameter, TagKeyValue]
- Key: Name
Value: Mapping Prod Instance
SSHAndHttpSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: SSH and Http
SecurityGroupIngress:
# Allow Http anywhere
- CidrIp: 0.0.0.0/0
FromPort: 80
IpProtocol: tcp
ToPort: 80
# Allow ssh from my ip
- CidrIp: !Ref OwnIp
FromPort: 22
IpProtocol: tcp
ToPort: 22
# Allow connect from ec2 ssh manager
- CidrIp: 18.202.216.48/29
FromPort: 22
IpProtocol: tcp
ToPort: 22
Tags:
- Key: !FindInMap [Environment, !Ref EnvironmentTypeParameter, TagKeyName]
Value: !FindInMap [Environment, !Ref EnvironmentTypeParameter, TagKeyValue]
- Key: Name
Value: SSHAndHttpSecurityGroup
- Key: Description
Value: Allow SSH (My ip only) and Http (Anywhere)
Outputs:
DevoEc2InstanceId:
Condition: CreateDevoResources
Description: Devo Ec2 Instance id created
Value: !Ref DevoEc2Instance
Export:
Name: ec2Instance
ProdEc2InstanceId:
Condition: CreateProdResources
Description: Prod Ec2 Instance id created
Value: !Ref ProdEc2Instance
Export:
Name: ec2Instance
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment