===== BIG Example ===== From a course. $ aws cloudformation get-template --stack-nameMyStack --query TemplateBody --output text AWSTemplateFormatVersion: "2010-09-09" Description: > Template to build the Web Tier Parameters: VPCID: Description: VPC ID from the Base Networking Stack Type: String PUBSUBA: Description: Public Subnet A ID Type: String PUBSUBB: Description: Public Subnet B ID Type: String AppNamePram: Description: MyApp Type: String AppVerPram: Description: "MyApp Verson" Type: String CodeBucketPram: Description: "Bucket Name" Type: String CodeObjectKeyPram: Description: "Object Key to be Installed" Type: String KeyName: Type: AWS::EC2::KeyPair::KeyName Description: Keyname for the EC2 keypair instances ApiElbDns: Type: String Description: The DNS Name of the ELB in Front of the API Tier SaveElbDns: Type: String Description: The DNS Name of the ELB in Front of the Save Tier Mappings: AmazonLinuxAMI: ap-southeast-1: AMI: ami-c9b572aa ap-southeast-2: AMI: ami-f2210191 sa-east-1: AMI: ami-1e159872 Resources: # Networking AppTierSG: Type: AWS::EC2::SecurityGroup DependsOn: - MadLibSiteELB Properties: GroupDescription: Security Group for Web Tier VpcId: !Ref VPCID Tags: - Key: "Name" Value: "Web Tier SG" - Key: "ENV" Value: "Production" - Key: "App" Value: "MadLib Site" SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: 80 ToPort: 80 SourceSecurityGroupId: !Ref ELBsg ELBsg: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Security Group Web Tier ELB VpcId: !Ref VPCID Tags: - Key: "Name" Value: "ELB SG" - Key: "ENV" Value: "Production" - Key: "App" Value: "Madlib Site - Public" SecurityGroupIngress: - IpProtocol: tcp FromPort: 80 ToPort: 80 CidrIp: 0.0.0.0/0 MadLibSiteELB: Type: "AWS::ElasticLoadBalancing::LoadBalancer" DependsOn: - ELBsg Properties: CrossZone: true HealthCheck: HealthyThreshold: 2 Interval: 60 Target: HTTP:80/site/index.html Timeout: 59 UnhealthyThreshold: 10 LoadBalancerName: MadLib-Site Listeners: - InstancePort: 80 InstanceProtocol: HTTP LoadBalancerPort: 80 Protocol: HTTP Scheme: internet-facing SecurityGroups: - !Ref ELBsg Subnets: - !Ref PUBSUBA - !Ref PUBSUBB # IAM Setup CodeDeployRole: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Statement: - Effect: "Allow" Principal: Service: - 'codedeploy.amazonaws.com' Action: - 'sts:AssumeRole' Path: '/' Policies: - PolicyName: "CodeDeployRole" PolicyDocument: Statement: - Effect: "Allow" Action: ['autoscaling:CompleteLifecycleAction', 'autoscaling:DeleteLifecycleHook', 'autoscaling:DescribeAutoScalingGroups', 'autoscaling:DescribeLifecycleHooks', 'autoscaling:PutLifecycleHook', 'autoscaling:RecordLifecycleActionHeartbeat', 'autoscaling:CreateAutoScalingGroup', 'autoscaling:UpdateAutoScalingGroup', 'autoscaling:EnableMetricsCollection', 'autoscaling:DescribeAutoScalingGroups', 'autoscaling:DescribePolicies', 'autoscaling:DescribeScheduledActions', 'autoscaling:DescribeNotificationConfigurations', 'autoscaling:DescribeLifecycleHooks', 'autoscaling:SuspendProcesses', 'autoscaling:ResumeProcesses', 'autoscaling:AttachLoadBalancers', 'autoscaling:PutScalingPolicy', 'autoscaling:PutScheduledUpdateGroupAction', 'autoscaling:PutNotificationConfiguration', 'autoscaling:PutLifecycleHook', 'autoscaling:DescribeScalingActivities', 'autoscaling:DeleteAutoScalingGroup', 'ec2:DescribeInstances', 'ec2:DescribeInstanceStatus', 'ec2:TerminateInstances', 'tag:GetTags', 'tag:GetResources', 'sns:Publish', 'cloudwatch:DescribeAlarms', 'elasticloadbalancing:DescribeLoadBalancers', 'elasticloadbalancing:DescribeInstanceHealth', 'elasticloadbalancing:RegisterInstancesWithLoadBalancer', 'elasticloadbalancing:DeregisterInstancesFromLoadBalancer'] Resource: '*' AppRole: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Statement: - Effect: "Allow" Principal: Service: - 'ec2.amazonaws.com' Action: - 'sts:AssumeRole' Path: '/' Policies: - PolicyName: MabLib-App-Policy PolicyDocument: Statement: - Effect: Allow Action: ['s3:List*', 's3:Get*'] Resource: '*' # Code Deploy InstProfMadLibSite: Type: "AWS::IAM::InstanceProfile" DependsOn: - AppRole Properties: Roles: - !Ref AppRole InstanceProfileName: MadLib-AppRole MadLibsSite: Type: "AWS::CodeDeploy::Application" WebAppDeplyGroup: Type: "AWS::CodeDeploy::DeploymentGroup" DependsOn: - MadLibsSite - CodeDeployRole Properties: # AlarmConfiguration: ApplicationName: !Ref MadLibsSite DeploymentConfigName: !Ref WebAppDeplyConfig DeploymentGroupName: WebAppDeplyGroup AutoScalingGroups: - !Ref WebServersAutoScalingGroup Deployment: Description: !Sub | Deploying App ${AppNamePram} Version-${AppVerPram} IgnoreApplicationStopFailures: true Revision: RevisionType: S3 S3Location: Bucket: !Ref CodeBucketPram Key: !Ref CodeObjectKeyPram BundleType: Zip # Would Suggest you use this feature to ensure that the correct package gets deployed # ETag: !Ref CodePackageETagPram Ec2TagFilters: - Key: App Value: !Ref AppNamePram Type: "KEY_AND_VALUE" ServiceRoleArn: !GetAtt CodeDeployRole.Arn WebAppDeplyConfig: Type: "AWS::CodeDeploy::DeploymentConfig" DependsOn: - MadLibsSite Properties: DeploymentConfigName: !Ref AppNamePram MinimumHealthyHosts: Type: "FLEET_PERCENT" Value: 50 WebServersAutoScalingGroup: Type: "AWS::AutoScaling::AutoScalingGroup" DependsOn: - WebServersLaunchConfig - AppTierSG - MadLibSiteELB UpdatePolicy: AutoScalingReplacingUpdate: WillReplace: 'true' Properties: Cooldown: 60 DesiredCapacity: 2 HealthCheckGracePeriod: 60 LaunchConfigurationName: !Ref WebServersLaunchConfig LoadBalancerNames: - !Ref MadLibSiteELB MaxSize: 4 MinSize: 1 VPCZoneIdentifier: - !Ref PUBSUBA - !Ref PUBSUBB Tags: - Key: "Name" Value: "MadLib Web Tier - AutoScaled" PropagateAtLaunch: true - Key: "ENV" Value: "Prod" PropagateAtLaunch: true - Key: "App" Value: !Ref AppNamePram PropagateAtLaunch: true # AutoScaling WebServersLaunchConfig: Type: "AWS::AutoScaling::LaunchConfiguration" DependsOn: - AppTierSG - AppRole Properties: IamInstanceProfile: !Ref InstProfMadLibSite ImageId: !FindInMap [AmazonLinuxAMI, !Ref "AWS::Region", AMI] InstanceMonitoring: true InstanceType: t2.micro KeyName: !Ref KeyName SecurityGroups: - !Ref AppTierSG UserData: 'Fn::Base64': !Sub | #!/bin/bash -ex # Env Setup echo "export APITierELBDNS=${ApiElbDns}" >> ~/.bashrc echo "export SaveTierELBDNS=${SaveElbDns}" >> ~/.bashrc source ~/.bashrc # Updates & Install yum update -y yum install -y ruby wget cd /home/ec2-user wget https://aws-codedeploy-${AWS::Region}.s3.amazonaws.com/latest/install chmod +x ./install ./install auto Outputs: WebTierDNS: Description: "DNS Name for the ELB infront of the Site Tier" Value: !GetAtt MadLibSiteELB.DNSName [ec2-user@ip-10-96-10-231 ~]$ This page has been accessed for:- \\ Today: {{counter|today}} \\ Yesterday: {{counter|yesterday}} \\ Until now: {{counter|total}} \\