IaC - AWS CloudFormation example

Author: devdattakulkarni

IaC/README.txt

@@ -0,0 +1,51 @@
+Commands to test:
+------------------
+
+Create s3 bucket with the name <BUCKET_NAME>.
+You can use aws cli or web console for this step.
+
+Login to your AWS account through the web console and create a SSK key pair named "assignment4". 
+Download the .pem file (assignment4.pem) on your machine. 
+This SSH key pair will help you to login to the created VM. 
+The public key will be injected into the VM, and the private key will be 
+available on your machine (this is the .pem file).
+
+
+1) Copy files to s3 bucket:
+aws s3 cp application.py s3://<BUCKET_NAME>/application.py
+aws s3 cp requirements.txt s3://<BUCKET_NAME>/requirements.txt
+
+2) Create CF stack:
+aws cloudformation create-stack \
+  --stack-name assignment4 \
+  --template-body file://cf_template.yaml \
+  --parameters \
+    ParameterKey=KeyName,ParameterValue=assignment4 \
+    ParameterKey=S3BucketName,ParameterValue=<BUCKET_NAME> \
+    ParameterKey=EnvValue,ParameterValue="Testing CloudFormation" \
+  --capabilities CAPABILITY_NAMED_IAM
+
+3) Wait for stack creation:
+aws cloudformation wait stack-create-complete \
+  --stack-name assignment4
+
+4) Get Public IP address:
+aws cloudformation describe-stacks \
+  --stack-name assignment4 \
+  --query "Stacks[0].Outputs[?OutputKey=='PublicIP'].OutputValue" \
+  --output text
+
+5) Verify:
+curl http://<PUBLIC_IP>
+
+6) Delete stack;
+aws cloudformation delete-stack \
+  --stack-name assignment4
+
+7) Ssh into the VM:
+ssh -i assignment4.pem ubuntu@<PUBLIC_IP>
+
+8) Check logs:
+cat /var/log/cloud-init-output.log
+cat /home/ubuntu/app/app.log
+

IaC/application.py

@@ -0,0 +1,14 @@
+from flask import Flask
+import os
+
+app = Flask(__name__)
+
+@app.route("/")
+def home():
+    # Requirement 1
+    # read env var MY_ENV_VAR
+    # return its value
+    return ""
+
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=80)

IaC/cf_template.yaml

@@ -0,0 +1,91 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: EC2 with Flask app pulling code from S3
+
+Parameters:
+  InstanceType:
+    Type: String
+    Default: t3.micro
+
+  KeyName:
+    Type: AWS::EC2::KeyPair::KeyName
+    Description: SSH Key
+
+# Requirement 2.1
+#
+# Requirement 2.2
+
+Resources:
+
+  EC2Role:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service: ec2.amazonaws.com
+            Action: sts:AssumeRole
+
+      Policies:
+        - PolicyName: S3ReadAccess
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              - Effect: Allow
+                Action:
+                  - s3:GetObject
+                Resource: !Sub arn:aws:s3:::${S3BucketName}/*
+
+  InstanceProfile:
+    Type: AWS::IAM::InstanceProfile
+    Properties:
+      Roles:
+        - !Ref EC2Role
+
+  SecurityGroup:
+    Type: AWS::EC2::SecurityGroup
+    Properties:
+      GroupDescription: Allow HTTP + SSH
+      SecurityGroupIngress:
+        - IpProtocol: tcp
+          FromPort: 22
+          ToPort: 22
+          CidrIp: 0.0.0.0/0 
+      # Requirement 2.3
+
+  EC2Instance:
+    Type: AWS::EC2::Instance
+    Properties:
+      InstanceType: !Ref InstanceType
+      KeyName: !Ref KeyName
+
+      # Requirement 2.4
+      ImageId: ""  # Ubuntu 22.04 (update for us-west-2 region)
+
+      IamInstanceProfile: !Ref InstanceProfile
+      SecurityGroupIds:
+        - !Ref SecurityGroup
+
+      UserData:
+        Fn::Base64: !Sub |
+          #!/bin/bash
+          apt update -y
+          apt install -y python3 python3-pip awscli
+
+          # Requirement 2.5.1
+
+          # Requirement 2.5.2
+
+          # Requirement 2.5.3
+
+          # Set environment variable
+          # Requirement 2.5.4
+
+          # Run app
+          nohup python3 application.py > app.log 2>&1 &
+
+Outputs:
+  PublicIP:
+    Description: Access the Flask app
+    Value: !GetAtt EC2Instance.PublicIp

IaC/requirements.txt

@@ -0,0 +1 @@
+flask