-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhello-webserver-stack.yml.j2
More file actions
202 lines (202 loc) · 5.69 KB
/
Copy pathhello-webserver-stack.yml.j2
File metadata and controls
202 lines (202 loc) · 5.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
AWSTemplateFormatVersion: 2010-09-09
Resources:
### VPC
HelloWebserverVpc:
Type: AWS::EC2::VPC
Properties:
Tags:
- Key: Name
Value: vpc-test-hellowebserver
CidrBlock: 10.0.0.0/16
### Subnets
HelloWebserverNwIf:
Type: AWS::EC2::Subnet
Properties:
Tags:
- Key: Name
Value: nw-test-hello-webserver-if
CidrBlock: 10.0.0.0/24
VpcId: !Ref HelloWebserverVpc
HelloWebserverNwNif:
Type: AWS::EC2::Subnet
Properties:
Tags:
- Key: Name
Value: nw-test-hello-webserver-nif
VpcId: !Ref HelloWebserverVpc
CidrBlock: 10.0.1.0/24
### Route tables
HelloWebserverRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref HelloWebserverVpc
HelloWebserverRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref HelloWebserverRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
HelloWebserverRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref HelloWebserverNwIf
RouteTableId: !Ref HelloWebserverRouteTable
### Instances
HelloWebserverEC2:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0b7fd829e7758b06d # Amazon Linux
InstanceType: t2.micro
KeyName: !Ref HelloWebserverKey
SecurityGroupIds:
- !Ref HelloWebserverSg
SubnetId: !Ref HelloWebserverNwIf
Tags:
- Key: Name
Value: srv-test-hello-webserver
DependsOn:
- HelloWebserverVpcIgAttachment
- HelloWebserverRouteTableAssociation
### Security groups
HelloWebserverSg:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for hello-webserver service on test environment
Tags:
- Key: Name
Value: sg-test-hello-webserver
VpcId: !Ref HelloWebserverVpc
SecurityGroupIngress:
- Description: Allow SSH from anywhere
IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- Description: Allow HTTP from VPC
IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !GetAtt HelloWebserverVpc.CidrBlock
### Internet gateways
InternetGateway:
Type: AWS::EC2::InternetGateway
HelloWebserverVpcIgAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref HelloWebserverVpc
InternetGatewayId: !Ref InternetGateway
### Key pairs
HelloWebserverKey:
Type: AWS::EC2::KeyPair
Properties:
KeyName: key-test-hello-webserver
PublicKeyMaterial: "{{ pub_key }}"
### Elastic IP
HelloWebserverEIP:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
HelloWebserverEIPAssociation:
Type: AWS::EC2::EIPAssociation
Properties:
InstanceId: !Ref HelloWebserverEC2
AllocationId: !GetAtt HelloWebserverEIP.AllocationId
### ELB
HelloWebserverNLB:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
DependsOn:
- HelloWebserverNwNif
Properties:
Name: nlb-test-hello-webserver
Scheme: internal
Subnets:
- !Ref HelloWebserverNwNif
Type: network
HelloWebserverNLBTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: !Ref HelloWebserverVpc
HealthCheckIntervalSeconds: 30
HealthCheckPath: /
HealthCheckProtocol: HTTP
HealthCheckTimeoutSeconds: 5
HealthyThresholdCount: 2
Port: 80
Protocol: TCP
TargetType: instance
Targets:
- Id: !Ref HelloWebserverEC2
HelloWebserverNLBListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: forward
ForwardConfig:
TargetGroups:
- TargetGroupArn: !Ref HelloWebserverNLBTargetGroup
LoadBalancerArn: !Ref HelloWebserverNLB
Port: 80
Protocol: TCP
### API Gateway
ApiGatewayRestApi:
Type: AWS::ApiGateway::RestApi
DependsOn:
- HelloWebserverEC2
- VpcLinkApi
Properties:
Name: api-test-hello-webserver
ApiGatewayResource:
Type: AWS::ApiGateway::Resource
Properties:
RestApiId: !Ref ApiGatewayRestApi
ParentId: !GetAtt ApiGatewayRestApi.RootResourceId
PathPart: hello
ApiGatewayMethod:
Type: AWS::ApiGateway::Method
Properties:
RestApiId: !Ref ApiGatewayRestApi
ResourceId: !Ref ApiGatewayResource
HttpMethod: GET
AuthorizationType: NONE
Integration:
Type: HTTP_PROXY
ConnectionType: VPC_LINK
ConnectionId: !Ref VpcLinkApi
IntegrationHttpMethod: GET
Uri: !Sub http://${HelloWebserverEC2.PrivateIp}/hello
PassthroughBehavior: WHEN_NO_MATCH
IntegrationResponses:
- StatusCode: 200
ResponseTemplates:
application/json: ""
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: "'*'"
MethodResponses:
- StatusCode: 200
ResponseModels:
application/json: Empty
ResponseParameters:
method.response.header.Access-Control-Allow-Origin: true
VpcLinkApi:
Type: AWS::ApiGateway::VpcLink
DependsOn:
- HelloWebserverNLB
Properties:
Name: api-vpc-link-hello-webserver
TargetArns:
- !Ref HelloWebserverNLB
ApiGatewayDeployment:
Type: AWS::ApiGateway::Deployment
DependsOn:
- ApiGatewayMethod
Properties:
RestApiId: !Ref ApiGatewayRestApi
StageName: test
ApiGatewayResponse:
Type: AWS::ApiGateway::GatewayResponse
Properties:
ResponseTemplates:
text/plain : "Not found"
ResponseType: DEFAULT_4XX
RestApiId: !Ref ApiGatewayRestApi
StatusCode: "404"