GithubAnsibleURL = "https://github.com/{}/ansible".format(GithubAccount)
AnsiblePullCmd = \
"/usr/local/bin/ansible-pull -U {} {}.yml -i localhost".format(
GithubAnsibleURL,
ApplicationName
)
PublicCidrIp = str(ip_network(get_ip()))
t = Template()
t.add_parameter(
Parameter(
"KeyPair",
Description="Name of an existing EC2 KeyPair to SSH",
Type="AWS::EC2::KeyPair::KeyName",
ConstraintDescription="must be the name of an existing EC2 KeyPair.",
))
t.add_parameter(Parameter("VpcId", Type="AWS::EC2::VPC::Id",
Description="VPC"))
t.add_parameter(
Parameter("PublicSubnet",
Description="PublicSubnet",
Type="List<AWS::EC2::Subnet::Id>",
ConstraintDescription="PublicSubnet"))
t.add_resource(
ec2.SecurityGroup(
"SecurityGroup",
Instance('TestEC2Instance',
ImageId='ami-0bea7fd38fabe821a',
InstanceType='t2.micro',
NetworkInterfaces=[
NetworkInterfaceProperty(
GroupSet=[Ref(instanceSecurityGroup)],
AssociatePublicIpAddress='true',
DeviceIndex='0',
DeleteOnTermination='true',
SubnetId=Ref(subnet))
]))
dbUser = t.add_parameter(
Parameter("DBUser",
Type='String',
MinLength='1',
MaxLength='16',
AllowedPattern='[a-zA-Z][a-zA-Z0-9]*'))
dbPassword = t.add_parameter(
Parameter("DBPassword",
Type='String',
MinLength='1',
MaxLength='41',
AllowedPattern='[a-zA-Z09]*'))
dbSubnetGroup = t.add_resource(
DBSubnetGroup("MyDBSubnetGroup",
DBSubnetGroupDescription='Available Subnets',
SubnetIds=[Ref(subnet), Ref(subnetDB)]))
from troposphere.autoscaling import LaunchConfiguration
from troposphere.elasticloadbalancing import LoadBalancer
from troposphere.policies import (AutoScalingReplacingUpdate,
AutoScalingRollingUpdate, UpdatePolicy)
import troposphere.ec2 as ec2
import troposphere.elasticloadbalancing as elb
t = Template()
t.add_description("""\
Configures autoscaling group for api app""")
SecurityGroup = t.add_parameter(
Parameter(
"SecurityGroup",
Type="String",
Description="Security group for api instances.",
))
DeployBucket = t.add_parameter(
Parameter(
"DeployBucket",
Type="String",
Description="The S3 bucket with the cloudformation scripts.",
))
SSLCertificateId = t.add_parameter(
Parameter(
"SSLCertificateId",
Type="String",
Description="SSL certificate for load balancer.",
# now the work begins
t = Template()
t.add_version("2010-09-09")
t.add_description("""\
CloudFormation template to Deploy Hortonworks Data Platform on VPC with a public subnet"""
)
## Parameters
InstanceType = t.add_parameter(
Parameter(
"InstanceType",
Default="i2.4xlarge",
ConstraintDescription="Must be a valid EC2 instance type.",
Type="String",
Description="Instance type for all hosts",
))
WorkerInstanceCount = t.add_parameter(
Parameter(
"WorkerInstanceCount",
Default="3",
Type="Number",
MaxValue="99",
MinValue="1",
Description="Number of Worker instances",
))
JavaProvider = t.add_parameter(
)
from troposphere.policies import (
AutoScalingReplacingUpdate, AutoScalingRollingUpdate, UpdatePolicy
)
from troposphere.cloudwatch import Alarm, MetricDimension
t = Template()
# Take an existing VPC and a subnet having access to an S3 endpoint
# Existing VPC input
VPCIDParam = t.add_parameter(Parameter(
"VPCID",
Description="The VPC ID you wish to deploy in",
Type="AWS::EC2::VPC::Id",
))
# Subnet with S3 endpoint
SubnetsWithS3EndpointParam = t.add_parameter(Parameter(
"SubnetsWithS3Endpoint",
Description="The private subnets with a configured S3 VPC endpoint. Recommended to be spread across multiple AZ's.",
Type="List<AWS::EC2::Subnet::Id>",
))
# Key pair for autoscaling NAT instances
KeyPairNameParam = t.add_parameter(Parameter(
"KeyPairName",
Description="Name of an existing EC2 KeyPair to enable SSH access to the instances",
Type="AWS::EC2::KeyPair::KeyName",
#!/usr/bin/python
from troposphere import Template, Ref, Output, Join, GetAtt, Parameter
from troposphere.dynamodb import Key, AttributeDefinition, ProvisionedThroughput, Projection
from troposphere.dynamodb import Table, GlobalSecondaryIndex
template = Template()
template.add_description("Create a dynamodb table with a global secondary index")
#N.B. If you remove the provisioning section this works for LocalSecondaryIndexes aswell.
readunits = template.add_parameter(Parameter(
"ReadCapacityUnits",
Description="Provisioned read throughput",
Type="Number",
Default="10",
MinValue="5",
MaxValue="10000",
ConstraintDescription="should be between 5 and 10000"
))
writeunits = template.add_parameter(Parameter(
"WriteCapacityUnits",
Description="Provisioned write throughput",
Type="Number",
Default="5",
MinValue="5",
MaxValue="10000",
ConstraintDescription="should be between 5 and 10000"
))
elasticloadbalancing)
from troposphere.autoscaling import LaunchConfiguration, AutoScalingGroup
from troposphere.route53 import RecordSetType
from troposphere.policies import AutoScalingRollingUpdate, UpdatePolicy
COMPONENT_NAME = "sample-app-python"
HEALTH_CHECK_TARGET = "HTTP:7080/status"
t = Template()
t.add_version()
t.add_description("Stack to run the sample python application within.")
image_id = t.add_parameter(
Parameter("ImageId",
Description=(
"The AMI used by this component, defaults to base centos 7"),
Default="ami-9398d3e0",
Type="AWS::EC2::Image::Id"))
min_size = t.add_parameter(
Parameter("MinSize",
Description="Minimum number of instances to spin-up",
Type="String",
Default="2"))
max_size = t.add_parameter(
Parameter("MaxSize",
Description="Maximum number of instances to spin-up",
Type="String",
Default="2"))
# Object that will generate the template
t = Template()
#### Define AWS Environment ####
ImageID = "ami-024fe7d8b3a587508"
ref_stack_id = Ref('AWS::StackId')
ref_stack_name = Ref('AWS::StackName')
#### Parameters ####
# SSH Key parameter
ssh_keyname_param = t.add_parameter(
Parameter("cpSSHKey",
Description="Name of an existing EC2 SSH KeyPair",
Type="AWS::EC2::KeyPair::KeyName"))
#### Resources ####
# Define VPC 10.0.0.0/16
VPC = t.add_resource(
VPC('cpVPC',
CidrBlock='10.0.0.0/16',
EnableDnsSupport='true',
EnableDnsHostnames='true',
Tags=Tags(Application=ref_stack_id)))
# Define public Subnet 10.0.0.0/24
# !!! it's a subnet with a route table that has a route to a InternetGateway !!!
publicSubnet = t.add_resource(
# ------------------------------------------------------------------------------
# Top Level Data
# ------------------------------------------------------------------------------
description = ("This is the FAUST Nextflow Amazon Web Services(AWS) cloud"
" formation script. It will create all the AWS infrastructure"
" required for running the FAUST Nextflow script.")
# ------------------------------------------------------------------------------
# Parameters
# ------------------------------------------------------------------------------
# General
cloud_resource_name_parameter = Parameter(
title="CloudResourceName",
Default="faust-nextflow",
Description=("The name to use for all"
" aws resources creatd."),
Type="String",
MinLength=1,
MaxLength=40,
AllowedPattern="^[a-zA-Z0-9-_]*$")
# Batch - Compute Environment
batch_compute_environment_min_vcpu_parameter = Parameter(
title="BatchComputeEnvironmentMinVCPU",
Default=0,
Description=("The number of minimum vcpus"
" that AWS Batch will ALWAYS"
" be running. If this is"
" greater than 0 it will reduce"
" runtime by always having"
" these CPUs available."
from troposphere import Base64, Join, Output, GetAtt, Tags
from troposphere import Parameter, Ref, Template
from troposphere import cloudformation
import troposphere.ec2 as ec2
t = Template()
t.set_description("Configures an EC2 instance using cfn-init configsets")
key_name = t.add_parameter(
Parameter(
'KeyName',
Type='AWS::EC2::KeyPair::KeyName',
Description='Name of an existing EC2 KeyPair to enable SSH access'))
ami_id = t.add_parameter(
Parameter('AmiId', Type='String', Default='ami-98aa1cf0'))
security_group = t.add_resource(
ec2.SecurityGroup('SecurityGroup',
GroupDescription='Allows SSH access from anywhere',
SecurityGroupIngress=[
ec2.SecurityGroupRule(IpProtocol='tcp',
FromPort=22,
ToPort=22,
CidrIp='0.0.0.0/0')
],
Tags=Tags(Name='ops.cfninit-sg')))
ec2_instance = t.add_resource(
ec2.Instance(
def create_pipeline_template(config) -> Template:
t = Template()
github_token = t.add_parameter(Parameter("GithubToken", Type="String"))
github_owner = t.add_parameter(
Parameter("GitHubOwner",
Type='String',
Default='aiengines',
AllowedPattern="[A-Za-z0-9-_]+"))
github_repo = t.add_parameter(
Parameter("GitHubRepo",
Type='String',
Default='codebuild_pipeline_skeleton',
AllowedPattern="[A-Za-z0-9-_]+"))
github_branch = t.add_parameter(
Parameter("GitHubBranch",
Type='String',
Default='master',
AllowedPattern="[A-Za-z0-9-_]+"))
artifact_store_s3_bucket = t.add_resource(Bucket("S3Bucket", ))
cloudformationrole = t.add_resource(
Role("CloudformationRole",
AssumeRolePolicyDocument=PolicyDocument(
Version="2012-10-17",
Statement=[
Statement(
Effect=Allow,
Action=[AssumeRole],
Principal=Principal("Service",
["cloudformation.amazonaws.com"]))
]),
ManagedPolicyArns=['arn:aws:iam::aws:policy/AdministratorAccess'
]))
codepipelinerole = t.add_resource(
Role("CodePipelineRole",
AssumeRolePolicyDocument=PolicyDocument(Statement=[
Statement(Effect=Allow,
Action=[AssumeRole],
Principal=Principal("Service",
["codepipeline.amazonaws.com"]))
]),
ManagedPolicyArns=['arn:aws:iam::aws:policy/AdministratorAccess'
]))
codebuild_project = t.add_resource(create_codebuild_project(t))
pipeline = t.add_resource(
Pipeline(
"CDPipeline",
ArtifactStore=ArtifactStore(
Type="S3", Location=Ref(artifact_store_s3_bucket)),
# DisableInboundStageTransitions = [
# DisableInboundStageTransitions(
# StageName = "Release",
# Reason = "Disabling the transition until "
# "integration tests are completed"
# )
# ],
RestartExecutionOnUpdate=True,
RoleArn=codepipelinerole.GetAtt('Arn'),
Stages=[
Stages(Name="Source",
Actions=[
Actions(Name="SourceAction",
ActionTypeId=ActionTypeId(
Category="Source",
Owner="ThirdParty",
Provider="GitHub",
Version="1",
),
OutputArtifacts=[
OutputArtifacts(Name="GitHubSourceCode")
],
Configuration={
'Owner': Ref(github_owner),
'Repo': Ref(github_repo),
'Branch': Ref(github_branch),
'PollForSourceChanges': False,
'OAuthToken': Ref(github_token)
},
RunOrder="1")
]),
Stages(Name="Build",
Actions=[
Actions(Name="BuildAction",
ActionTypeId=ActionTypeId(
Category="Build",
Owner="AWS",
Provider="CodeBuild",
Version="1"),
InputArtifacts=[
InputArtifacts(Name="GitHubSourceCode")
],
OutputArtifacts=[
OutputArtifacts(Name="BuildArtifacts")
],
Configuration={
'ProjectName': Ref(codebuild_project),
},
RunOrder="1")
]),
],
))
t.add_resource(
Webhook("GitHubWebHook",
Authentication='GITHUB_HMAC',
AuthenticationConfiguration=WebhookAuthConfiguration(
SecretToken=Ref(github_token)),
Filters=[
WebhookFilterRule(JsonPath='$.ref',
MatchEquals='refs/heads/{Branch}')
],
TargetPipeline=Ref(pipeline),
TargetAction='Source',
TargetPipelineVersion=pipeline.GetAtt('Version')))
return t
"""Generating CloudFormation template."""
from troposphere import (Export, Join, Output, Parameter, Ref, Template)
from troposphere.ecr import Repository
t = Template()
t.add_description("ECR Repository")
t.add_parameter(
Parameter("RepoName",
Type="String",
Description="Name of the ECR repository to create"))
t.add_resource(Repository("Repository", RepositoryName=Ref("RepoName")))
t.add_output(
Output(
"Repository",
Description="ECR repository",
Value=Ref("RepoName"),
Export=Export(Join("-", [Ref("RepoName"), "repo"])),
))
print(t.to_json())
def main(args):
t = Template()
# [0 shared_dir, 1 efs_fs_id, 2 performance_mode, 3 efs_kms_key_id,
# 4 provisioned_throughput, 5 encrypted, 6 throughput_mode, 7 exists_valid_mt]
efs_options = t.add_parameter(
Parameter(
"EFSOptions",
Type="CommaDelimitedList",
Description="Comma separated list of efs related options, " "8 parameters in total",
)
)
compute_security_group = t.add_parameter(
Parameter("ComputeSecurityGroup", Type="String", Description="SecurityGroup for Mount Target")
)
subnet_id = t.add_parameter(Parameter("SubnetId", Type="String", Description="SubnetId for Mount Target"))
create_efs = t.add_condition(
"CreateEFS",
And(Not(Equals(Select(str(0), Ref(efs_options)), "NONE")), Equals(Select(str(1), Ref(efs_options)), "NONE")),
)
create_mt = t.add_condition(
"CreateMT",
And(Not(Equals(Select(str(0), Ref(efs_options)), "NONE")), Equals(Select(str(7), Ref(efs_options)), "NONE")),
)
use_performance_mode = t.add_condition("UsePerformanceMode", Not(Equals(Select(str(2), Ref(efs_options)), "NONE")))
use_efs_encryption = t.add_condition("UseEFSEncryption", Equals(Select(str(5), Ref(efs_options)), "true"))
use_efs_kms_key = t.add_condition(
"UseEFSKMSKey", And(Condition(use_efs_encryption), Not(Equals(Select(str(3), Ref(efs_options)), "NONE")))
)
use_throughput_mode = t.add_condition("UseThroughputMode", Not(Equals(Select(str(6), Ref(efs_options)), "NONE")))
use_provisioned = t.add_condition("UseProvisioned", Equals(Select(str(6), Ref(efs_options)), "provisioned"))
use_provisioned_throughput = t.add_condition(
"UseProvisionedThroughput",
And(Condition(use_provisioned), Not(Equals(Select(str(4), Ref(efs_options)), "NONE"))),
)
fs = t.add_resource(
FileSystem(
"EFSFS",
PerformanceMode=If(use_performance_mode, Select(str(2), Ref(efs_options)), NoValue),
ProvisionedThroughputInMibps=If(use_provisioned_throughput, Select(str(4), Ref(efs_options)), NoValue),
ThroughputMode=If(use_throughput_mode, Select(str(6), Ref(efs_options)), NoValue),
Encrypted=If(use_efs_encryption, Select(str(5), Ref(efs_options)), NoValue),
KmsKeyId=If(use_efs_kms_key, Select(str(3), Ref(efs_options)), NoValue),
Condition=create_efs,
)
)
t.add_resource(
MountTarget(
"EFSMT",
FileSystemId=If(create_efs, Ref(fs), Select(str(1), Ref(efs_options))),
SecurityGroups=[Ref(compute_security_group)],
SubnetId=Ref(subnet_id),
Condition=create_mt,
)
)
t.add_output(
Output(
"FileSystemId",
Description="ID of the FileSystem",
Value=If(create_efs, Ref(fs), Select("1", Ref(efs_options))),
)
)
# Specify output file path
json_file_path = args.target_path
output_file = open(json_file_path, "w")
output_file.write(t.to_json())
output_file.close()
from troposphere import Template, Parameter, Sub, Ref, Base64
import troposphere.ec2 as ec2
t = Template()
p_environment = t.add_parameter(Parameter('Environment', Type='String'))
with open("userdata.sh", "r") as f:
t_userdata = f.read()
t.add_resource(ec2.Instance(
'Ec2Instance',
ImageId='ami-16fd7026',
InstanceType='t3.nano',
KeyName='mykey',
UserData=Base64(Sub(
t_userdata,
MyVar=Ref(p_environment)
))
))
print(t.to_yaml(clean_up=True))
def test_parameter(self):
t = Template()
p = Parameter("MyParameter", Type="String")
t.add_parameter(p)
with self.assertRaises(ValueError):
t.add_parameter(p)
def add_parameters(self):
t = self.template
self.vpcIdParam = t.add_parameter(
Parameter(
"vpcId",
Type="String",
Description="The VPC ID.",
))
self.keyPairParam = t.add_parameter(
Parameter(
"keyPair",
Type="AWS::EC2::KeyPair::KeyName",
Description=
"Name of an existing EC2 KeyPair to enable SSH access to the instances.",
))
self.ownerNameParam = t.add_parameter(
Parameter('ownerName', Type='String'))
self.ownerEmailParam = t.add_parameter(
Parameter('ownerEmail', Type='String'))
self.dbMultiAzParam = t.add_parameter(
Parameter(
"dbMultiAz",
Default='false',
Type="String",
Description="The WordPress database admin account password",
AllowedValues=['true', 'false'],
ConstraintDescription="Must be either ture or false."))
self.dbNameParam = t.add_parameter(
Parameter(
"dbName",
Type="String",
Default="wordpressdb",
Description="The WordPress database name",
MinLength=1,
MaxLength=64,
AllowedPattern="[a-zA-Z][a-zA-Z0-9]*",
ConstraintDescription=
"Must begin with a letter and contain only alphanumeric characters."
))
self.dbUserParam = t.add_parameter(
Parameter(
"dbUser",
Type="String",
Description="The WordPress database admin account username",
MinLength=1,
MaxLength=16,
AllowedPattern="[a-zA-Z][a-zA-Z0-9]*",
ConstraintDescription=
"Must begin with a letter and contain only alphanumeric characters."
))
self.dbPasswordParam = t.add_parameter(
Parameter(
"dbPassword",
NoEcho=True,
Type="String",
Description="The WordPress database admin account password",
MinLength=6,
AllowedPattern="[a-zA-Z0-9]*",
ConstraintDescription=
"Must only contain alphanumeric characters."))
self.dbStorageParam = t.add_parameter(
Parameter("dbStorage",
NoEcho=True,
Type="Number",
Description="The size of the WordPress database in Gb.",
Default='5',
MinValue='5',
MaxValue='1024'))
self.vpnSgIdParam = t.add_parameter(
Parameter("vpnSgId",
Type="String",
Description="The ID of the VPN security group."))
def test_ref(self):
param = Parameter("param", Description="description", Type="String")
t = Ref(param)
ref = t.to_dict()
self.assertEqual(ref['Ref'], 'param')
def test_network_port_ref(self):
p = Parameter('myport')
network_port(Ref(p))
from troposphere import Parameter, Ref, Template, Tags
import troposphere.iam as iam
import troposphere.emr as emr
template = Template()
template.add_description(
"Sample CloudFormation template for creating an EMR cluster")
keyname = template.add_parameter(
Parameter("KeyName",
Description="Name of an existing EC2 KeyPair to enable SSH "
"to the instances",
Type="AWS::EC2::KeyPair::KeyName"))
subnet = template.add_parameter(
Parameter("Subnet",
Description="Subnet ID for creating the EMR cluster",
Type="AWS::EC2::Subnet::Id"))
service_access_sg = template.add_parameter(
Parameter("ServiceAccessSecurityGroup",
Description="Security Group providing service access to EMR",
Type="AWS::EC2::SecurityGroup::Id"))
managed_master_sg = template.add_parameter(
Parameter(
"ManagedMasterSecurityGroup",
Description="Security Group (managed by EMR) for master instances",
Type="AWS::EC2::SecurityGroup::Id"))
managed_slave_sq = template.add_parameter(
def main():
template = Template()
template.add_version("2010-09-09")
template.set_description("AWS CloudFormation ECS Service")
# Add the Parameters
Application = template.add_parameter(
Parameter(
"Application",
Type="String",
))
DockerImage = template.add_parameter(
Parameter(
"DockerImage",
Type="String",
))
ClusterName = template.add_parameter(
Parameter(
"ClusterName",
Type="String",
))
ContainerPort = template.add_parameter(
Parameter(
"ContainerPort",
Type="String",
))
HostPort = template.add_parameter(Parameter(
"HostPort",
Type="String",
))
HostedZoneName = template.add_parameter(
Parameter(
"HostedZoneName",
Type="String",
))
CertArn = template.add_parameter(Parameter(
"CertArn",
Type="String",
))
ExecutionRoleArn = template.add_parameter(
Parameter("ExecutionRoleArn",
Type="String",
Description="Execution Role to get creadentials from ssm"))
HealthCheckPath = template.add_parameter(
Parameter(
"HealthCheckPath",
Type="String",
))
HealthCheckIntervalSeconds = template.add_parameter(
Parameter(
"HealthCheckIntervalSeconds",
Type="String",
))
HealthyThresholdCount = template.add_parameter(
Parameter(
"HealthyThresholdCount",
Type="String",
))
HealthCheckTimeoutSeconds = template.add_parameter(
Parameter(
"HealthCheckTimeoutSeconds",
Type="String",
))
UnhealthyThresholdCount = template.add_parameter(
Parameter(
"UnhealthyThresholdCount",
Type="String",
))
VpcId = template.add_parameter(Parameter(
"VpcId",
Type="String",
))
Subnets = template.add_parameter(
Parameter(
"Subnets",
Type="List<AWS::EC2::Subnet::Id>",
))
PrivateSubnets = template.add_parameter(
Parameter(
"PrivateSubnets",
Type="List<AWS::EC2::Subnet::Id>",
))
# Add the application ELB
NetworkLB = template.add_resource(
elb.LoadBalancer("NetworkLB",
Name=Join("", [Ref(Application), "-nlb"]),
Scheme="internet-facing",
Subnets=Ref(Subnets),
Type='network'))
NlbTargetGroup = template.add_resource(
elb.TargetGroup(
"NlbTargetGroup",
Name='ecs-fargate-service-targetgroup',
HealthCheckIntervalSeconds=Ref(HealthCheckIntervalSeconds),
HealthCheckProtocol="TCP",
HealthyThresholdCount=Ref(HealthyThresholdCount),
Port=80,
Protocol="TCP",
TargetType="ip",
UnhealthyThresholdCount=Ref(UnhealthyThresholdCount),
VpcId=Ref(VpcId)))
NlbListener = template.add_resource(
elb.Listener(
"Listener",
DependsOn=["NlbTargetGroup", "NetworkLB"],
Certificates=[elb.Certificate(CertificateArn=Ref(CertArn))],
Port="443",
Protocol="TLS",
LoadBalancerArn=Ref(NetworkLB),
DefaultActions=[
elb.Action(Type="forward", TargetGroupArn=Ref(NlbTargetGroup))
]))
Task_Definition = template.add_resource(
TaskDefinition(
'TaskDefinition',
Memory='512',
Cpu='256',
RequiresCompatibilities=['FARGATE'],
NetworkMode='awsvpc',
ExecutionRoleArn=Ref(ExecutionRoleArn),
ContainerDefinitions=[
ContainerDefinition(
Name=Join("", [Ref(Application)]),
Image=Ref(DockerImage),
Essential=True,
Environment=[Environment(Name="MY_ENV_VAR", Value="true")],
DockerLabels={
'aws-account': Ref("AWS::AccountId"),
'region': Ref("AWS::Region"),
'stack': Ref("AWS::StackName")
},
PortMappings=[
PortMapping(ContainerPort=Ref(ContainerPort))
])
]))
AwsVpcSg = template.add_resource(
ec2.SecurityGroup('SecurityGroup',
GroupDescription='Security Group',
SecurityGroupIngress=[
ec2.SecurityGroupRule(IpProtocol='-1',
CidrIp='10.0.0.0/8')
],
SecurityGroupEgress=[
ec2.SecurityGroupRule(IpProtocol="-1",
CidrIp="0.0.0.0/0")
],
VpcId=Ref(VpcId)))
app_service = template.add_resource(
Service("AppService",
DependsOn=["Listener", "TaskDefinition"],
Cluster=Ref(ClusterName),
LaunchType='FARGATE',
DesiredCount=1,
TaskDefinition=Ref(Task_Definition),
ServiceName=Join("", [Ref(Application), "-ecs-service"]),
LoadBalancers=[
ecs.LoadBalancer(ContainerName=Join(
"", [Ref(Application)]),
ContainerPort=Ref(ContainerPort),
TargetGroupArn=Ref(NlbTargetGroup))
],
NetworkConfiguration=NetworkConfiguration(
AwsvpcConfiguration=AwsvpcConfiguration(
Subnets=Ref(PrivateSubnets),
SecurityGroups=[Ref(AwsVpcSg)]))))
AppDNSRecord = template.add_resource(
RecordSetType(
"AppDNSRecord",
DependsOn=["AppService"],
HostedZoneName=Join("", [Ref(HostedZoneName), "."]),
Name=Join("", [Ref(Application), ".",
Ref(HostedZoneName), "."]),
Type="CNAME",
TTL="900",
ResourceRecords=[GetAtt(NetworkLB, "DNSName")]))
template.add_output(
Output("URL",
Description="DomainName",
Value=Join("", ["https://", Ref(AppDNSRecord)])))
with open("ecs-fargate-service-cf.yaml", "w") as yamlout:
yamlout.write(template.to_yaml())
import sys
params = {
'AmiId': 'AMI Id',
'InstanceName': 'Name tag of the instance',
'SecurityGroup': 'Security Group',
'KeyName': 'SSH Key Name',
'InstanceType': 'Instance Type',
'SubnetA': 'Subnet A',
}
t = Template()
for p in params.keys():
vars()[p] = t.add_parameter(
Parameter(p, Type="String", Description=params[p]))
for n in range(int(sys.argv[1])):
if n == 0:
name = 'master'
else:
name = 'slave_{0}'.format(n)
t.add_resource(
ec2.Instance(
"Ec2Instance{0}".format(n),
ImageId=Ref(AmiId),
InstanceType=Ref(InstanceType),
KeyName=Ref(KeyName),
SecurityGroupIds=Split(',', Ref(SecurityGroup)),
SubnetId=Ref(SubnetA),
Tags=Tags(Name=Join('', [Ref(InstanceName), name])),
def test_noproperty(self):
t = Parameter("MyParameter", Type="String")
d = t.to_dict()
with self.assertRaises(KeyError):
d['Properties']
from troposphere.constants import NUMBER
from troposphere import Output, Parameter, Ref, Template, GetAtt
from troposphere import Join
import troposphere.kinesis as kinesis
from troposphere.sqs import Queue, QueuePolicy
from troposphere.awslambda import Function, Code, MEMORY_VALUES, EventSourceMapping
from troposphere.iam import Role, Policy, PolicyType
template = Template()
template.add_description("AWS CloudFormation Template: "
"Kinesis Stream + Lambda + SQS.")
s3_bucket = template.add_parameter(
Parameter(
"CodeS3Bucket", Description="Name of code bucket", Type="String"))
s3_key = template.add_parameter(
Parameter("CodeS3Key", Description="Name of code zip file", Type="String"))
s3_object_version_id = template.add_parameter(
Parameter(
"CodeS3ObjectVersionID",
Description="Version ID of zip file",
Type="String"))
memory_size = template.add_parameter(
Parameter(
'LambdaMemorySize',
Type=NUMBER,
Description='Amount of memory to allocate to the Lambda Function',
def test_invalid_parameter_property_in_template(self):
t = Template()
p = Parameter("BasicNumber", Type="Number", AllowedPattern=".*")
t.add_parameter(p)
with self.assertRaises(ValueError):
t.to_json()
"my.custom.master.value")
],
)),
)
]
return rules
template = Template()
template.set_description(
"Sample CloudFormation template for creating an EMR cluster")
keyname = template.add_parameter(
Parameter(
"KeyName",
Description="Name of an existing EC2 KeyPair to enable SSH "
"to the instances",
Type=KEY_PAIR_NAME,
))
subnet = template.add_parameter(
Parameter("Subnet",
Description="Subnet ID for creating the EMR cluster",
Type=SUBNET_ID))
spot = template.add_parameter(
Parameter(
"SpotPrice",
Description="Spot price (or use 0 for 'on demand' instance)",
Type=NUMBER,
Default="0.1",
))
def test_get_or_add_adds(self):
t = Template()
p = Parameter("param", Type="String", Default="foo")
result = t.get_or_add_parameter(p)
self.assertEquals(t.parameters["param"], p)
self.assertEquals(result, p)
ec2.SecurityGroupRule(IpProtocol="tcp",
FromPort="80",
ToPort="80",
CidrIp="0.0.0.0/0"),
ec2.SecurityGroupRule(IpProtocol="tcp",
FromPort="443",
ToPort="443",
CidrIp="0.0.0.0/0"),
]
t.add_resource(sg)
keypair = t.add_parameter(
Parameter(
"KeyName",
Description=
"Name of the SSH key pair that will be used to access the instance",
Type="String"))
instance = ec2.Instance("Webserver")
instance.ImageId = "ami-f90a4880"
instance.InstanceType = "t2.micro"
instance.SecurityGroups = [Ref(sg)]
instance.KeyName = Ref(keypair)
ud = Base64(
Join("\n", [
"#!/bin/bash", "sudo apt-get update", "sudo apt-get upgrade -y",
"sudo apt-get install -y python-minimal", "sudo reboot"
]))
instance.UserData = ud
def test_property_default(self):
p = Parameter("param", Type="String", Default="foo")
p.validate()
p = Parameter("param", Type="Number", Default=1)
p.validate()
p = Parameter("param", Type="Number", Default=1.0)
p.validate()
p = Parameter("param", Type="Number", Default=0.1)
p.validate()
p = Parameter("param", Type="List<Number>", Default="1, 2, 3")
p.validate()
p = Parameter("param", Type="List<Number>", Default=" 0.1 , 2 , 1.1 ")
p.validate()
with self.assertRaises(ValueError):
p = Parameter("param", Type="String", Default=1)
p.validate()
with self.assertRaises(ValueError):
p = Parameter("param", Type="Number", Default="foo")
p.validate()
with self.assertRaises(TypeError):
p = Parameter("param", Type="Number", Default=["foo"])
p.validate()
with self.assertRaises(ValueError):
p = Parameter("param", Type="List<Number>", Default="foo")
p.validate()
with self.assertRaises(ValueError):
p = Parameter("param", Type="List<Number>", Default="1, 2, foo")
p.validate()
with self.assertRaises(TypeError):
p = Parameter("param", Type="List<Number>", Default=["1", "2"])
p.validate()
GithubAnsibleURL = "https://github.com/{}/devops-with-aws-ansible".format(
GithubAccount)
AnsiblePullCmd = \
"/usr/local/bin/ansible-pull -U {} {}.yml -i localhost".format(
GithubAnsibleURL,
ApplicationName
)
t = Template()
t.add_description("Effectice DevOps in AWS: HelloWorld web application")
t.add_parameter(
Parameter(
"KeyPair",
Description="Name of an existing EC2 KeyPair to SSH",
Type="AWS::EC2::KeyPair::KeyName",
ConstraintDescription="must be the name of an existing EC2 KeyPair",
))
t.add_resource(
ec2.SecurityGroup(
"SecurityGroup",
GroupDescription="Allow SSH and TCP/{} access".format(ApplicationPort),
SecurityGroupIngress=[
ec2.SecurityGroupRule(
IpProtocol="tcp",
FromPort="22",
ToPort="22",
CidrIp=PublicCidrIp,
),
ec2.SecurityGroupRule(
IpProtocol="tcp",
GithubAccount = "herculan0"
GithubAnsibleURL = "https://github.com/{}/ansible".format(GithubAccount)
AnsiblePullCmd = \
"/usr/local/bin/ansible-pull -U {} {}.yml -i localhost".format(
GithubAnsibleURL,
ApplicationName)
t = Template()
t.set_description("DevOps in AWS - HelloWorld application")
t.add_parameter(
Parameter(
"KeyPair",
Description="herculano_devops",
Type="AWS::EC2::KeyPair::KeyName",
ConstraintDescription="herculano_devops",
))
t.add_resource(
ec2.SecurityGroup(
"SecurityGroup",
GroupDescription="Allow SSH and TCP/ {} access".format(port),
SecurityGroupIngress=[
ec2.SecurityGroupRule(IpProtocol="tcp",
FromPort="22",
ToPort="22",
CidrIp=PublicCidr),
ec2.SecurityGroupRule(IpProtocol="tcp",
FromPort=port,
ToPort=port,
