コード例 #1
0
ファイル: base.py プロジェクト: DualSpark/stacker
 def setup_parameters(self):
     t = self.template
     parameters = getattr(self, 'PARAMETERS')
     if not parameters:
         logger.debug("No parameters defined.")
         return
     for param, attrs in parameters.items():
         p = Parameter(param,
                       Type=attrs.get('type'),
                       Description=attrs.get('description', ''))
         if 'default' in attrs:
             p.Default = attrs['default']
         t.add_parameter(p)
コード例 #2
0
ファイル: base.py プロジェクト: jameszh/stacker
    def setup_parameters(self):
        t = self.template
        # First look for CF_PARAMETERS, then fall back to regular PARAMETERS
        # for backwards compatibility.
        parameters = getattr(self, 'CF_PARAMETERS',
                             getattr(self, 'PARAMETERS', {}))

        if not parameters:
            logger.debug("No parameters defined.")
            return

        for param, attrs in parameters.items():
            p = Parameter(param,
                          Type=attrs.get('type'),
                          Description=attrs.get('description', ''))
            if 'default' in attrs:
                p.Default = attrs['default']
            t.add_parameter(p)
コード例 #3
0
    def set_up_stack(self):
        super(Application, self).set_up_stack()

        self.default_tags = self.get_input('Tags').copy()
        self.region = self.get_input('Region')

        self.add_description('Application server stack for MMW')

        # Parameters
        self.color = self.add_parameter(
            Parameter('StackColor',
                      Type='String',
                      Description='Stack color',
                      AllowedValues=['Blue', 'Green']), 'StackColor')

        self.keyname = self.add_parameter(
            Parameter('KeyName',
                      Type='String',
                      Description='Name of an existing EC2 key pair'),
            'KeyName')

        self.availability_zones = self.add_parameter(
            Parameter(
                'AvailabilityZones',
                Type='CommaDelimitedList',
                Description='Comma delimited list of availability zones'),
            'AvailabilityZones')

        self.rds_password = self.add_parameter(
            Parameter(
                'RDSPassword',
                Type='String',
                NoEcho=True,
                Description='Database password',
            ), 'RDSPassword')

        self.app_server_instance_type = self.add_parameter(
            Parameter(
                'AppServerInstanceType',
                Type='String',
                Default='t2.small',
                Description='Application server EC2 instance type',
                AllowedValues=EC2_INSTANCE_TYPES,
                ConstraintDescription='must be a valid EC2 instance type.'),
            'AppServerInstanceType')

        self.app_server_ami = self.add_parameter(
            Parameter('AppServerAMI',
                      Type='String',
                      Default=self.get_recent_app_server_ami(),
                      Description='Application server AMI'), 'AppServerAMI')

        self.app_server_instance_profile = self.add_parameter(
            Parameter('AppServerInstanceProfile',
                      Type='String',
                      Default='AppServerInstanceProfile',
                      Description='Application server instance profile'),
            'AppServerInstanceProfile')

        self.app_server_auto_scaling_desired = self.add_parameter(
            Parameter(
                'AppServerAutoScalingDesired',
                Type='String',
                Default='1',
                Description='Application server AutoScalingGroup desired'),
            'AppServerAutoScalingDesired')

        self.app_server_auto_scaling_min = self.add_parameter(
            Parameter(
                'AppServerAutoScalingMin',
                Type='String',
                Default='1',
                Description='Application server AutoScalingGroup minimum'),
            'AppServerAutoScalingMin')

        self.app_server_auto_scaling_max = self.add_parameter(
            Parameter(
                'AppServerAutoScalingMax',
                Type='String',
                Default='1',
                Description='Application server AutoScalingGroup maximum'),
            'AppServerAutoScalingMax')

        self.app_server_auto_scaling_schedule_start_recurrence = self.add_parameter(  # NOQA
            Parameter(
                'AppServerAutoScalingScheduleStartRecurrence',
                Type='String',
                Default='0 12 * * 1-5',
                Description='Application server ASG schedule start recurrence'
            ), 'AppServerAutoScalingScheduleStartRecurrence')

        self.app_server_auto_scaling_schedule_start_capacity = self.add_parameter(  # NOQA
            Parameter(
                'AppServerAutoScalingScheduleStartCapacity',
                Type='String',
                Default='1',
                Description='Application server ASG schedule start capacity'),
            'AppServerAutoScalingScheduleStartCapacity')

        self.app_server_auto_scaling_schedule_end_recurrence = self.add_parameter(  # NOQA
            Parameter(
                'AppServerAutoScalingScheduleEndRecurrence',
                Type='String',
                Default='0 0 * * *',
                Description='Application server ASG schedule end recurrence'),
            'AppServerAutoScalingScheduleEndRecurrence')

        self.app_server_auto_scaling_schedule_end_capacity = self.add_parameter(  # NOQA
            Parameter(
                'AppServerAutoScalingScheduleEndCapacity',
                Type='String',
                Default='1',
                Description='Application server ASG schedule end capacity'),
            'AppServerAutoScalingScheduleEndCapacity')

        self.ssl_certificate_arn = self.add_parameter(
            Parameter('SSLCertificateARN',
                      Type='String',
                      Description='ARN for a SSL certificate stored in IAM'),
            'SSLCertificateARN')

        self.backward_compat_ssl_certificate_arn = self.add_parameter(
            Parameter('BackwardCompatSSLCertificateARN',
                      Type='String',
                      Description='ARN for a SSL certificate stored in IAM'),
            'BackwardCompatSSLCertificateARN')

        self.public_subnets = self.add_parameter(
            Parameter('PublicSubnets',
                      Type='CommaDelimitedList',
                      Description='A list of public subnets'), 'PublicSubnets')

        self.private_subnets = self.add_parameter(
            Parameter('PrivateSubnets',
                      Type='CommaDelimitedList',
                      Description='A list of private subnets'),
            'PrivateSubnets')

        self.public_hosted_zone_name = self.add_parameter(
            Parameter('PublicHostedZoneName',
                      Type='String',
                      Description='Route 53 public hosted zone name'),
            'PublicHostedZoneName')

        self.vpc_id = self.add_parameter(
            Parameter('VpcId', Type='String', Description='VPC ID'), 'VpcId')

        self.notification_topic_arn = self.add_parameter(
            Parameter(
                'GlobalNotificationsARN',
                Type='String',
                Description='ARN for an SNS topic to broadcast notifications'),
            'GlobalNotificationsARN')

        self.blue_tile_distribution_endpoint = self.add_parameter(
            Parameter(
                'BlueTileServerDistributionEndpoint',
                Type='String',
                Description='Endpoint for blue tile CloudFront distribution'),
            'BlueTileServerDistributionEndpoint')

        self.green_tile_distribution_endpoint = self.add_parameter(
            Parameter(
                'GreenTileServerDistributionEndpoint',
                Type='String',
                Description='Endpoint for green tile CloudFront distribution'),
            'GreenTileServerDistributionEndpoint')

        self.itsi_base_url = self.add_parameter(
            Parameter('ITSIBaseURL',
                      Type='String',
                      Description='Base URL for ITSI portal'), 'ITSIBaseURL')

        self.itsi_secret_key = self.add_parameter(
            Parameter('ITSISecretKey',
                      Type='String',
                      NoEcho=True,
                      Description='Secret key for ITSI portal integration'),
            'ITSISecretKey')

        self.concord_secret_key = self.add_parameter(
            Parameter('ConcordSecretKey',
                      Type='String',
                      NoEcho=True,
                      Description='Secret key for Concord OAuth integration'),
            'ConcordSecretKey')

        self.hydroshare_base_url = self.add_parameter(
            Parameter('HydroShareBaseURL',
                      Type='String',
                      Description='Base URL for HydroShare portal'),
            'HydroShareBaseURL')

        self.hydroshare_secret_key = self.add_parameter(
            Parameter(
                'HydroShareSecretKey',
                Type='String',
                NoEcho=True,
                Description='Secret key for HydroShare portal integration'),
            'HydroShareSecretKey')

        self.srat_catchment_api_url = self.add_parameter(
            Parameter('SRATCatchmentAPIURL',
                      Type='String',
                      Description='URL for the SRAT Catchment API'),
            'SRATCatchmentAPIURL')

        self.srat_catchment_api_key = self.add_parameter(
            Parameter('SRATCatchmentAPIKey',
                      Type='String',
                      NoEcho=True,
                      Description='API key for the SRAT Catchment API'),
            'SRATCatchmentAPIKey')

        self.client_app_user_password = self.add_parameter(
            Parameter(
                'ClientAppUserPassword',
                Type='String',
                NoEcho=True,
                Description='Password for the client apps django account',
            ), 'ClientAppUserPassword')

        self.papertrail_host = self.add_parameter(
            Parameter(
                'PapertrailHost',
                Type='String',
                Description='Hostname for Papertrail log destination',
            ), 'PapertrailHost')

        self.papertrail_port = self.add_parameter(
            Parameter(
                'PapertrailPort',
                Type='String',
                Description='Port for Papertrail log destination',
            ), 'PapertrailPort')

        app_server_lb_security_group, \
            app_server_security_group = self.create_security_groups()
        app_server_lb, \
            backward_compat_app_server_lb = self.create_load_balancers(
                app_server_lb_security_group)

        self.create_auto_scaling_resources(app_server_security_group,
                                           app_server_lb,
                                           backward_compat_app_server_lb)

        self.add_output(
            Output('AppServerLoadBalancerEndpoint',
                   Value=GetAtt(app_server_lb, 'DNSName')))
        self.add_output(
            Output('AppServerLoadBalancerHostedZoneNameID',
                   Value=GetAtt(app_server_lb, 'CanonicalHostedZoneNameID')))
        self.add_output(
            Output('BackwardCompatAppServerLoadBalancerEndpoint',
                   Value=GetAtt(backward_compat_app_server_lb, 'DNSName')))
        self.add_output(
            Output('BackwardCompatAppServerLoadBalancerHostedZoneNameID',
                   Value=GetAtt(backward_compat_app_server_lb,
                                'CanonicalHostedZoneNameID')))
コード例 #4
0
import sys

import troposphere.elasticloadbalancing as elb
from troposphere.elasticloadbalancing import Policy as ELBPolicy

from troposphere.autoscaling import AutoScalingGroup, Tag
from troposphere.autoscaling import LaunchConfiguration

t = Template()

# Take an existing VPC and a subnet having access to an S3 endpoint

# Existing VPC input
VPCIDParam = t.add_parameter(Parameter(
    "VPCID",
    Description="The VPC ID you wish to deploy in",
    Type="AWS::EC2::VPC::Id",
))

# Subnet with S3 endpoint
SubnetsWithS3EndpointParam = t.add_parameter(Parameter(
    "SubnetsWithS3Endpoint",
    Description="The private subnets with a configured S3 endpoint. Recommended to be spread across multiple AZ's.",
    Type="List<AWS::EC2::Subnet::Id>",
))

# Key pair for autoscaling NAT instances
KeyPairNameParam = t.add_parameter(Parameter(
    "KeyPairName",
    Description="Name of an existing EC2 KeyPair to enable SSH access to the instances",
    Type="AWS::EC2::KeyPair::KeyName",
コード例 #5
0
ファイル: cache.py プロジェクト: dchukhin/aws-web-stacks
cache_node_type = template.add_parameter(
    Parameter(
        "CacheNodeType",
        Default="cache.t2.micro",
        Description="Cache instance type",
        Type="String",
        AllowedValues=[
            dont_create_value,
            'cache.t2.micro',
            'cache.t2.small',
            'cache.t2.medium',
            'cache.m3.medium',
            'cache.m3.large',
            'cache.m3.xlarge',
            'cache.m3.2xlarge',
            'cache.m4.large',
            'cache.m4.xlarge',
            'cache.m4.2xlarge',
            'cache.m4.4xlarge',
            'cache.m4.10xlarge',
            'cache.r3.large',
            'cache.r3.xlarge',
            'cache.r3.2xlarge',
            'cache.r3.4xlarge',
            'cache.r3.8xlarge',
        ],
        ConstraintDescription="must select a valid cache node type.",
    ),
    group="Cache",
    label="Instance Type",
コード例 #6
0
def main():
    template = Template()
    template.add_version("2010-09-09")

    template.add_description(
        "AWS CloudFormation Sample Template: NLB with 1 EC2 instance")

    AddAMI(template)

    # Add the Parameters
    keyname_param = template.add_parameter(
        Parameter(
            "KeyName",
            Type="String",
            Default="mark",
            Description="Name of an existing EC2 KeyPair to "
            "enable SSH access to the instance",
        ))

    template.add_parameter(
        Parameter(
            "InstanceType",
            Type="String",
            Description="WebServer EC2 instance type",
            Default="m1.small",
            AllowedValues=[
                "t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge",
                "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.medium",
                "c1.xlarge", "cc1.4xlarge", "cc2.8xlarge", "cg1.4xlarge"
            ],
            ConstraintDescription="must be a valid EC2 instance type.",
        ))

    webport_param = template.add_parameter(
        Parameter(
            "WebServerPort",
            Type="String",
            Default="8888",
            Description="TCP/IP port of the web server",
        ))

    subnetA = template.add_parameter(
        Parameter("subnetA", Type="String", Default="subnet-096fd06d"))

    subnetB = template.add_parameter(
        Parameter("subnetB", Type="String", Default="subnet-1313ef4b"))

    VpcId = template.add_parameter(
        Parameter("VpcId", Type="String", Default="vpc-82c514e6"))

    # Define the instance security group
    instance_sg = template.add_resource(
        ec2.SecurityGroup(
            "InstanceSecurityGroup",
            GroupDescription="Enable SSH and HTTP access on the inbound port",
            SecurityGroupIngress=[
                ec2.SecurityGroupRule(
                    IpProtocol="tcp",
                    FromPort="22",
                    ToPort="22",
                    CidrIp="0.0.0.0/0",
                ),
                ec2.SecurityGroupRule(
                    IpProtocol="tcp",
                    FromPort=Ref(webport_param),
                    ToPort=Ref(webport_param),
                    CidrIp="0.0.0.0/0",
                ),
            ]))

    eipA = template.add_resource(ec2.EIP(
        'eipA',
        Domain='vpc',
    ))

    eipB = template.add_resource(ec2.EIP(
        'eipB',
        Domain='vpc',
    ))

    # Add the web server instance
    WebInstance = template.add_resource(
        ec2.Instance(
            "WebInstance",
            SecurityGroups=[Ref(instance_sg)],
            KeyName=Ref(keyname_param),
            InstanceType=Ref("InstanceType"),
            ImageId=FindInMap("RegionMap", Ref("AWS::Region"), "AMI"),
            UserData=Base64(Ref(webport_param)),
        ))

    # Add the network LB
    NetworkLB = template.add_resource(
        elb.LoadBalancer(
            "NetworkLB",
            Name="NetworkLB",
            Scheme="internet-facing",
            SubnetMappings=[
                elb.SubnetMapping(AllocationId=GetAtt(eipA, 'AllocationId'),
                                  SubnetId=Ref(subnetA)),
                elb.SubnetMapping(AllocationId=GetAtt(eipB, 'AllocationId'),
                                  SubnetId=Ref(subnetB))
            ],
            Type='network'))

    TargetGroupWeb = template.add_resource(
        elb.TargetGroup("TargetGroupWeb",
                        HealthCheckIntervalSeconds="30",
                        HealthCheckProtocol="HTTP",
                        HealthCheckTimeoutSeconds="10",
                        HealthyThresholdCount="4",
                        Matcher=elb.Matcher(HttpCode="200"),
                        Name="WebTarget",
                        Port=Ref(webport_param),
                        Protocol="HTTP",
                        Targets=[
                            elb.TargetDescription(Id=Ref(WebInstance),
                                                  Port=Ref(webport_param))
                        ],
                        UnhealthyThresholdCount="3",
                        VpcId=Ref(VpcId)))

    template.add_resource(
        elb.Listener("Listener",
                     Port="80",
                     Protocol="HTTP",
                     LoadBalancerArn=Ref(NetworkLB),
                     DefaultActions=[
                         elb.Action(Type="forward",
                                    TargetGroupArn=Ref(TargetGroupWeb))
                     ]))

    template.add_output(
        Output("URL",
               Description="URL of the sample website",
               Value=Join("",
                          ["http://", GetAtt(NetworkLB, "DNSName")])))

    print(template.to_json())
コード例 #7
0
            'AutoAssignPublicIp': {
                'default': 'Auto Assign Public IP'
            },
        },
    }
})

#
# Parameters
#

param_number_of_azs = t.add_parameter(
    Parameter('NumberOfAZs',
              Description='Number of Availability Zones to use in the VPC. '
              'This must match your selections in the list of '
              'Availability Zones parameter.',
              Default='2',
              AllowedValues=['2', '3', '4'],
              Type='String'))

param_availability_zones = t.add_parameter(
    Parameter('AvailabilityZones',
              Description=
              'List of Availability Zones to use for the subnets in the VPC.'
              'Note: The logical order is preserved.',
              Type='List<AWS::EC2::AvailabilityZone::Name>'))

param_vpc_cidr = t.add_parameter(
    Parameter(
        'VpcCidr',
        Description='CIDR block for the VPC',
コード例 #8
0
from __future__ import print_function

from troposphere import (Template, Parameter, Ref, Condition, Equals, And, Or,
                         Not, If)
from troposphere import ec2

parameters = {
    "One": Parameter(
        "One",
        Type="String",
    ),
    "Two": Parameter(
        "Two",
        Type="String",
    ),
    "Three": Parameter(
        "Three",
        Type="String",
    ),
    "Four": Parameter(
        "Four",
        Type="String",
    ),
    "SshKeyName": Parameter(
        "SshKeyName",
        Type="String",
    )
}

conditions = {
    "OneEqualsFoo":
コード例 #9
0
    def set_up_stack(self):
        """Sets up the stack"""
        if not self.INPUTS or not self.STACK_NAME_PREFIX or not self.HEALTH_ENDPOINT:
            raise MKInputError(
                'Must define INPUTS, STACK_NAME_PREFIX, and HEALTH_ENDPOINT')

        super(AppServerStack, self).set_up_stack()

        tags = self.get_input('Tags').copy()
        self.add_description('{} App Server Stack for Cac'.format(
            self.STACK_NAME_PREFIX))

        assert isinstance(tags, dict), 'tags must be a dictionary'

        self.availability_zones = get_availability_zones()

        tags.update({'StackType': 'AppServer'})
        self.default_tags = tags

        self.app_server_instance_type_parameter = self.add_parameter(
            Parameter(
                'AppServerInstanceType',
                Type='String',
                Default='t2.medium',
                Description='NAT EC2 instance type',
                AllowedValues=EC2_INSTANCE_TYPES,
                ConstraintDescription='must be a valid EC2 instance type.'),
            source='AppServerInstanceType')

        self.param_app_server_iam_profile = self.add_parameter(
            Parameter('AppServerIAMProfile',
                      Type='String',
                      Description='IAM Profile for instances'),
            source='AppServerIAMProfile')

        self.app_server_ami = self.add_parameter(Parameter(
            'AppServerAMI',
            Type='String',
            Description='{} Server EC2 AMI'.format(self.STACK_NAME_PREFIX)),
                                                 source='AppServerAMI')

        self.keyname_parameter = self.add_parameter(Parameter(
            'KeyName',
            Type='String',
            Default='cac',
            Description='Name of an existing EC2 key pair'),
                                                    source='KeyName')

        self.param_color = self.add_parameter(Parameter(
            'StackColor',
            Type='String',
            Description='Stack color',
            AllowedValues=['Blue', 'Green', 'Orange']),
                                              source='StackColor')

        self.param_stacktype = self.add_parameter(Parameter(
            'StackType',
            Type='String',
            Description='Stack type',
            AllowedValues=['Development', 'Staging', 'Production']),
                                                  source='StackType')

        self.param_public_hosted_zone_name = self.add_parameter(
            Parameter('PublicHostedZoneName',
                      Type='String',
                      Description='Public hosted zone name'),
            source='PublicHostedZoneName')

        self.param_vpc = self.add_parameter(Parameter(
            'VpcId', Type='String', Description='Name of an existing VPC'),
                                            source='VpcId')

        self.param_notification_arn = self.add_parameter(
            Parameter(
                'GlobalNotificationsARN',
                Type='String',
                Description='Physical resource ID on an AWS::SNS::Topic for '
                'notifications'),
            source='GlobalNotificationsARN')

        self.param_ssl_certificate_arn = self.add_parameter(
            Parameter('SSLCertificateARN',
                      Type='String',
                      Description=
                      'Physical resource ID on an AWS::IAM::ServerCertificate '
                      'for the application server load balancer'),
            source='SSLCertificateARN')

        self.param_public_subnets = self.add_parameter(
            Parameter('PublicSubnets',
                      Type='CommaDelimitedList',
                      Description='A list of public subnets'),
            source='AppServerPublicSubnets')

        self.param_private_subnets = self.add_parameter(
            Parameter('PrivateSubnets',
                      Type='CommaDelimitedList',
                      Description='A list of private subnets'),
            source='AppServerPrivateSubnets')

        self.param_bastion_security_group = self.add_parameter(
            Parameter('BastionSecurityGroup',
                      Type='String',
                      Description='The ID of the bastion security group'),
            source='BastionSecurityGroup')

        self.param_database_security_group = self.add_parameter(
            Parameter('DatabaseSecurityGroup',
                      Type='String',
                      Description='The ID of the database security group'),
            source='DatabaseSecurityGroup')

        self.param_nat_security_group = self.add_parameter(
            Parameter('NATSecurityGroup',
                      Type='String',
                      Description='The ID of the NAT security group'),
            source='NATSecurityGroup')

        self.param_min_size = self.add_parameter(Parameter(
            'ASGMinSize',
            Type='Number',
            Default='1',
            Description='Min size of ASG'),
                                                 source='ASGMinSize')

        self.param_max_size = self.add_parameter(Parameter(
            'ASGMaxSize',
            Type='Number',
            Default='1',
            Description='Max size of ASG'),
                                                 source='ASGMaxSize')

        self.param_desired_capacity = self.add_parameter(
            Parameter('ASGDesiredCapacity',
                      Type='Number',
                      Default='1',
                      Description='Desired capacity of ASG'),
            source='ASGDesiredCapacity')

        #
        # Security Group
        #
        app_server_load_balancer_security_group = self.add_resource(
            ec2.SecurityGroup(
                'sgAppServerLoadBalancer',
                GroupDescription=
                'Enables access to app servers via a load balancer',
                VpcId=Ref(self.param_vpc),
                SecurityGroupIngress=[
                    ec2.SecurityGroupRule(IpProtocol='tcp',
                                          CidrIp=ALLOW_ALL_CIDR,
                                          FromPort=p,
                                          ToPort=p) for p in [80, 443]
                ],
                Tags=Tags(Name='sgAppServerLoadBalancer',
                          Color=Ref(self.param_color))))

        app_server_security_group = self.add_resource(
            ec2.SecurityGroup(
                'sgAppServer',
                GroupDescription='Enables access to App Servers',
                VpcId=Ref(self.param_vpc),
                SecurityGroupIngress=[
                    ec2.SecurityGroupRule(IpProtocol='tcp',
                                          CidrIp=VPC_CIDR,
                                          FromPort=p,
                                          ToPort=p) for p in [22, 80, 443]
                ] + [
                    ec2.SecurityGroupRule(IpProtocol='tcp',
                                          SourceSecurityGroupId=Ref(sg),
                                          FromPort=80,
                                          ToPort=80)
                    for sg in [app_server_load_balancer_security_group]
                ] + [
                    ec2.SecurityGroupRule(IpProtocol='tcp',
                                          SourceSecurityGroupId=Ref(sg),
                                          FromPort=443,
                                          ToPort=443)
                    for sg in [app_server_load_balancer_security_group]
                ],
                SecurityGroupEgress=[
                    ec2.SecurityGroupRule(IpProtocol='tcp',
                                          CidrIp=ALLOW_ALL_CIDR,
                                          FromPort=p,
                                          ToPort=p)
                    for p in [80, 443, PAPERTRAIL_PORT]
                ],
                Tags=Tags(Name='sgAppServer', Color=Ref(self.param_color))))

        # ELB to App Server
        self.add_resource(
            ec2.SecurityGroupEgress(
                'sgEgressELBtoAppHTTP',
                GroupId=Ref(app_server_load_balancer_security_group),
                DestinationSecurityGroupId=Ref(app_server_security_group),
                IpProtocol='tcp',
                FromPort=80,
                ToPort=80))

        self.add_resource(
            ec2.SecurityGroupEgress(
                'sgEgressELBtoAppHTTPS',
                GroupId=Ref(app_server_load_balancer_security_group),
                DestinationSecurityGroupId=Ref(app_server_security_group),
                IpProtocol='tcp',
                FromPort=443,
                ToPort=443))

        # Bastion to App Server, app server to db, app server to inet
        rules = [(self.param_bastion_security_group, app_server_security_group,
                  [80, 443, 22]),
                 (app_server_security_group,
                  self.param_database_security_group, [POSTGRES]),
                 (app_server_security_group, self.param_nat_security_group,
                  [80, 443, 22, 587, PAPERTRAIL_PORT])]
        for num, (srcsg, destsg, ports) in enumerate(rules):
            for port in ports:
                self.add_resource(
                    ec2.SecurityGroupEgress(
                        'sgEgress{}p{}'.format(num, port),
                        GroupId=Ref(srcsg),
                        DestinationSecurityGroupId=Ref(destsg),
                        IpProtocol='tcp',
                        FromPort=port,
                        ToPort=port))
                self.add_resource(
                    ec2.SecurityGroupIngress('sgIngress{}p{}'.format(
                        num, port),
                                             GroupId=Ref(destsg),
                                             SourceSecurityGroupId=Ref(srcsg),
                                             IpProtocol='tcp',
                                             FromPort=port,
                                             ToPort=port))

        #
        # ELB
        #
        app_server_load_balancer = self.add_resource(
            elb.LoadBalancer(
                'elbAppServer',
                ConnectionDrainingPolicy=elb.ConnectionDrainingPolicy(
                    Enabled=True, Timeout=300),
                CrossZone=True,
                SecurityGroups=[Ref(app_server_load_balancer_security_group)],
                Listeners=[
                    elb.Listener(LoadBalancerPort='80',
                                 Protocol='HTTP',
                                 InstancePort='80',
                                 InstanceProtocol='HTTP'),
                    elb.Listener(LoadBalancerPort='443',
                                 Protocol='HTTPS',
                                 InstancePort='443',
                                 InstanceProtocol='HTTP',
                                 SSLCertificateId=Ref(
                                     self.param_ssl_certificate_arn))
                ],
                HealthCheck=elb.HealthCheck(
                    Target=self.HEALTH_ENDPOINT,
                    HealthyThreshold='3',
                    UnhealthyThreshold='2',
                    Interval='30',
                    Timeout='5',
                ),
                Subnets=Ref(self.param_public_subnets),
                Tags=Tags(Name='elbAppServer', Color=Ref(self.param_color))))

        self.add_resource(
            cw.Alarm('alarmAppServerBackend4xx',
                     AlarmActions=[Ref(self.param_notification_arn)],
                     Statistic='Sum',
                     Period=300,
                     Threshold='5',
                     EvaluationPeriods=1,
                     ComparisonOperator='GreaterThanThreshold',
                     MetricName='HTTPCode_Backend_4XX',
                     Namespace='AWS/ELB',
                     Dimensions=[
                         cw.MetricDimension(
                             'metricLoadBalancerName',
                             Name='LoadBalancerName',
                             Value=Ref(app_server_load_balancer))
                     ]))

        self.add_resource(
            cw.Alarm('alarmAppServerBackend5xx',
                     AlarmActions=[Ref(self.param_notification_arn)],
                     Statistic='Sum',
                     Period=60,
                     Threshold='0',
                     EvaluationPeriods=1,
                     ComparisonOperator='GreaterThanThreshold',
                     MetricName='HTTPCode_Backend_5XX',
                     Namespace='AWS/ELB',
                     Dimensions=[
                         cw.MetricDimension(
                             'metricLoadBalancerName',
                             Name='LoadBalancerName',
                             Value=Ref(app_server_load_balancer))
                     ]))

        #
        # ASG
        #
        app_server_launch_config = self.add_resource(
            asg.LaunchConfiguration(
                'lcAppServer',
                ImageId=Ref(self.app_server_ami),
                IamInstanceProfile=Ref(self.param_app_server_iam_profile),
                InstanceType=Ref(self.app_server_instance_type_parameter),
                KeyName=Ref(self.keyname_parameter),
                SecurityGroups=[Ref(app_server_security_group)]))

        autoscaling_group = self.add_resource(
            asg.AutoScalingGroup(
                'asgAppServer',
                AvailabilityZones=self.get_input(
                    'AppServerAvailabilityZones').split(','),
                Cooldown=300,
                DesiredCapacity=Ref(self.param_desired_capacity),
                HealthCheckGracePeriod=1000,
                HealthCheckType='ELB',
                LaunchConfigurationName=Ref(app_server_launch_config),
                LoadBalancerNames=[Ref(app_server_load_balancer)],
                MaxSize=Ref(self.param_max_size),
                MinSize=Ref(self.param_min_size),
                NotificationConfigurations=[
                    asg.NotificationConfigurations(
                        TopicARN=Ref(self.param_notification_arn),
                        NotificationTypes=[
                            asg.EC2_INSTANCE_LAUNCH,
                            asg.EC2_INSTANCE_LAUNCH_ERROR,
                            asg.EC2_INSTANCE_TERMINATE,
                            asg.EC2_INSTANCE_TERMINATE_ERROR
                        ])
                ],
                VPCZoneIdentifier=Ref(self.param_private_subnets),
                Tags=[
                    asg.Tag('Name', '{}Server'.format(self.STACK_NAME_PREFIX),
                            True),
                    asg.Tag('Color', Ref(self.param_color), True)
                ]))

        # autoscaling policies
        autoscaling_policy_add = self.add_resource(
            asg.ScalingPolicy('scalingPolicyAddAppServer',
                              AdjustmentType='ChangeInCapacity',
                              AutoScalingGroupName=Ref(autoscaling_group),
                              Cooldown=600,
                              ScalingAdjustment='1'))

        autoscaling_policy_remove = self.add_resource(
            asg.ScalingPolicy('scalingPolicyRemoveAppServer',
                              AdjustmentType='ChangeInCapacity',
                              AutoScalingGroupName=Ref(autoscaling_group),
                              Cooldown=600,
                              ScalingAdjustment='-1'))

        if self.STACK_NAME_PREFIX == 'Otp':
            # trigger scale down if CPU avg usage < 10% for 3 consecutive 5 min periods
            self.add_resource(
                cw.Alarm('alarmAppServerLowCPU',
                         AlarmActions=[Ref(autoscaling_policy_remove)],
                         Statistic='Average',
                         Period=300,
                         Threshold='10',
                         EvaluationPeriods=3,
                         ComparisonOperator='LessThanThreshold',
                         MetricName='CPUUtilization',
                         Namespace='AWS/EC2',
                         Dimensions=[
                             cw.MetricDimension('metricAutoScalingGroupName',
                                                Name='AutoScalingGroupName',
                                                Value=Ref(autoscaling_group))
                         ]))

            # trigger scale up if CPU avg usage >= 30% for a 5 min period
            self.add_resource(
                cw.Alarm('alarmAppServerHighCPU',
                         AlarmActions=[
                             Ref(self.param_notification_arn),
                             Ref(autoscaling_policy_add)
                         ],
                         Statistic='Average',
                         Period=300,
                         Threshold='30',
                         EvaluationPeriods=1,
                         ComparisonOperator='GreaterThanOrEqualToThreshold',
                         MetricName='CPUUtilization',
                         Namespace='AWS/EC2',
                         Dimensions=[
                             cw.MetricDimension('metricAutoScalingGroupName',
                                                Name='AutoScalingGroupName',
                                                Value=Ref(autoscaling_group))
                         ]))
        else:
            # scale web servers based on network usage
            self.add_resource(
                cw.Alarm('alarmAppServerLowNetworkUsage',
                         AlarmActions=[Ref(autoscaling_policy_remove)],
                         Statistic='Average',
                         Period=300,
                         Threshold='4000000',
                         EvaluationPeriods=3,
                         ComparisonOperator='LessThanThreshold',
                         MetricName='NetworkOut',
                         Namespace='AWS/EC2',
                         Dimensions=[
                             cw.MetricDimension('metricAutoScalingGroupName',
                                                Name='AutoScalingGroupName',
                                                Value=Ref(autoscaling_group))
                         ]))

            self.add_resource(
                cw.Alarm('alarmAppServerHighNetworkUsage',
                         AlarmActions=[
                             Ref(self.param_notification_arn),
                             Ref(autoscaling_policy_add)
                         ],
                         Statistic='Average',
                         Period=300,
                         Threshold='10000000',
                         EvaluationPeriods=1,
                         ComparisonOperator='GreaterThanOrEqualToThreshold',
                         MetricName='NetworkOut',
                         Namespace='AWS/EC2',
                         Dimensions=[
                             cw.MetricDimension('metricAutoScalingGroupName',
                                                Name='AutoScalingGroupName',
                                                Value=Ref(autoscaling_group))
                         ]))

        #
        # DNS name
        #
        self.create_resource(
            route53.RecordSetType(
                'dnsName',
                Name=Join('.', [
                    Ref(self.param_color),
                    Ref(self.param_stacktype), self.STACK_NAME_PREFIX,
                    Ref(self.param_public_hosted_zone_name)
                ]),
                Type='A',
                AliasTarget=route53.AliasTarget(
                    GetAtt(app_server_load_balancer,
                           'CanonicalHostedZoneNameID'),
                    GetAtt(app_server_load_balancer, 'DNSName')),
                HostedZoneName=Ref(self.param_public_hosted_zone_name)))

        self.add_output([
            Output('{}ServerLoadBalancerEndpoint'.format(
                self.STACK_NAME_PREFIX),
                   Description='Application server endpoint',
                   Value=GetAtt(app_server_load_balancer, 'DNSName')),
            Output('{}ServerLoadBalancerHostedZoneNameID'.format(
                self.STACK_NAME_PREFIX),
                   Description='ID of canonical hosted zone name for ELB',
                   Value=GetAtt(app_server_load_balancer,
                                'CanonicalHostedZoneNameID'))
        ])
コード例 #10
0
ファイル: NatGateway.py プロジェクト: zully/troposphere
from troposphere import Output, Ref, Template, Parameter, GetAtt
from troposphere import ec2

t = Template()

t.set_description(
    "AWS CloudFormation Sample Template NatGateway: Sample template showing "
    "how to create a public NAT gateway. "
    "**WARNING** This template creates an Amazon NAT gateway. "
    "You will be billed for the AWS resources used if you create "
    "a stack from this template.")

vpc_cidr = t.add_parameter(
    Parameter(
        'VPCCIDR',
        Default='172.18.0.0/16',
        Description='The IP address space for this VPC, in CIDR notation',
        Type='String',
    ))

public_subnet = t.add_parameter(
    Parameter(
        'PublicSubnetCidr',
        Type='String',
        Description='Public Subnet CIDR',
        Default='172.18.0.0/22',
    ))

private_subnet = t.add_parameter(
    Parameter(
        'PrivateSubnetCidr',
        Type='String',
コード例 #11
0
ファイル: spunt_auth.py プロジェクト: RobKenis/spunt-punt-be
class UserPoolDomain(AWSObject):
    resource_type = "AWS::Cognito::UserPoolDomain"

    props = {
        'Domain': (str, True),
        'UserPoolId': (str, True),
        'CustomDomainConfig': (CustomDomainConfig, False),
    }

template = Template(Description='Cognito with passwordless e-mail auth')
template.set_transform('AWS::Serverless-2016-10-31')

dns_stack = template.add_parameter(Parameter(
    'DnsStack',
    Type=constants.STRING,
    Default='spunt-punt-be-dns',
))

core_stack = template.add_parameter(Parameter(
    'CoreStack',
    Type=constants.STRING,
    Default='spunt-core',
))

domain_name = template.add_parameter(Parameter(
    'DomainName',
    Type=constants.STRING,
    Default='login.spunt.be',
))
コード例 #12
0
t.add_version("2010-09-09")

# Create the template

t.add_description("""
    AWS Cloudformation template for GzipToSnappy:
    This template creates a an S3 bucket and a Lambda function
    to trigger when gzip files are loaded on the S3 bucket.
     **WARNING**: You will be billed for AWS resources created.
    """)

# Create parameters

inputBucketName = t.add_parameter(
    Parameter("InputBucketName",
              Description="The name of the input bucket",
              Type="String"))

inputKeyPrefix = t.add_parameter(
    Parameter("InputKeyPrefix",
              Description="The S3 input folder for incoming files",
              Type="String",
              Default="stg/input-gz/"))

outputBucketName = t.add_parameter(
    Parameter(
        "OutputBucketName",
        Description="The name of the output bucket. This is required",
        Type="String",
    ))
コード例 #13
0
from troposphere.route53 import RecordSetType

t = Template()

t.set_description(
    "AWS CloudFormation Sample Template Route53_A: "
    "Sample template showing how to create an Amazon Route 53 A record that "
    "maps to the public IP address of an EC2 instance. It assumes that you "
    "already have a Hosted Zone registered with Amazon Route 53. **WARNING** "
    "This template creates an Amazon EC2 instance. You will be billed for "
    "the AWS resources used if you create a stack from this template.")

hostedzone = t.add_parameter(
    Parameter(
        "HostedZone",
        Description="The DNS name of an existing Amazon Route 53 hosted zone",
        Type="String",
    ))

t.add_mapping(
    "RegionMap",
    {
        "us-east-1": {
            "AMI": "ami-7f418316"
        },
        "us-west-1": {
            "AMI": "ami-951945d0"
        },
        "us-west-2": {
            "AMI": "ami-16fd7026"
        },
コード例 #14
0
from stack_modules.common_modules.common import *
from troposphere import Parameter, Tags

stackconfig = StackConfig()
mystack = Stack(stackconfig)

mystack.description('ElasticSearch Stack')

parameters = {
    "env":
    Parameter(
        "DeploymentEnvironment",
        Type="String",
        Default="DEV",
        Description="Environment you are building (DEV,QA,STG,PROD)",
    ),
    "ver":
    Parameter(
        "ProductVersion",
        Type="String",
        Default="6.1",
        Description="Version deploying (e.g. 6.1)",
    )
}

common_tags = Tags(env=Ref("DeploymentEnvironment"),
                   Version=Ref("ProductVersion"))

for p in parameters.values():
    mystack.template.add_parameter(p)
mystack.elasticsearch_cluster('elasticsearch')
コード例 #15
0
from troposphere.sqs import Queue

t = Template()

t.set_description(
    "AWS CloudFormation Sample Template SQS_With_CloudWatch_Alarms: Sample "
    "template showing how to create an SQS queue with AWS CloudWatch alarms "
    "on queue depth. **WARNING** This template creates an Amazon SQS Queue "
    "and one or more Amazon CloudWatch alarms. You will be billed for the "
    "AWS resources used if you create a stack from this template.")

alarmemail = t.add_parameter(
    Parameter(
        "AlarmEmail",
        Default="*****@*****.**",
        Description="Email address to notify if there are any "
        "operational issues",
        Type="String",
    ))

myqueue = t.add_resource(Queue("MyQueue"))

alarmtopic = t.add_resource(
    Topic(
        "AlarmTopic",
        Subscription=[
            Subscription(Endpoint=Ref(alarmemail), Protocol="email"),
        ],
    ))

queuedepthalarm = t.add_resource(
コード例 #16
0
ファイル: test_basic.py プロジェクト: bwhaley/troposphere
 def test_noproperty(self):
     t = Parameter("MyParameter", Type="String")
     d = t.to_dict()
     with self.assertRaises(KeyError):
         d['Properties']
コード例 #17
0
    def test_ref_can_be_requested(self):
        param = Parameter('title', Type='String')
        reference = param.ref()

        self.assertIsInstance(reference, Ref)
        self.assertDictEqual(reference.data, {'Ref': 'title'})
コード例 #18
0
import troposphere.policies as policies

t = Template()

t.add_version('2010-09-09')
t.add_description('OpenAerialMap tiler API stack')

ref_stack_id = Ref('AWS::StackId')
ref_region = Ref('AWS::Region')
ref_stack_name = Ref('AWS::StackName')

#
# Parameters
#
keyname_param = t.add_parameter(Parameter(
    'KeyName', Type='AWS::EC2::KeyPair::KeyName', Default='hotosm',
    Description='Name of an existing EC2 key pair'
))

role_param = t.add_parameter(Parameter(
    'Role', Type='String', Default='OAMServer',
    Description='IAM Instance Role'
))

target_bucket_param = t.add_parameter(Parameter(
    'TargetBucket', Type='String', Default='oam-tiles',
    Description='Target S3 bucket for tiled imagery'
))

tiler_ami_param = t.add_parameter(Parameter(
    'CoreOSAMI', Type='String', Default='ami-05783d60',
    Description='CoreOS AMI'
コード例 #19
0
t, vpcids = create_vpc(t)
t, subnetids = create_subnet(t, vpcids)
t, sg_output = create_sg(t, subnetids)
sg_output_id_list = []
for x, y in sg_output.items():
    sg_output_id_list.append(y)

subnetids_output_id_list = []
for x, y in subnetids["SubnetIds"].items():
    subnetids_output_id_list.append(y)

ref_region = Ref('AWS::Region')
# prints roleid and template to create role
ClusterName = t.add_parameter(
    Parameter("ClusterName",
              Type="String",
              Description="Name of an eks",
              Default="test-eks"))
eksResourcesVpcConfig = ResourcesVpcConfig(SecurityGroupIds=sg_output_id_list,
                                           SubnetIds=subnetids_output_id_list)

eks = t.add_resource(
    Cluster("eks",
            Name=Ref(ClusterName),
            ResourcesVpcConfig=eksResourcesVpcConfig,
            RoleArn=role_id))

AmiId = t.add_parameter(
    Parameter(
        "AmiId",
        Type="String",
        Default="ami-0d3998d69ebe9b214",
コード例 #20
0
ファイル: generate.py プロジェクト: tradelead/account
from troposphere import Tags, ImportValue, Parameter, Sub, GetAtt, Ref, Join, Output, Export
from troposphere import Template
from troposphere import serverless, awslambda, s3, iam

t = Template()
t.add_version('2010-09-09')
t.add_transform('AWS::Serverless-2016-10-31')

# Parameters

t.add_parameter(Parameter('CoreStack', Type='String'))
t.add_parameter(Parameter('MySQLDbName', Type='String'))
t.add_parameter(Parameter('MySQLUser', Type='String'))
t.add_parameter(Parameter('MySQLPass', Type='String'))
t.add_parameter(Parameter('NodeEnv', Type='String'))
t.add_parameter(Parameter('KeycloakServerURL', Type='String'))
t.add_parameter(Parameter('KeycloakRealm', Type='String'))
t.add_parameter(Parameter('KeycloakClientID', Type='String'))
t.add_parameter(Parameter('KeycloakClientSecret', Type='String'))
t.add_parameter(Parameter('AwsKmsCmk', Type='String'))

# Create S3 Bucket
accountMediaBucket = t.add_resource(s3.Bucket(
    'AccountMedia',
    CorsConfiguration = s3.CorsConfiguration(CorsRules = [
        s3.CorsRules(
            AllowedHeaders = ['*'],
            AllowedMethods = ['GET', 'POST'],
            AllowedOrigins = ['*'],
        )
    ]),
コード例 #21
0
def main():
    # Meta
    t.add_version("2010-09-09")
    t.add_description("Template for auto-scaling in an Application"
                      "load balancer target group. "
                      "The ALB will be used as an A Alias target "
                      "for a specified Route53 hosted zone. "
                      "This template also showcases "
                      "Metadata Parameter Grouping, "
                      "Special AWS Parameter Types, "
                      "and Cloudformation Outputs with Exports"
                      "which can be imported into other templates.")
    t.add_metadata({
        "Author": "https://github.com/hmain/",
        "LastUpdated": "2017 01 31",
        "Version": "1",
    })

    # Parameter grouping
    t.add_metadata({
        "AWS::CloudFormation::Interface": {
            "ParameterGroups": [{
                "Label": {
                    "default": "Global parameters"
                },
                "Parameters": ["environment"]
            }, {
                "Label": {
                    "default": "Application Loadbalancer"
                },
                "Parameters": [
                    "albSubnets", "loadbalancerPrefix", "loadBalancerArn",
                    "albPaths", "albPort"
                ]
            }, {
                "Label": {
                    "default": "VPC"
                },
                "Parameters": ["ec2Subnets", "VPC", "securityGroup"]
            }, {
                "Label": {
                    "default": "EC2"
                },
                "Parameters": ["ec2Name", "ec2Type", "ec2Key"]
            }, {
                "Label": {
                    "default": "Auto-scaling"
                },
                "Parameters": [
                    "asgCapacity", "asgMinSize", "asgMaxSize", "asgCooldown",
                    "asgHealthGrace"
                ]
            }, {
                "Label": {
                    "default": "Route53"
                },
                "Parameters": ["route53HostedZoneId", "route53HostedZoneName"]
            }]
        }
    })

    AddAMI(t)

    environment = t.add_parameter(
        Parameter(
            "environment",
            Default="dev",
            Type="String",
            Description="Development or Production environment",
            AllowedValues=["dev", "prod"],
            ConstraintDescription="dev or prod",
        ))
    route53_hosted_zone_id = t.add_parameter(
        Parameter("route53HostedZoneId",
                  Default="",
                  Type="AWS::Route53::HostedZone::Id",
                  Description="Route53 DNS zone ID"))

    route53_hosted_zone_name = t.add_parameter(
        Parameter("route53HostedZoneName",
                  Default="my.aws.dns.com",
                  Type="String",
                  Description="Route53 hosted zone name"))
    security_group = t.add_parameter(
        Parameter("securityGroup",
                  Default="",
                  Type="List<AWS::EC2::SecurityGroup::Id>",
                  Description="Which security groups to use"))
    alb_paths = t.add_parameter(
        Parameter(
            "albPaths",
            Default="/",
            Type="CommaDelimitedList",
            Description="Path-patterns you want the loadbalancer to point to in "
            "your application"))
    albPort = t.add_parameter(
        Parameter("albPort",
                  Default="80",
                  Type="Number",
                  Description="Which loadbalancer port to use"))
    ec2_subnets = t.add_parameter(
        Parameter("ec2Subnets",
                  Default="",
                  Type="List<AWS::EC2::Subnet::Id>",
                  Description="Private subnets for the instances."))
    alb_subnets = t.add_parameter(
        Parameter("albSubnets",
                  Default="",
                  Type="List<AWS::EC2::Subnet::Id>",
                  Description="Public subnets for the load balancer."))
    loadbalancer_prefix = t.add_parameter(
        Parameter(
            "loadbalancerPrefix",
            Default="",
            Type="String",
            Description="Specify a prefix for your loadbalancer",
        ))
    vpc = t.add_parameter(
        Parameter("VPC",
                  Default="",
                  Type="AWS::EC2::VPC::Id",
                  Description="Environment VPC"))

    # Auto scaling group parameters
    asg_capacity = t.add_parameter(
        Parameter("asgCapacity",
                  Default="0",
                  Type="Number",
                  Description="Number of instances"))
    asg_min_size = t.add_parameter(
        Parameter("asgMinSize",
                  Default="0",
                  Type="Number",
                  Description="Minimum size of AutoScalingGroup"))
    asg_max_size = t.add_parameter(
        Parameter("asgMaxSize",
                  Default="1",
                  Type="Number",
                  Description="Maximum size of AutoScalingGroup"))
    asg_cooldown = t.add_parameter(
        Parameter(
            "asgCooldown",
            Default="300",
            Type="Number",
            Description="Cooldown before starting/stopping another instance"))
    asg_health_grace = t.add_parameter(
        Parameter(
            "asgHealthGrace",
            Default="300",
            Type="Number",
            Description="Wait before starting/stopping another instance"))

    # EC2 parameters
    ec2_name = t.add_parameter(
        Parameter("ec2Name",
                  Default="myApplication",
                  Type="String",
                  Description="Name of the instances"))
    ec2_type = t.add_parameter(
        Parameter("ec2Type",
                  Default="t2.large",
                  Type="String",
                  Description="Instance type."))
    ec2_key = t.add_parameter(
        Parameter("ec2Key",
                  Default="",
                  Type="AWS::EC2::KeyPair::KeyName",
                  Description="EC2 Key Pair"))

    # Launchconfiguration
    ec2_launchconfiguration = t.add_resource(
        autoscaling.LaunchConfiguration(
            "EC2LaunchConfiguration",
            ImageId=FindInMap("windowsAMI", Ref("AWS::Region"), "AMI"),
            KeyName=Ref(ec2_key),
            SecurityGroups=Ref(security_group),
            InstanceType=Ref(ec2_type),
            AssociatePublicIpAddress=False,
        ))

    # Application ELB
    alb_target_group = t.add_resource(
        elb.TargetGroup("albTargetGroup",
                        HealthCheckPath=Select("0", Ref(alb_paths)),
                        HealthCheckIntervalSeconds="30",
                        HealthCheckProtocol="HTTP",
                        HealthCheckTimeoutSeconds="10",
                        HealthyThresholdCount="4",
                        Matcher=elb.Matcher(HttpCode="200"),
                        Name=Ref(ec2_name),
                        Port=80,
                        Protocol="HTTP",
                        UnhealthyThresholdCount="3",
                        VpcId=Ref(vpc)))

    # Auto scaling group
    t.add_resource(
        autoscaling.AutoScalingGroup(
            "autoScalingGroup",
            DesiredCapacity=Ref(asg_capacity),
            Tags=autoscaling.Tags(Environment=Ref(environment)),
            VPCZoneIdentifier=Ref(ec2_subnets),
            TargetGroupARNs=[Ref(alb_target_group)],
            MinSize=Ref(asg_min_size),
            MaxSize=Ref(asg_max_size),
            Cooldown=Ref(asg_cooldown),
            LaunchConfigurationName=Ref(ec2_launchconfiguration),
            HealthCheckGracePeriod=Ref(asg_health_grace),
            HealthCheckType="EC2",
        ))

    # Application Load Balancer
    application_load_balancer = t.add_resource(
        elb.LoadBalancer("applicationLoadBalancer",
                         Name=Ref(loadbalancer_prefix),
                         Scheme="internet-facing",
                         Subnets=Ref(alb_subnets),
                         SecurityGroups=Ref(security_group)))
    alb_listener = t.add_resource(
        elb.Listener("albListener",
                     Port=Ref(albPort),
                     Protocol="HTTP",
                     LoadBalancerArn=Ref(application_load_balancer),
                     DefaultActions=[
                         elb.Action(Type="forward",
                                    TargetGroupArn=Ref(alb_target_group))
                     ]))
    t.add_resource(
        elb.ListenerRule("albListenerRule",
                         ListenerArn=Ref(alb_listener),
                         Conditions=[
                             elb.Condition(Field="path-pattern",
                                           Values=Ref(alb_paths))
                         ],
                         Actions=[
                             elb.Action(Type="forward",
                                        TargetGroupArn=Ref(alb_target_group))
                         ],
                         Priority="1"))

    # Route53
    t.add_resource(
        route53.RecordSetGroup(
            "route53RoundRobin",
            HostedZoneId=Ref(route53_hosted_zone_id),
            RecordSets=[
                route53.RecordSet(
                    Weight=1,
                    SetIdentifier=Join(".", [
                        Ref(environment),
                        Ref(route53_hosted_zone_name), "ELB"
                    ]),
                    Name=Join(
                        ".", [Ref(environment),
                              Ref(route53_hosted_zone_name)]),
                    Type="A",
                    AliasTarget=route53.AliasTarget(
                        GetAtt(application_load_balancer,
                               "CanonicalHostedZoneID"),
                        GetAtt(application_load_balancer, "DNSName")))
            ]))

    t.add_output(
        Output(
            "URL",
            Description="URL of the website",
            Value=Join("", [
                "http://",
                GetAtt(application_load_balancer, "DNSName"),
                Select("0", Ref(alb_paths))
            ]),
            Export=Export(Sub("${AWS::StackName}-URL")),
        ))

    print(t.to_json())
コード例 #22
0
    def add_parameters(self):
        # SharedServicesVpcId is VPC Output
        self.SharedServicesVpcId = self.template.add_parameter(
            Parameter(
                "SharedServicesVpcId",
                Type="String",
            ))

        # SharedServicesPrivSubnet1 is VPC Output
        self.SharedServicesPrivSubnet1 = self.template.add_parameter(
            Parameter(
                "SharedServicesPrivSubnet1",
                Type="String",
            ))

        # SharedServicesPrivSubnet2 is VPC Output
        self.SharedServicesPrivSubnet2 = self.template.add_parameter(
            Parameter(
                "SharedServicesPrivSubnet2",
                Type="String",
            ))

        # SharedServicesPubSubnet1 is VPC Output
        self.SharedServicesPubSubnet1 = self.template.add_parameter(
            Parameter(
                "SharedServicesPubSubnet1",
                Type="String",
            ))

        # SharedServicesPubSubnet2 is VPC Output
        self.SharedServicesPubSubnet2 = self.template.add_parameter(
            Parameter(
                "SharedServicesPubSubnet2",
                Type="String",
            ))

        self.EksClusterVersion = self.template.add_parameter(
            Parameter(
                "EksClusterVersion",
                Type="String",
            ))

        self.WorkerNodeImageId = self.template.add_parameter(
            Parameter(
                "WorkerNodeImageId",
                Type="String",
            ))

        self.WorkerNodeKeyName = self.template.add_parameter(
            Parameter(
                "WorkerNodeKeyName",
                Type="String",
            ))

        self.WorkerNodeInstanceType = self.template.add_parameter(
            Parameter(
                "WorkerNodeInstanceType",
                Type="String",
            ))

        self.WorkerNodeASGGroupMinSize = self.template.add_parameter(
            Parameter(
                "WorkerNodeASGGroupMinSize",
                Type="String",
            ))

        self.WorkerNodeASGGroupDesiredSize = self.template.add_parameter(
            Parameter(
                "WorkerNodeASGGroupDesiredSize",
                Type="String",
            ))

        self.WorkerNodeASGGroupMaxSize = self.template.add_parameter(
            Parameter(
                "WorkerNodeASGGroupMaxSize",
                Type="String",
            ))

        self.WorkerNodeASGHealthCheckType = self.template.add_parameter(
            Parameter(
                "WorkerNodeASGHealthCheckType",
                Type="String",
            ))

        self.WorkerNodeASGHealthCheckGracePeriod = self.template.add_parameter(
            Parameter(
                "WorkerNodeASGHealthCheckGracePeriod",
                Type="String",
            ))

        self.WorkerNodeASGCoolDown = self.template.add_parameter(
            Parameter(
                "WorkerNodeASGCoolDown",
                Type="String",
            ))
コード例 #23
0
from troposphere.cloudwatch import (Alarm, MetricDimension)

from troposphere.ecs import Cluster

from troposphere.iam import (InstanceProfile, Role)

PublicCidrIp = str(ip_network(get_ip()))

t = Template()

t.set_description("community-mother-api: ECS Cluster")

t.add_parameter(
    Parameter(
        "KeyPair",
        Description="Name of an existing EC2 KeyPair to SSH",
        Type="AWS::EC2::KeyPair::KeyName",
        ConstraintDescription="must be the name of an existing EC2 KeyPair.",
    ))

t.add_parameter(Parameter("VpcId", Type="AWS::EC2::VPC::Id",
                          Description="VPC"))

t.add_parameter(
    Parameter("PublicSubnet",
              Description="PublicSubnet",
              Type="List<AWS::EC2::Subnet::Id>",
              ConstraintDescription="PublicSubnet"))

t.add_resource(
    ec2.SecurityGroup("SecurityGroup",
                      GroupDescription="Allow SSH and private network access",
コード例 #24
0
from troposphere import Parameter, Ref, Template, apigateway

template = Template()

template.add_description("Example API Gateway from Swagger")

param_source_bucket = template.add_parameter(Parameter(
    "SourceBucket",
    Type="String",
    Description="Name of the bucket where Swagger file is stored"
))

param_ile_name = template.add_parameter(Parameter(
    "FileName",
    Type="String",
    Description="Name of the Swagger file inside S3 bucket"
))

api = template.add_resource(apigateway.RestApi(
    "API",
    Description="My API",
    Name="MyAPI",
    BodyS3Location=apigateway.S3Location(
        Bucket=Ref(param_source_bucket),
        Key=Ref(param_ile_name)
    )
))

api_deployment = template.add_resource(apigateway.Deployment(
    "APIDeployment",
    RestApiId=Ref(api),
コード例 #25
0
PublicCidrIp = str(ip_network(get_ip()))

AnsiblePullCmd = \
"/usr/bin/ansible-pull -U {} {}.yml -i localhost".format( GithubAnsibleURL,
                                                            ApplicationName
                                                           )

t = Template()

t.add_description("Effective DevOps in AWS: HelloWorld web application")

t.add_parameter(
    Parameter(
        "KeyPair",
        Description="Name of an existing EC2 KeyPair to SSH",
        Type="AWS::EC2::KeyPair::KeyName",
        ConstraintDescription="must be the name of an existing EC2 KeyPair.",
    ))

t.add_resource(
    ec2.SecurityGroup(
        "SecurityGroup",
        GroupDescription="Allow SSH and TCP/{} access".format(ApplicationPort),
        SecurityGroupIngress=[
            ec2.SecurityGroupRule(
                IpProtocol="tcp",
                FromPort="22",
                ToPort="22",
                CidrIp=PublicCidrIp,
            ),
            ec2.SecurityGroupRule(
コード例 #26
0
def main(args):
    number_of_vol = 5

    t = Template()
    availability_zone = t.add_parameter(
        Parameter(
            "AvailabilityZone",
            Type="String",
            Description=
            "Availability Zone the cluster will launch into. THIS IS REQUIRED",
        ))
    volume_size = t.add_parameter(
        Parameter(
            "VolumeSize",
            Type="CommaDelimitedList",
            Description="Size of EBS volume in GB, if creating a new one"))
    volume_type = t.add_parameter(
        Parameter(
            "VolumeType",
            Type="CommaDelimitedList",
            Description="Type of volume to create either new or from snapshot")
    )
    volume_iops = t.add_parameter(
        Parameter(
            "VolumeIOPS",
            Type="CommaDelimitedList",
            Description=
            "Number of IOPS for volume type io1. Not used for other volume types.",
        ))
    ebs_encryption = t.add_parameter(
        Parameter(
            "EBSEncryption",
            Type="CommaDelimitedList",
            Description="Boolean flag to use EBS encryption for /shared volume. "
            "(Not to be used for snapshots)",
        ))
    ebs_kms_id = t.add_parameter(
        Parameter(
            "EBSKMSKeyId",
            Type="CommaDelimitedList",
            Description=
            "KMS ARN for customer created master key, will be used for EBS encryption",
        ))
    ebs_volume_id = t.add_parameter(
        Parameter("EBSVolumeId",
                  Type="CommaDelimitedList",
                  Description="Existing EBS volume Id"))
    ebs_snapshot_id = t.add_parameter(
        Parameter(
            "EBSSnapshotId",
            Type="CommaDelimitedList",
            Description=
            "Id of EBS snapshot if using snapshot as source for volume",
        ))
    ebs_vol_num = t.add_parameter(
        Parameter(
            "NumberOfEBSVol",
            Type="Number",
            Description="Number of EBS Volumes the user requested, up to %s" %
            number_of_vol,
        ))

    use_vol = [None] * number_of_vol
    use_existing_ebs_volume = [None] * number_of_vol
    v = [None] * number_of_vol

    for i in range(number_of_vol):
        if i == 0:
            create_vol = t.add_condition(
                "Vol%s_CreateEBSVolume" % (i + 1),
                Equals(Select(str(i), Ref(ebs_volume_id)), "NONE"))
        elif i == 1:
            use_vol[i] = t.add_condition("UseVol%s" % (i + 1),
                                         Not(Equals(Ref(ebs_vol_num), str(i))))
            create_vol = t.add_condition(
                "Vol%s_CreateEBSVolume" % (i + 1),
                And(Condition(use_vol[i]),
                    Equals(Select(str(i), Ref(ebs_volume_id)), "NONE")),
            )
        else:
            use_vol[i] = t.add_condition(
                "UseVol%s" % (i + 1),
                And(Not(Equals(Ref(ebs_vol_num), str(i))),
                    Condition(use_vol[i - 1])))
            create_vol = t.add_condition(
                "Vol%s_CreateEBSVolume" % (i + 1),
                And(Condition(use_vol[i]),
                    Equals(Select(str(i), Ref(ebs_volume_id)), "NONE")),
            )

        use_ebs_iops = t.add_condition(
            "Vol%s_UseEBSPIOPS" % (i + 1),
            Equals(Select(str(i), Ref(volume_type)), "io1"))
        use_vol_size = t.add_condition(
            "Vol%s_UseVolumeSize" % (i + 1),
            Not(Equals(Select(str(i), Ref(volume_size)), "NONE")))
        use_vol_type = t.add_condition(
            "Vol%s_UseVolumeType" % (i + 1),
            Not(Equals(Select(str(i), Ref(volume_type)), "NONE")))
        use_ebs_encryption = t.add_condition(
            "Vol%s_UseEBSEncryption" % (i + 1),
            Equals(Select(str(i), Ref(ebs_encryption)), "true"))
        use_ebs_kms_key = t.add_condition(
            "Vol%s_UseEBSKMSKey" % (i + 1),
            And(Condition(use_ebs_encryption),
                Not(Equals(Select(str(i), Ref(ebs_kms_id)), "NONE"))),
        )
        use_ebs_snapshot = t.add_condition(
            "Vol%s_UseEBSSnapshot" % (i + 1),
            Not(Equals(Select(str(i), Ref(ebs_snapshot_id)), "NONE")))
        use_existing_ebs_volume[i] = t.add_condition(
            "Vol%s_UseExistingEBSVolume" % (i + 1),
            Not(Equals(Select(str(i), Ref(ebs_volume_id)), "NONE")))
        v[i] = t.add_resource(
            ec2.Volume(
                "Volume%s" % (i + 1),
                AvailabilityZone=Ref(availability_zone),
                VolumeType=If(use_vol_type, Select(str(i), Ref(volume_type)),
                              "gp2"),
                Size=If(use_vol_size, Select(str(i), Ref(volume_size)), "20"),
                SnapshotId=If(use_ebs_snapshot,
                              Select(str(i), Ref(ebs_snapshot_id)), NoValue),
                Iops=If(use_ebs_iops, Select(str(i), Ref(volume_iops)),
                        NoValue),
                Encrypted=If(use_ebs_encryption,
                             Select(str(i), Ref(ebs_encryption)), NoValue),
                KmsKeyId=If(use_ebs_kms_key, Select(str(i), Ref(ebs_kms_id)),
                            NoValue),
                Condition=create_vol,
            ))

    outputs = [None] * number_of_vol
    vol_to_return = [None] * number_of_vol
    for i in range(number_of_vol):
        vol_to_return[i] = If(use_existing_ebs_volume[i],
                              Select(str(i), Ref(ebs_volume_id)), Ref(v[i]))
        if i == 0:
            outputs[i] = vol_to_return[i]
        else:
            outputs[i] = If(use_vol[i], Join(",", vol_to_return[:(i + 1)]),
                            outputs[i - 1])

    t.add_output(
        Output("Volumeids",
               Description="Volume IDs of the resulted EBS volumes",
               Value=outputs[number_of_vol - 1]))

    json_file_path = args.target_path
    output_file = open(json_file_path, "w")
    output_file.write(t.to_json())
    output_file.close()
コード例 #27
0
def main():
    """Generates the CloudFormation template"""
    template = Template()
    template.add_version('2010-09-09')
    template.add_description(
        'This template deploys an ECS cluster to the ' +
        'provided VPC and subnets using an Auto Scaling Group')

    # Parameters
    # EnvironmentName
    env_name_param = template.add_parameter(
        Parameter(
            'EnvironmentName',
            Type='String',
            Description=
            'An environment name that will be prefixed to resource names',
        ))

    # InstanceType
    instance_type_param = template.add_parameter(
        Parameter(
            'InstanceType',
            Type='String',
            Default='t2.nano',
            Description=
            'Which instance type should we use to build the ECS cluster?',
            AllowedValues=[
                't2.nano',
                't2.micro',
                't2.small',
                't2.medium',
                't2.large',
                't2.xlarge',
                't2.2xlarge',
            ],
        ))

    # ClusterSize
    cluster_size_param = template.add_parameter(
        Parameter(
            'ClusterSize',
            Type='Number',
            Description='How many ECS hosts do you want to initially deploy?',
            Default='1',
        ))

    # VPC
    template.add_parameter(
        Parameter(
            'VPC',
            Type='AWS::EC2::VPC::Id',
            Description=
            'Choose which VPC this ECS cluster should be deployed to',
        ))

    # Subnets
    subnets_param = template.add_parameter(
        Parameter(
            'Subnets',
            Type='List<AWS::EC2::Subnet::Id>',
            Description=
            'Choose which subnets this ECS cluster should be deployed to',
        ))

    # SecurityGroup
    sg_param = template.add_parameter(
        Parameter(
            'SecurityGroup',
            Type='AWS::EC2::SecurityGroup::Id',
            Description=
            'Select the Security Group to use for the ECS cluster hosts',
        ))

    # Mappings
    # AWSRegionToAMI
    template.add_mapping(
        'AWSRegionToAMI',
        {
            'us-east-1': {
                'AMI': 'ami-a58760b3'
            },
            'us-east-2': {
                'AMI': 'ami-a6e4bec3'
            },
            'us-west-1': {
                'AMI': 'ami-74cb9b14'
            },
            'us-west-2': {
                'AMI': 'ami-5b6dde3b'
            },
            'eu-west-1': {
                'AMI': 'ami-e3fbd290'
            },
            'eu-west-2': {
                'AMI': 'ami-77f6fc13'
            },
            'eu-central-1': {
                'AMI': 'ami-38dc1157'
            },
            'ap-northeast-1': {
                'AMI': 'ami-30bdce57'
            },
            'ap-southeast-1': {
                'AMI': 'ami-9f75ddfc'
            },
            'ap-southeast-2': {
                'AMI': 'ami-cf393cac'
            },
            'ca-central-1': {
                'AMI': 'ami-1b01b37f'
            },
        },
    )

    # Resources
    ecs_role = template.add_resource(
        Role(
            'ECSRole',
            Path='/',
            RoleName=Sub('${EnvironmentName}-ECSRole-${AWS::Region}'),
            AssumeRolePolicyDocument=awacs.aws.Policy(Statement=[
                awacs.aws.Statement(
                    Effect=awacs.aws.Allow,
                    Action=[awacs.aws.Action('sts', 'AssumeRole')],
                    Principal=awacs.aws.Principal('Service',
                                                  ['ec2.amazonaws.com']),
                ),
            ]),
            Policies=[
                Policy(
                    PolicyName='ecs-service',
                    PolicyDocument=awacs.aws.Policy(Statement=[
                        awacs.aws.Statement(
                            Effect=awacs.aws.Allow,
                            Action=[
                                awacs.aws.Action('ecs', 'CreateCluster'),
                                awacs.aws.Action(
                                    'ecs', 'DeregisterContainerInstance'),
                                awacs.aws.Action('ecs',
                                                 'DiscoverPollEndpoint'),
                                awacs.aws.Action('ecs', 'Poll'),
                                awacs.aws.Action('ecs',
                                                 'RegisterContainerInstance'),
                                awacs.aws.Action('ecs',
                                                 'StartTelemetrySession'),
                                awacs.aws.Action('ecs', 'Submit*'),
                                awacs.aws.Action('logs', 'CreateLogStream'),
                                awacs.aws.Action(
                                    'ecr', 'BatchCheckLayerAvailability'),
                                awacs.aws.Action('ecr', 'BatchGetImage'),
                                awacs.aws.Action('ecr',
                                                 'GetDownloadUrlForLayer'),
                                awacs.aws.Action('ecr',
                                                 'GetAuthorizationToken'),
                            ],
                            Resource=['*'],
                        ),
                    ], ),
                ),
            ],
        ))

    ecs_instance_profile = template.add_resource(
        InstanceProfile(
            'ECSInstanceProfile',
            Path='/',
            Roles=[Ref(ecs_role)],
        ))

    # ECSCluster
    ecs_cluster = template.add_resource(
        Cluster(
            'ECSCluster',
            ClusterName=Ref(env_name_param),
        ))

    instance_metadata = Metadata(
        Init({
            'config':
            InitConfig(
                commands={
                    '01_add_instance_to_cluster': {
                        'command':
                        Join('', [
                            '#!/bin/bash\n', 'echo ECS_CLUSTER=',
                            Ref(ecs_cluster), ' >> /etc/ecs/ecs.config'
                        ])
                    },
                },
                files=InitFiles({
                    '/etc/cfn/cfn-hup.conf':
                    InitFile(
                        mode='000400',
                        owner='root',
                        group='root',
                        content=Join('', [
                            '[main]\n', 'stack=',
                            Ref('AWS::StackId'), '\n', 'region=',
                            Ref('AWS::Region'), '\n'
                        ]),
                    ),
                    '/etc/cfn/hooks.d/cfn-auto-reloader.conf':
                    InitFile(
                        mode='000400',
                        owner='root',
                        group='root',
                        content=Join('', [
                            '[cfn-auto-reloader-hook]\n',
                            'triggers=post.update\n',
                            'path=Resources.ContainerInstances.Metadata.AWS::CloudFormation::Init\n'
                            'action=/opt/aws/bin/cfn-init -v --region ',
                            Ref('AWS::Region'), ' --stack ',
                            Ref('AWS::StackId'),
                            ' --resource ECSLaunchConfiguration\n'
                        ]),
                    )
                }),
                services=InitServices({
                    'cfn-hup':
                    InitService(enabled='true',
                                ensureRunning='true',
                                files=[
                                    '/etc/cfn/cfn-hup.conf',
                                    '/etc/cfn/hooks.d/cfn-auto-reloader.conf'
                                ])
                }),
            )
        }))

    ecs_launch_config = template.add_resource(
        LaunchConfiguration(
            'ECSLaunchConfiguration',
            ImageId=FindInMap('AWSRegionToAMI', Ref('AWS::Region'), 'AMI'),
            InstanceType=Ref(instance_type_param),
            SecurityGroups=[Ref(sg_param)],
            IamInstanceProfile=Ref(ecs_instance_profile),
            UserData=Base64(
                Join('', [
                    '#!/bin/bash\n',
                    'yum install -y aws-cfn-bootstrap\n',
                    '/opt/aws/bin/cfn-init -v --region ',
                    Ref('AWS::Region'),
                    ' --stack ',
                    Ref('AWS::StackName'),
                    ' --resource ECSLaunchConfiguration\n',
                    '/opt/aws/bin/cfn-signal -e $? --region ',
                    Ref('AWS::Region'),
                    ' --stack ',
                    Ref('AWS::StackName'),
                    ' --resource ECSAutoScalingGroup\n',
                ])),
            Metadata=instance_metadata,
        ))

    # ECSAutoScalingGroup:
    template.add_resource(
        AutoScalingGroup(
            'ECSAutoScalingGroup',
            VPCZoneIdentifier=Ref(subnets_param),
            LaunchConfigurationName=Ref(ecs_launch_config),
            MinSize=Ref(cluster_size_param),
            MaxSize=Ref(cluster_size_param),
            DesiredCapacity=Ref(cluster_size_param),
            Tags=ASTags(Name=(Sub('${EnvironmentName} ECS host'), True)),
            CreationPolicy=CreationPolicy(
                ResourceSignal=ResourceSignal(Timeout='PT15M'), ),
            UpdatePolicy=UpdatePolicy(
                AutoScalingRollingUpdate=AutoScalingRollingUpdate(
                    MinInstancesInService='1',
                    MaxBatchSize='1',
                    PauseTime='PT15M',
                    WaitOnResourceSignals=True,
                )),
        ))

    # Output
    template.add_output(
        Output(
            'Cluster',
            Description='A reference to the ECS cluster',
            Value=Ref(ecs_cluster),
        ))
    print(template.to_json())
コード例 #28
0
ファイル: VPC_2x_AZ.py プロジェクト: evrobert/aws-cfn-control
from troposphere.ec2 import VPC
from troposphere.ec2 import Subnet
from troposphere.ec2 import EIP
from troposphere.ec2 import VPCGatewayAttachment
from troposphere.ec2 import SecurityGroup


t = Template()

t.add_description("""\
This template deploys a VPC, with a pair of public and private subnets spread across two Availability Zones. It deploys an Internet Gateway, with a default route on the public subnets. It deploys a pair of NAT Gateways (one in each AZ), and default routes for them in the private subnets.""")


EnvironmentName = t.add_parameter(Parameter(
    "EnvironmentName",
    Type="String",
    Default="vpc-stack",
    Description="An environment name that will be prefixed to resource names",
))

PrivateSubnet1CIDR = t.add_parameter(Parameter(
    "PrivateSubnet1CIDR",
    Default="10.192.20.0/24",
    Type="String",
    Description="Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone",
))

PrivateSubnet2CIDR = t.add_parameter(Parameter(
    "PrivateSubnet2CIDR",
    Default="10.192.21.0/24",
    Type="String",
    Description="Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone",
コード例 #29
0
                          FromPort="22",
                          ToPort="22",
                          CidrIp="0.0.0.0/0"),
    ec2.SecurityGroupRule(IpProtocol="tcp",
                          FromPort="80",
                          ToPort="80",
                          CidrIp="0.0.0.0/0")
]

t.add_resource(sg)

# This is the keypair that CloudFormation will ask you about when launching the stack
keypair = t.add_parameter(
    Parameter(
        "KeyName",
        Description=
        "Name of the SSH key pair that will be used to access the instance",
        Type="String",
    ))

ud = Base64(
    Join('\n', [
        "#!/bin/bash", "sudo yum -y install apache",
        "chown -R ec2-user /var/www/html"
        "echo '<html><body><h1>Welcome to DevOps on AWS</h1></body></html>' > /var/www/html/test.html",
        "sudo service apache start", "sudo chkconfig apache on"
    ]))

instance = ec2.Instance("Webserver")
instance.ImageId = "ami-e689729e"
instance.InstanceType = "t2.micro"
instance.SecurityGroups = [Ref(sg)]
コード例 #30
0
ファイル: ecs.py プロジェクト: thibeault/CloudFormation

t = Template()
t.add_version('2010-09-09')

t.add_mapping('RegionMap', data["RegionMap"])


t.add_description("""\
AWS CloudFormation ECS Cluster\
""")

# Parameters
ecsClusterName_param = t.add_parameter(Parameter(
    "ECSClusterName",
    Description="ECS Cluster Name",
    Default=data['ClusterInfo']['Name'],
    Type="String"
))


# Creating the ECS Cluster (using the name provided when running CloudFormation.
ECSCluster = t.add_resource(Cluster(
    'ECSCluster',
    ClusterName=Ref(ecsClusterName_param),
))


# Policy Amazon EC2 Container Registry - Enable our ECS Cluster to work with the ECR
PolicyEcr = t.add_resource(PolicyType(
    'PolicyEcr',
    PolicyName='EcrPolicy',
コード例 #31
0
ファイル: domain.py プロジェクト: dchukhin/aws-web-stacks
from troposphere import Equals, Join, Parameter, Ref

from .template import template

domain_name = Ref(
    template.add_parameter(
        Parameter(
            "DomainName",
            Description="The fully-qualified domain name for the application.",
            Type="String",
        ),
        group="Global",
        label="Domain Name",
    ))

domain_name_alternates = Ref(
    template.add_parameter(
        Parameter(
            "DomainNameAlternates",
            Description=
            "A comma-separated list of Alternate FQDNs to be included in "
            "the Subject Alternative Name extension of the SSL certificate.",
            Type="CommaDelimitedList",
        ),
        group="Global",
        label="Alternate Domain Names",
    ))

no_alt_domains = "NoAlternateDomains"
template.add_condition(
    no_alt_domains,
コード例 #32
0
from troposphere.dynamodb import (Key, AttributeDefinition,
                                  ProvisionedThroughput, Projection)
from troposphere.dynamodb import Table, GlobalSecondaryIndex

template = Template()

template.add_description("Create a dynamodb table with a global secondary "
                         "index")
# N.B. If you remove the provisioning section this works for
# LocalSecondaryIndexes aswell.

readunits = template.add_parameter(
    Parameter("ReadCapacityUnits",
              Description="Provisioned read throughput",
              Type="Number",
              Default="10",
              MinValue="5",
              MaxValue="10000",
              ConstraintDescription="should be between 5 and 10000"))

writeunits = template.add_parameter(
    Parameter("WriteCapacityUnits",
              Description="Provisioned write throughput",
              Type="Number",
              Default="5",
              MinValue="5",
              MaxValue="10000",
              ConstraintDescription="should be between 5 and 10000"))

tableIndexName = template.add_parameter(
    Parameter(
コード例 #33
0
ファイル: test_basic.py プロジェクト: bwhaley/troposphere
    def test_property_default(self):
        p = Parameter("param", Type="String", Default="foo")
        p.validate()

        p = Parameter("param", Type="Number", Default=1)
        p.validate()

        p = Parameter("param", Type="Number", Default=1.0)
        p.validate()

        p = Parameter("param", Type="Number", Default=0.1)
        p.validate()

        p = Parameter("param", Type="List<Number>", Default="1, 2, 3")
        p.validate()

        p = Parameter("param", Type="List<Number>", Default=" 0.1 , 2 , 1.1 ")
        p.validate()

        with self.assertRaises(ValueError):
            p = Parameter("param", Type="String", Default=1)
            p.validate()

        with self.assertRaises(ValueError):
            p = Parameter("param", Type="Number", Default="foo")
            p.validate()

        with self.assertRaises(TypeError):
            p = Parameter("param", Type="Number", Default=["foo"])
            p.validate()

        with self.assertRaises(ValueError):
            p = Parameter("param", Type="List<Number>", Default="foo")
            p.validate()

        with self.assertRaises(ValueError):
            p = Parameter("param", Type="List<Number>", Default="1, 2, foo")
            p.validate()

        with self.assertRaises(TypeError):
            p = Parameter("param", Type="List<Number>", Default=["1", "2"])
            p.validate()
コード例 #34
0
# now the work begins
t = Template()

t.add_version("2010-09-09")

t.add_description("""\
CloudFormation template to Deploy Hortonworks Data Platform on VPC with a public subnet"""
                  )

## Parameters

AmbariInstanceType = t.add_parameter(
    Parameter(
        "AmbariInstanceType",
        Default="m3.large",
        ConstraintDescription="Must be a valid EC2 instance type.",
        Type="String",
        Description="Instance type for Ambari node",
    ))

WorkerInstanceCount = t.add_parameter(
    Parameter(
        "WorkerInstanceCount",
        Default="2",
        Type="Number",
        MaxValue="99",
        MinValue="1",
        Description="Number of Worker instances",
    ))

MasterInstanceCount = t.add_parameter(
コード例 #35
0
ファイル: test_basic.py プロジェクト: gscalise/troposphere
    def test_property_validator(self):
        p = Parameter("BasicString", Type="String", MaxLength=10)
        p.validate()

        p = Parameter("BasicString", Type="String", MaxValue=10)
        with self.assertRaises(ValueError):
            p.validate()

        p = Parameter("BasicNumber", Type="Number", MaxValue=10)
        p.validate()

        p = Parameter("BasicNumber", Type="Number", AllowedPattern=".*")
        with self.assertRaises(ValueError):
            p.validate()
コード例 #36
0
from troposphere import Ref, Template, Parameter, Output
from troposphere.ec2 import SecurityGroup
import troposphere.ec2 as ec2
template = Template()

keyname_param = template.add_parameter(
    Parameter(
        "KeyName",
        Description="EC2 Keypair",
        Type="String",
    ))
securityGroup_param = template.add_parameter(
    Parameter("SecurityGroup", Description="Security Group ID", Type="String"))
ec2_instance = template.add_resource(
    Instance(
        'JordansInstance',
        ImageId='ami-ebed508f',
        InstanceType='t2.micro',
        KeyName=Ref(keyname_param),
    ))
template.add_output([
    Output("InstanceId",
           Description="InstanceID of EC2 instance",
           Value=Ref(ec2_instance))
])
print(template.to_json())