This repository has been archived by the owner on Sep 25, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #62 from speee/cloud_formation
CloudFormation for Revieee
- Loading branch information
Showing
109 changed files
with
227 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes
File renamed without changes
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,219 @@ | ||
AWSTemplateFormatVersion: "2010-09-09" | ||
Description: revieee development settings | ||
Resources: | ||
|
||
# VPC | ||
## VPC Base | ||
RevieeeVPC: | ||
Type: AWS::EC2::VPC | ||
Properties: | ||
CidrBlock: 10.1.0.0/16 | ||
EnableDnsSupport: "true" | ||
EnableDnsHostnames: "true" | ||
InstanceTenancy: default | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeDevelopmentVPC | ||
## Revieee Internet Gateway | ||
RevieeeIGW: | ||
Type: AWS::EC2::InternetGateway | ||
Properties: | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeIGW | ||
## Attach Internet Gateway To VPC | ||
AttachIGWtoVPC: | ||
Type: AWS::EC2::VPCGatewayAttachment | ||
Properties: | ||
InternetGatewayId: !Ref RevieeeIGW | ||
VpcId: !Ref RevieeeVPC | ||
|
||
# Subnet | ||
## Webhook Server | ||
### Subnet 1a | ||
RevieeeAppSubnet1a: | ||
Type: AWS::EC2::Subnet | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
AvailabilityZone: ap-northeast-1a | ||
CidrBlock: 10.1.192.0/26 | ||
MapPublicIpOnLaunch: true | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeAppSubnet1a | ||
### Subnet 1c | ||
RevieeeAppSubnet1c: | ||
Type: AWS::EC2::Subnet | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
AvailabilityZone: ap-northeast-1c | ||
CidrBlock: 10.1.192.64/26 | ||
MapPublicIpOnLaunch: true | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeAppSubnet1c | ||
## ECS Container Instance | ||
### Subnet1a | ||
ContainerInstanceSubnet1a: | ||
Type: AWS::EC2::Subnet | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
AvailabilityZone: ap-northeast-1a | ||
CidrBlock: 10.1.194.0/26 | ||
MapPublicIpOnLaunch: true | ||
Tags: | ||
- Key: Name | ||
Value: ContainerInstanceSubnet1a | ||
### Subnet1c | ||
ContainerInstanceSubnet1c: | ||
Type: AWS::EC2::Subnet | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
AvailabilityZone: ap-northeast-1c | ||
CidrBlock: 10.1.194.64/26 | ||
MapPublicIpOnLaunch: true | ||
Tags: | ||
- Key: Name | ||
Value: ContainerInstanceSubnet1c | ||
# Route Table | ||
## Public Route Table | ||
PublicRouteTable: | ||
Type: AWS::EC2::RouteTable | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
Tags: | ||
- Key: Name | ||
Value: PublicRouteTable | ||
RouteAddInternet: | ||
Type: AWS::EC2::Route | ||
Properties: | ||
DestinationCidrBlock: "0.0.0.0/0" | ||
GatewayId: !Ref RevieeeIGW | ||
RouteTableId: !Ref PublicRouteTable | ||
### App Server Route Table Association | ||
AssociateAppSubnet1aToPublicRouteTable: | ||
Type: AWS::EC2::SubnetRouteTableAssociation | ||
Properties: | ||
RouteTableId: !Ref PublicRouteTable | ||
SubnetId: !Ref RevieeeAppSubnet1a | ||
AssociateAppSubnet1cToPublicRouteTable: | ||
Type: AWS::EC2::SubnetRouteTableAssociation | ||
Properties: | ||
RouteTableId: !Ref PublicRouteTable | ||
SubnetId: !Ref RevieeeAppSubnet1c | ||
### Container Instance Route Table Association | ||
AssociateContainerInstanceSubnet1aToPublicRouteTable: | ||
Type: AWS::EC2::SubnetRouteTableAssociation | ||
Properties: | ||
RouteTableId: !Ref PublicRouteTable | ||
SubnetId: !Ref ContainerInstanceSubnet1a | ||
AssociateContainerInstanceSubnet1cToPublicRouteTable: | ||
Type: AWS::EC2::SubnetRouteTableAssociation | ||
Properties: | ||
RouteTableId: !Ref PublicRouteTable | ||
SubnetId: !Ref ContainerInstanceSubnet1c | ||
|
||
# SecurityGroup | ||
## AppServer Security Group | ||
RevieeeAppServerSecurityGroup: | ||
Type: AWS::EC2::SecurityGroup | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
GroupDescription: "Security Group for Revieee App Server" | ||
SecurityGroupIngress: | ||
- IpProtocol: tcp | ||
FromPort: 80 | ||
ToPort: 80 | ||
CidrIp: !Ref AcceptCidrIp | ||
- IpProtocol: tcp | ||
FromPort: 443 | ||
ToPort: 443 | ||
CidrIp: !Ref AcceptCidrIp | ||
- IpProtocol: tcp | ||
FromPort: !Ref SSHPort | ||
ToPort: !Ref SSHPort | ||
CidrIp: !Ref AcceptCidrIp | ||
GroupName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeAppServerSecurityGroup ] ] | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeAppServerSecurityGroup | ||
|
||
## ECS Container Instance | ||
ContainerInstanceSecurityGroup: | ||
Type: AWS::EC2::SecurityGroup | ||
Properties: | ||
VpcId: !Ref RevieeeVPC | ||
GroupDescription: "Security Group for Revieee Container Instance" | ||
SecurityGroupIngress: | ||
- IpProtocol: tcp | ||
FromPort: 32768 | ||
ToPort: 61000 | ||
SourceSecurityGroupId: !Ref RevieeeAppServerSecurityGroup | ||
- IpProtocol: tcp | ||
FromPort: !Ref SSHPort | ||
ToPort: !Ref SSHPort | ||
CidrIp: !Ref AcceptCidrIp | ||
GroupName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeContainerInstanceSecurityGroup ] ] | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeContainerInstanceSecurityGroup | ||
|
||
EcsCluster: | ||
Type: AWS::ECS::Cluster | ||
Properties: | ||
ClusterName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeCluster ] ] | ||
|
||
EndpointInstanceIamRole: | ||
Type: AWS::IAM::Role | ||
Properties: | ||
AssumeRolePolicyDocument: | ||
Version: 2012-10-17 | ||
Statement: | ||
- | ||
Effect: Allow | ||
Principal: | ||
Service: | ||
- ec2.amazonaws.com | ||
Action: | ||
- sts:AssumeRole | ||
RoleName: !Join [ "-", [ !Ref "AWS::StackName", RevieeeEndpointInstanceIamRole ] ] | ||
|
||
EndpointInstanceProfile: | ||
Type: AWS::IAM::InstanceProfile | ||
Properties: | ||
Roles: | ||
- !Ref EndpointInstanceIamRole | ||
|
||
EndpointInstance: | ||
Type: AWS::EC2::Instance | ||
Properties: | ||
IamInstanceProfile: !Ref EndpointInstanceProfile | ||
ImageId: ami-923d12f5 | ||
InstanceType: t2.micro | ||
KeyName: !If [ SSHKeySpecified, !Ref SSHKey, !Ref "AWS::NoValue" ] | ||
SecurityGroupIds: | ||
- !GetAtt RevieeeAppServerSecurityGroup.GroupId | ||
SubnetId: !Ref RevieeeAppSubnet1c | ||
Tags: | ||
- Key: Name | ||
Value: RevieeeEndpointInstance | ||
# UserData: [TODO] run itamae | ||
|
||
# Parameter | ||
Parameters: | ||
SSHPort: | ||
Default: 22 | ||
Type: Number | ||
SSHKey: | ||
Default: "" | ||
Type: String | ||
AcceptCidrIp: | ||
Type: String | ||
|
||
Conditions: | ||
SSHKeySpecified: | ||
!Not [ !Equals [ !Ref SSHKey, "" ] ] | ||
|
||
Outputs: | ||
EcsClusterName: | ||
Value: !Ref EcsCluster |