forked from AHinMaine/AWSCloudFormation-samples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathAWSCloudFormer.template
112 lines (102 loc) · 3.74 KB
/
AWSCloudFormer.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "AWS CloudFormer Beta - template creation prototype application. This tool allows you to create an AWS CloudFormation template from the AWS resources in your AWS account. **Warning** This template creates a single t1.micro instance in your account to run the application - you will be billed for the instance at normal AWS EC2 rates for the t1.micro.",
"Parameters" : {
"AccessControl" : {
"Description" : " The IP address range that can be used to access the CloudFormer tool. NOTE: We highly recommend that you specify a customized address range to lock down the tool.",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings" : {
"RegionMap" : {
"us-east-1" : { "AMI" : "ami-21341f48" },
"us-west-2" : { "AMI" : "ami-d6096ee6" },
"us-west-1" : { "AMI" : "ami-ec7c4fa9" },
"eu-west-1" : { "AMI" : "ami-26688051" },
"ap-southeast-1" : { "AMI" : "ami-c0356292" },
"ap-northeast-1" : { "AMI" : "ami-7d1a777c" },
"ap-southeast-2" : { "AMI" : "ami-cd1b84f7" },
"sa-east-1" : { "AMI" : "ami-592d8c44" },
"us-gov-west-1" : { "AMI" : "ami-23c1a500" }
}
},
"Resources" : {
"CFNRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [{
"Effect": "Allow",
"Principal": { "Service": [ "ec2.amazonaws.com" ] },
"Action": [ "sts:AssumeRole" ]
}]
},
"Path": "/"
}
},
"CFNRolePolicy": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "CloudFormerPolicy",
"PolicyDocument": {
"Statement": [ {
"Effect": "Allow",
"Action" : [
"autoscaling:Describe*",
"cloudfront:List*",
"cloudwatch:Describe*",
"dynamodb:List*", "dynamodb:Describe*",
"ec2:Describe*",
"elasticloadbalancing:Describe*",
"elasticache:Describe*",
"rds:Describe*", "rds:List*",
"route53:List*",
"s3:List*", "s3:Get*", "s3:PutObject",
"sdb:Get*", "sdb:List*",
"sns:Get*", "sns:List*",
"sqs:Get*", "sqs:List*"
],
"Resource": "*"
} ]
},
"Roles": [ { "Ref": "CFNRole" } ]
}
},
"CFNInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ { "Ref": "CFNRole" } ]
}
},
"WebServer" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"InstanceType" : "t1.micro",
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
"IamInstanceProfile" : { "Ref" : "CFNInstanceProfile" }
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable Access via port 80",
"SecurityGroupIngress" : [
{ "IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : {"Ref" : "AccessControl"}}
]
}
}
},
"Outputs" : {
"URL" : {
"Description" : "AWS CloudFormer Prototype URL. Use this endpoint to create templates from your account.",
"Value" : { "Fn::Join" : ["", [ "http://", { "Fn::GetAtt" : [ "WebServer", "PublicDnsName" ] } ]]}
}
}
}