Challenge Question: Automating Infrastructure Deployment on AWS
This weeks Challenge is to create AWS Cloud Resources using a Cloudformation template and CLI tools.
The Resources Created are:
- A VPC with a public and Private Subnet
- An internet Gateway
- A security Group
- An EC2 instance that boots up with a sample web application
The CloudFormation Template
we would be using a .yaml file template
Start Creating the stack with
AWSTemplateFormatVersion: '2010-09-09' Description: CloudForce 004 Resources: Now we are going to specify the resources
To Create a VPC
- The Properties specified are for the CIDR Block and enabling DNS with the name of the VPC as CloudForceVPC
CloudForceVPC: Type: AWS::EC2::VPC Properties: CidrBlock: 172.16.0.0/16 EnableDnsSupport: true EnableDnsHostnames: true Tags: - Key: Name Value: CloudForceVPC My key pair
MyKeyPair: Type: AWS::EC2::KeyPair Properties: KeyName: my-key-pair The Subnets
- My public and Private divided into 2 cidr blocks and AZs of US-East-1a.
- Also references from the Created VPC
CloudForcePublic: Type: AWS::EC2::Subnet Properties: VpcId: !Ref CloudForceVPC CidrBlock: 172.16.0.0/20 AvailabilityZone: us-east-1a MapPublicIpOnLaunch: true Tags: - Key: Name Value: CloudForcePublic CloudForcePrivate: Type: AWS::EC2::Subnet Properties: VpcId: !Ref CloudForceVPC CidrBlock: 172.16.128.0/20 AvailabilityZone: us-east-1a MapPublicIpOnLaunch: false Tags: - Key: Name Value: CloudForcePrivate The Internet Gateway
InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: CloudForceIG Attach the Internet Gateway
AttachGateway: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: !Ref CloudForceVPC InternetGatewayId: !Ref InternetGateway Create a route table
RouteTablePublic: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref CloudForceVPC Tags: - Key: Name Value: PublicRouteTable Create a Public Route
PublicRoute1: Type: AWS::EC2::Route Properties: RouteTableId: !Ref RouteTablePublic DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref InternetGateway Associate the Route to the public subnet
AssociatePublic1: Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref CloudForcePublic RouteTableId: !Ref RouteTablePublic Now Create the Instance
MyInstance: Type: AWS::EC2::Instance Properties: ImageId: ami-02396cdd13e9a1257 InstanceType: t2.micro SecurityGroupIds: - !Ref InstanceSecurityGroup KeyName: my-key-pair UserData: !Base64 | #!/bin/bash yum update -y yum install -y httpd git systemctl start httpd systemctl enable httpd cd /var/www/html rm -rf * git clone https://github.com/lewisawe/cloudForceWebSawe.git . systemctl restart httpd Tags: - Key: Name Value: CloudForceEC2 With the Instance security Group
InstanceSecurityGroup: Type: 'AWS::EC2::SecurityGroup' Properties: GroupDescription: Enable SSH and HTTP access via port 22 and SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: 80 ToPort: 80 CidrIp: 0.0.0.0/0 Deploy the template with CLI
aws cloudformation create-stack --stack-name CloudForceStack --template-body file://CloudForce/challenge004/challenge.yaml Confirm it works
Delete The stack
aws cloudformation delete-stack \ --stack-name CloudForceStack References
GitHub Cloudformation Template
https://github.com/lewisawe/CloudForce/blob/main/challenge004
Sample CloudForce Sky Website Code
Top comments (0)