Use security groups in the multi-instance wp template
This commit is contained in:
parent
d41193cbff
commit
3cbb97ad00
@ -151,6 +151,10 @@
|
|||||||
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
|
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
|
||||||
"InstanceType" : { "Ref" : "InstanceType" },
|
"InstanceType" : { "Ref" : "InstanceType" },
|
||||||
"KeyName" : { "Ref" : "KeyName" },
|
"KeyName" : { "Ref" : "KeyName" },
|
||||||
|
"SecurityGroups" : [
|
||||||
|
{"Ref" : "AdminAccessSecurityGroup"},
|
||||||
|
{"Ref" : "WebServerSecurityGroup"}
|
||||||
|
],
|
||||||
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
|
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
|
||||||
"#!/bin/bash -v\n",
|
"#!/bin/bash -v\n",
|
||||||
"sed --in-place --e s/database_name_here/", { "Ref" : "DBName" }, "/ --e s/username_here/", { "Ref" : "DBUsername" }, "/ --e s/password_here/", { "Ref" : "DBPassword" }, "/ --e s/DB_HOST/", "/ /usr/share/wordpress/wp-config.php\n",
|
"sed --in-place --e s/database_name_here/", { "Ref" : "DBName" }, "/ --e s/username_here/", { "Ref" : "DBUsername" }, "/ --e s/password_here/", { "Ref" : "DBPassword" }, "/ --e s/DB_HOST/", "/ /usr/share/wordpress/wp-config.php\n",
|
||||||
@ -184,6 +188,10 @@
|
|||||||
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
|
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
|
||||||
"InstanceType" : { "Ref" : "InstanceType" },
|
"InstanceType" : { "Ref" : "InstanceType" },
|
||||||
"KeyName" : { "Ref" : "KeyName" },
|
"KeyName" : { "Ref" : "KeyName" },
|
||||||
|
"SecurityGroups" : [
|
||||||
|
{"Ref" : "AdminAccessSecurityGroup"},
|
||||||
|
{"Ref" : "MySQLSecurityGroup"}
|
||||||
|
],
|
||||||
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
|
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
|
||||||
"#!/bin/bash -v\n",
|
"#!/bin/bash -v\n",
|
||||||
"# Wait for the EBS volume to show up\n",
|
"# Wait for the EBS volume to show up\n",
|
||||||
@ -216,6 +224,37 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
|
"AdminAccessSecurityGroup" : {
|
||||||
|
"Type" : "AWS::EC2::SecurityGroup",
|
||||||
|
"Properties" : {
|
||||||
|
"GroupDescription" : "Enable ICMP and SSH",
|
||||||
|
"SecurityGroupIngress" : [
|
||||||
|
{"IpProtocol" : "icmp", "FromPort" : "-1", "ToPort" : "-1", "CidrIp" : "0.0.0.0/0"},
|
||||||
|
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0"}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
|
||||||
|
"WebServerSecurityGroup" : {
|
||||||
|
"Type" : "AWS::EC2::SecurityGroup",
|
||||||
|
"Properties" : {
|
||||||
|
"GroupDescription" : "Enable HTTP access via port 80",
|
||||||
|
"SecurityGroupIngress" : [
|
||||||
|
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0"}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
|
||||||
|
"MySQLSecurityGroup" : {
|
||||||
|
"Type" : "AWS::EC2::SecurityGroup",
|
||||||
|
"Properties" : {
|
||||||
|
"GroupDescription" : "Enable MySQL access via port 3306",
|
||||||
|
"SecurityGroupIngress" : [
|
||||||
|
{"IpProtocol" : "tcp", "FromPort" : "3306", "ToPort" : "3306", "CidrIp" : "0.0.0.0/0"}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
|
||||||
"DataVolume" : {
|
"DataVolume" : {
|
||||||
"Type" : "AWS::EC2::Volume",
|
"Type" : "AWS::EC2::Volume",
|
||||||
"Properties" : {
|
"Properties" : {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user