TemplateFormatVersion" : "2010-09-09", "Description": "Sample template to bring up WordPress using the Puppet client to install server roles. A WaitCondition is used to hold up the stack creation until the application is deployed. **WARNING** This template creates one or more Amazon EC2 instances and CloudWatch alarms. You will be billed for the AWS resources used if you create a stack from this template.", "Parameters" : { "KeyName": { "Type": "String", "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server" }, "PuppetClientSecurityGroup": { "Description" : "The EC2 security group for the instances", "Type": "String" }, "PuppetMasterDNSName": { "Description" : "The PuppetMaster DNS name", "Type": "String" }, "InstanceType" : { "Description" : "WebServer EC2 instance type", "Type" : "String", "Default" : "m1.small", "AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"], "ConstraintDescription" : "must be a valid EC2 instance type." }, "DatabaseType": { "Default": "db.m1.small", "Description" : "The database instance type", "Type": "String", "AllowedValues" : [ "db.m1.small", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ], "ConstraintDescription" : "must contain only alphanumeric characters." }, "DatabaseUser": { "Default" : "admin", "NoEcho": "true", "Type": "String", "Description" : "Test database admin account name", "MinLength": "1", "MaxLength": "16", "AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*", "ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters." }, "DatabasePassword": { "Default" : "admin", "NoEcho": "true", "Type": "String", "Description" : "Test database admin account password", "MinLength": "1", "MaxLength": "41", "AllowedPattern" : "[a-zA-Z0-9]*", "ConstraintDescription" : "must contain only alphanumeric characters." } }, "Mappings" : { "AWSInstanceType2Arch" : { "t1.micro" : { "Arch" : "64" }, "m1.small" : { "Arch" : "64" }, "m1.medium" : { "Arch" : "64" }, "m1.large" : { "Arch" : "64" }, "m1.xlarge" : { "Arch" : "64" }, "m2.xlarge" : { "Arch" : "64" }, "m2.2xlarge" : { "Arch" : "64" }, "m2.4xlarge" : { "Arch" : "64" }, "c1.medium" : { "Arch" : "64" }, "c1.xlarge" : { "Arch" : "64" }, "cc1.4xlarge" : { "Arch" : "64HVM" }, "cc2.8xlarge" : { "Arch" : "64HVM" }, "cg1.4xlarge" : { "Arch" : "64HVM" } }, "AWSRegionArch2AMI" : { "us-east-1" : { "32" : "ami-31814f58", "64" : "ami-1b814f72", "64HVM" : "ami-0da96764" }, "us-west-2" : { "32" : "ami-38fe7308", "64" : "ami-30fe7300", "64HVM" : "NOT_YET_SUPPORTED" }, "us-west-1" : { "32" : "ami-11d68a54", "64" : "ami-1bd68a5e", "64HVM" : "NOT_YET_SUPPORTED" }, "eu-west-1" : { "32" : "ami-973b06e3", "64" : "ami-953b06e1", "64HVM" : "NOT_YET_SUPPORTED" }, "ap-southeast-1" : { "32" : "ami-b4b0cae6", "64" : "ami-beb0caec", "64HVM" : "NOT_YET_SUPPORTED" }, "ap-northeast-1" : { "32" : "ami-0644f007", "64" : "ami-0a44f00b", "64HVM" : "NOT_YET_SUPPORTED" }, "sa-east-1" : { "32" : "ami-3e3be423", "64" : "ami-3c3be421", "64HVM" : "NOT_YET_SUPPORTED" } } }, "Resources" : { "CFNInitUser" : { "Type" : "AWS::IAM::User", "Properties" : { "Policies": [{ "PolicyName": "AccessForCFNInit", "PolicyDocument" : { "Statement": [{ "Effect" : "Allow", "Action" : "cloudformation:DescribeStackResource", "Resource" : "*" }] } }] } }, "CFNKeys" : { "Type" : "AWS::IAM::AccessKey", "Properties" : { "UserName" : { "Ref": "CFNInitUser" } } }, "WebServer": { "Type": "AWS::EC2::Instance", "Metadata" : { "AWS::CloudFormation::Init" : { "config" : { "packages" : { "yum" : { "puppet" : [], "ruby-devel" : [], "gcc" : [], "make" : [], "rubygems" : [] }, "rubygems" : { "json" : [] } }, "files" : { "/etc/yum.repos.d/epel.repo" : { "source" : "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami", "mode" : "000644", "owner" : "root", "group" : "root" }, "/etc/puppet/puppet.conf" : { "content" : { "Fn::Join" : ["", [ "[main]\n", " logdir=/var/log/puppet\n", " rundir=/var/run/puppet\n", " ssldir=$vardir/ssl\n", " pluginsync=true\n", "[agent]\n", " classfile=$vardir/classes.txt\n", " localconfig=$vardir/localconfig\n", " server=",{ "Ref" : "PuppetMasterDNSName" },"\n" ]] }, "mode" : "000644", "owner" : "root", "group" : "root" } }, "services" : { "sysvinit" : { "puppet" : { "enabled" : "true", "ensureRunning" : "true" } } } } }, "Puppet" : { "roles" : [ "wordpress" ], "host" : {"Fn::GetAtt" : ["WordPressDatabase", "Endpoint.Address"]}, "database" : "WordPressDB", "user" : {"Ref" : "DatabaseUser"}, "password" : {"Ref" : "DatabasePassword" } } }, "Properties": { "SecurityGroups": [ { "Ref": "PuppetClientSecurityGroup" }, { "Ref" : "EC2SecurityGroup" } ], "ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSInstanceType2Arch", { "Ref": "InstanceType" }, "Arch" ] } ] }, "UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ "#!/bin/bash\n", "yum update -y aws-cfn-bootstrap\n", "/opt/aws/bin/cfn-init --region ", { "Ref" : "AWS::Region" }, " -s ", { "Ref" : "AWS::StackName" }, " -r WebServer ", " --access-key ", { "Ref" : "CFNKeys" }, " --secret-key ", { "Fn::GetAtt" : ["CFNKeys", "SecretAccessKey"]}, "\n", "/opt/aws/bin/cfn-signal -e $? '", { "Ref" : "ApplicationWaitHandle" }, "'\n" ]]}}, "KeyName": { "Ref": "KeyName" }, "InstanceType": { "Ref": "InstanceType" } } }, "EC2SecurityGroup" : { "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "GroupDescription" : "Enable HTTP access for Wordpress plus SSH access via port 22", "SecurityGroupIngress" : [ {"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" }, {"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0" } ] } }, "ApplicationWaitHandle" : { "Type" : "AWS::CloudFormation::WaitConditionHandle" }, "ApplicationWaitCondition" : { "Type" : "AWS::CloudFormation::WaitCondition", "DependsOn" : "WebServer", "Properties" : { "Handle" : { "Ref" : "ApplicationWaitHandle" }, "Timeout" : "600" } }, "WordPressDatabase" : { "Type" : "AWS::RDS::DBInstance", "Properties" : { "AllocatedStorage" : "5", "DBName" : "WordPressDB", "Engine" : "MySQL", "DBInstanceClass" : { "Ref" : "DatabaseType" }, "DBSecurityGroups" : [ { "Ref": "DBSecurityGroup" } ], "MasterUsername" : { "Ref" : "DatabaseUser" }, "MasterUserPassword" : { "Ref" : "DatabasePassword" } } }, "DBSecurityGroup": { "Type": "AWS::RDS::DBSecurityGroup", "Properties": { "DBSecurityGroupIngress": { "EC2SecurityGroupName": { "Ref": "EC2SecurityGroup" } }, "GroupDescription": "database access" } } }, "Outputs": { "WebsiteURL": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "WebServer", "PublicDnsName" ] }, "/wordpress" ] ] }, "Description" : "URL of the WordPress website" }, "InstallURL": { "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "WebServer", "PublicDnsName" ] }, "/wordpress/wp-admin/install.php" ] ] }, "Description" : "URL to install WordPress" } } }