TemplateFormatVersion" : "2010-09-09",
"Description": "Sample template to bring up WordPress using the Puppet client to install server roles. A WaitCondition is used to hold up the stack creation until the application is deployed. **WARNING** This template creates one or more Amazon EC2 instances and CloudWatch alarms. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters" : {
"KeyName": {
"Type": "String",
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the web server"
},
"PuppetClientSecurityGroup": {
"Description" : "The EC2 security group for the instances",
"Type": "String"
},
"PuppetMasterDNSName": {
"Description" : "The PuppetMaster DNS name",
"Type": "String"
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"DatabaseType": {
"Default": "db.m1.small",
"Description" : "The database instance type",
"Type": "String",
"AllowedValues" : [ "db.m1.small", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ],
"ConstraintDescription" : "must contain only alphanumeric characters."
},
"DatabaseUser": {
"Default" : "admin",
"NoEcho": "true",
"Type": "String",
"Description" : "Test database admin account name",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."
},
"DatabasePassword": {
"Default" : "admin",
"NoEcho": "true",
"Type": "String",
"Description" : "Test database admin account password",
"MinLength": "1",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "must contain only alphanumeric characters."
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"t1.micro" : { "Arch" : "64" },
"m1.small" : { "Arch" : "64" },
"m1.medium" : { "Arch" : "64" },
"m1.large" : { "Arch" : "64" },
"m1.xlarge" : { "Arch" : "64" },
"m2.xlarge" : { "Arch" : "64" },
"m2.2xlarge" : { "Arch" : "64" },
"m2.4xlarge" : { "Arch" : "64" },
"c1.medium" : { "Arch" : "64" },
"c1.xlarge" : { "Arch" : "64" },
"cc1.4xlarge" : { "Arch" : "64HVM" },
"cc2.8xlarge" : { "Arch" : "64HVM" },
"cg1.4xlarge" : { "Arch" : "64HVM" }
},
"AWSRegionArch2AMI" : {
"us-east-1" : { "32" : "ami-31814f58", "64" : "ami-1b814f72", "64HVM" : "ami-0da96764" },
"us-west-2" : { "32" : "ami-38fe7308", "64" : "ami-30fe7300", "64HVM" : "NOT_YET_SUPPORTED" },
"us-west-1" : { "32" : "ami-11d68a54", "64" : "ami-1bd68a5e", "64HVM" : "NOT_YET_SUPPORTED" },
"eu-west-1" : { "32" : "ami-973b06e3", "64" : "ami-953b06e1", "64HVM" : "NOT_YET_SUPPORTED" },
"ap-southeast-1" : { "32" : "ami-b4b0cae6", "64" : "ami-beb0caec", "64HVM" : "NOT_YET_SUPPORTED" },
"ap-northeast-1" : { "32" : "ami-0644f007", "64" : "ami-0a44f00b", "64HVM" : "NOT_YET_SUPPORTED" },
"sa-east-1" : { "32" : "ami-3e3be423", "64" : "ami-3c3be421", "64HVM" : "NOT_YET_SUPPORTED" }
}
},
"Resources" : {
"CFNInitUser" : {
"Type" : "AWS::IAM::User",
"Properties" : {
"Policies": [{
"PolicyName": "AccessForCFNInit",
"PolicyDocument" : {
"Statement": [{
"Effect" : "Allow",
"Action" : "cloudformation:DescribeStackResource",
"Resource" : "*"
}]
}
}]
}
},
"CFNKeys" : {
"Type" : "AWS::IAM::AccessKey",
"Properties" : {
"UserName" : { "Ref": "CFNInitUser" }
}
},
"WebServer": {
"Type": "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"puppet" : [],
"ruby-devel" : [],
"gcc" : [],
"make" : [],
"rubygems" : []
},
"rubygems" : {
"json" : []
}
},
"files" : {
"/etc/yum.repos.d/epel.repo" : {
"source" : "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
"mode" : "000644",
"owner" : "root",
"group" : "root"
},
"/etc/puppet/puppet.conf" : {
"content" : { "Fn::Join" : ["", [
"[main]\n",
" logdir=/var/log/puppet\n",
" rundir=/var/run/puppet\n",
" ssldir=$vardir/ssl\n",
" pluginsync=true\n",
"[agent]\n",
" classfile=$vardir/classes.txt\n",
" localconfig=$vardir/localconfig\n",
" server=",{ "Ref" : "PuppetMasterDNSName" },"\n"
]] },
"mode" : "000644",
"owner" : "root",
"group" : "root"
}
},
"services" : {
"sysvinit" : {
"puppet" : {
"enabled" : "true",
"ensureRunning" : "true"
}
}
}
}
},
"Puppet" : {
"roles" : [ "wordpress" ],
"host" : {"Fn::GetAtt" : ["WordPressDatabase", "Endpoint.Address"]},
"database" : "WordPressDB",
"user" : {"Ref" : "DatabaseUser"},
"password" : {"Ref" : "DatabasePassword" }
}
},
"Properties": {
"SecurityGroups": [ { "Ref": "PuppetClientSecurityGroup" }, { "Ref" : "EC2SecurityGroup" } ],
"ImageId": { "Fn::FindInMap": [ "AWSRegionArch2AMI", { "Ref": "AWS::Region" }, { "Fn::FindInMap": [ "AWSInstanceType2Arch", { "Ref": "InstanceType" }, "Arch" ] } ]
},
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash\n",
"yum update -y aws-cfn-bootstrap\n",
"/opt/aws/bin/cfn-init --region ", { "Ref" : "AWS::Region" },
" -s ", { "Ref" : "AWS::StackName" }, " -r WebServer ",
" --access-key ", { "Ref" : "CFNKeys" },
" --secret-key ", { "Fn::GetAtt" : ["CFNKeys", "SecretAccessKey"]}, "\n",
"/opt/aws/bin/cfn-signal -e $? '", { "Ref" : "ApplicationWaitHandle" }, "'\n"
]]}},
"KeyName": { "Ref": "KeyName" },
"InstanceType": { "Ref": "InstanceType" }
}
},
"EC2SecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable HTTP access for Wordpress plus SSH access via port 22",
"SecurityGroupIngress" : [
{"IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" : "0.0.0.0/0" },
{"IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0" }
]
}
},
"ApplicationWaitHandle" : {
"Type" : "AWS::CloudFormation::WaitConditionHandle"
},
"ApplicationWaitCondition" : {
"Type" : "AWS::CloudFormation::WaitCondition",
"DependsOn" : "WebServer",
"Properties" : {
"Handle" : { "Ref" : "ApplicationWaitHandle" },
"Timeout" : "600"
}
},
"WordPressDatabase" : {
"Type" : "AWS::RDS::DBInstance",
"Properties" : {
"AllocatedStorage" : "5",
"DBName" : "WordPressDB",
"Engine" : "MySQL",
"DBInstanceClass" : { "Ref" : "DatabaseType" },
"DBSecurityGroups" : [ { "Ref": "DBSecurityGroup" } ],
"MasterUsername" : { "Ref" : "DatabaseUser" },
"MasterUserPassword" : { "Ref" : "DatabasePassword" }
}
},
"DBSecurityGroup": {
"Type": "AWS::RDS::DBSecurityGroup",
"Properties": {
"DBSecurityGroupIngress": {
"EC2SecurityGroupName": { "Ref": "EC2SecurityGroup" }
},
"GroupDescription": "database access"
}
}
},
"Outputs": {
"WebsiteURL": {
"Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "WebServer", "PublicDnsName" ] }, "/wordpress" ] ] },
"Description" : "URL of the WordPress website"
},
"InstallURL": {
"Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "WebServer", "PublicDnsName" ] }, "/wordpress/wp-admin/install.php" ] ] },
"Description" : "URL to install WordPress"
}
}
}