defining vpc based web apps in aws cloudformation

Tom Maddox

Elastic Beanstalk OpsWorks CloudFormation EC2
Convenience Control
Higher-level services Do it yourself

Continuous integration for your complete stack
Version Control Jenkins
Test
Live
Amazon
S3
AWS
CloudFormation
App commit
Infra commit
Pull
Deploy new
template
Deploy
new app

Continuous integration for your complete stack
Version Control Jenkins
Test
Live
Amazon
S3
AWS
CloudFormation
App commit
Infra commit
Pull
Promote new
template
Promote
new app

"Parameters"
"Mappings"
"Conditions"
"Resources"
"Outputs"

"Parameters" : {
InstanceType : {
Description : The EC2 Instance Type to launch.,
Type : String,
AllowedValues : [t1.micro, m1.small, m1.medium]
}
},
InstanceType : { Ref : InstanceType }

"Outputs" : {
"InstancePublicDnsName" : {
"Description" : "The public DNS name of the newly created EC2 instance",
"Value" : { Fn::GetAtt" : [ "Ec2Instance, PublicDnsName ] }
}
}

"Environment" : {
"Description" : "Specifies if this a Dev QA or Prod Environment",
"Type" : "String",
"Default" : "Dev",
"AllowedValues" : [ "Dev", "QA", "Prod"]
},
"Conditions" : {
"ProdEnvironment" : { "Fn::Equals" : [ { "Ref" : "Environment" }, "Prod" ]}
},
"InstanceType" : { "Fn::If" : [ "ProdEnvironment", m3.2xlarge, m3.medium ] }

"Mappings" : {
"RegionMap" : {
"us-east-1" : { "32" : "ami-6411e20d", "64" : "ami-7a11e213" },
"us-west-1" : { "32" : "ami-c9c7978c", "64" : "ami-cfc7978a" },
"eu-west-1" : { "32" : "ami-37c2f643", "64" : "ami-31c2f645" },
"ap-southeast-1" : { "32" : "ami-66f28c34", "64" : "ami-60f28c32" },
"ap-northeast-1" : { "32" : "ami-9c03a89d", "64" : "ami-a003a8a1" }
}
},
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "32"]},

http://aws.amazon.com/cloudformation/aws-cloudformation-templates/
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/CHAP_Te
mplateQuickRef.html
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-
reference.html
http://aws.amazon.com/cloudformation/aws-cloudformation-templates/http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/CHAP_TemplateQuickRef.htmlhttp://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-reference.html

"Metadata" : {
"AWS::CloudFormation::Init" : {
"webapp-config": {
"packages" : {},
"sources" : {},
"files" : {},
"groups" : {},
"users" : {},
"commands" : {},
"services" : {}
}
}
},

"packages" : {},
"sources" : {},
"files" : {},
"groups" : {},
"users" : {},
"commands" : {},
"services" : {}

Managing your stacks

Frontend Services
E-Commerce Website
Backend Services
Search, Payment Gateway, Reviews, Recommendations
Shared Services
Common Monitoring tools, Queues
Base Network
VPCs, Subnets, VPNs, NATs
Identity IAM Users, Groups, Roles

E-Commerce Website Recommendations Engine
"Parameters" : {
RecommendationsEndPoint : {
Description : URL of the recommendations ELB,
Type : String
}
},
"Outputs" : {
"RecommendationsEndPoint" : {
"Description" : "URL of the recommendations ELB",
"Value" : { Fn::GetAtt" : [ "RecommendationsELB, PublicDnsName ] }
}
}

ELB_AND_AS
Resources : {
ELB,
AutoScaling
}
Website1
Resources : {
NestedStack,
RDS
}
Website2
Resources : {
NestedStack,
DynamoDB
}
Website1
Resources : {
ELB,
AutoScaling,
RDS
}
Website2
Resources : {
ELB,
AutoScaling,
DynamoDB
}

Amazon
Route 53

"UpdatePolicy" : {
"AutoScalingRollingUpdate" : {
"MaxBatchSize" : 2,
"MinInstancesInService" : 2,
"PauseTime" : PT20M
}
}

"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"PauseTime": "PT0S",
"MaxBatchSize": 6",
"MinInstancesInService": "0"
}
}
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"PauseTime": "PT15S",
"MaxBatchSize": "2",
"MinInstancesInService": "2"
}
}

AWS::EC2::VPC::Id
List
List
AWS::EC2::KeyPair::KeyName

{
"AWSTemplateFormatVersion" : "2010-09-09",
"Resources" : {
"myS3Bucket" : {
"Type" : "AWS::S3::Bucket",
"DeletionPolicy" : "Retain"
"Properties" : {
"BucketName" : MyBucket
}
}
}
}
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Resources" : {
"myVolume" : {
"Type":"AWS::EC2::Volume",
"DeletionPolicy" : "Snapshot
"Properties" : {
"AvailabilityZone" :us-east-1a,
"Size : 100
}
}
}
}
MyBucket myVolume Snapshot

Do not update the databases
"Effect" : "Deny",
"Principal" : "*",
"Action" : "Update:*",
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"ResourceType : [
"AWS::RDS::DBInstance,
"AWS::Redshift::Cluster
]
}
}
Okay to update, unless the update requires replacement
"Effect" : "Deny",
"Principal": "*",
"Action" : "Update:Replace",
"Resource" : "LogicalResourceId/MyInstance"

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": Deny",
"Action": *",
"Resource": "*"
},
{
"Effect" : Allow",
"Action" : [
"Action": "ec2:Describe*
],
"Condition": {
"Null": { "ec2:ResourceTag/*cloudformation*" : "true" }
},
"Resource" : "*"
}
]
}

http://tinyurl.com/pgs3mjo
http://tinyurl.com/pd86795
http://tinyurl.com/pgs3mjohttp://tinyurl.com/pd86795

defining vpc based web apps in aws cloudformation

Technology

AWSマイスターシリーズReloaded(AWS Cloudformation)

JAWS-UG大阪第7回勉強会 CDP実践VPC編とCloudFormation

AWS Cloudformation User Guide

Anypoint vpc

INSTRUCTION MANUAL VPC-HD2000EX VPC-HD2000 VPC 2010-04-28آ INSTRUCTION MANUAL Dual Camera)(a ct i VPC-HD2000EX

VPC Cinemavídeo

OpenStack AWS CloudFormation Orchestration Heat API OpenStack AWS CloudFormation Orchestration Steven

MongoDB, Cloudformation and Chef

INSTRUCTION MANUAL VPC-PD1EX VPC-PD2 VPC-PD1GX VPC-PD1PX ...cncms.com.au/SANYO-IMs/Consumer-Electronics/vpcpd1_im.pdf ·

AWS CloudFormation (February 2016)

Infrastructure Continuous Delivery using CloudFormation

INSTRUCTION MANUAL VPC-GH3EX VPC-GH3GX VPC-GH3PX cncms.com.au/SANYO-IMs/Consumer-Electronics/vpcgh3ta_im.pdfآ

vSRX Virtual Firewall-Based AWS Transit VPC and AWS skills. This includes network and systems engineers who possess practical knowledge of AWS services such as VPC, EC2, CloudFormation,

AWS London Loft: CloudFormation Workshop

High reliability in WAN network - 2019-07-18آ VPC-GW vPC Private cloud VPC-GW vPC Pbulic cloud VPC-GW

Integrating AWS CloudFormation with Puppet - Amazon S3 AWS CloudFormation with Puppet 1 ... using AWS CloudFormation on the base Amazon Linux AMI. ... are customized and installed

Cloudformation vs terraform_vs_ansible

Transit VPC Deployment Using AWS CloudFormation Templates 2018-06-16آ Challenges Introduction Solution

AWS CloudFormation en 5 Minutos

AWS CloudFormation Masterclass