diff --git a/AutoScaling/AutoScalingMultiAZWithNotifications.json b/AutoScaling/AutoScalingMultiAZWithNotifications.json index 6d521c1c..6b4ceda5 100644 --- a/AutoScaling/AutoScalingMultiAZWithNotifications.json +++ b/AutoScaling/AutoScalingMultiAZWithNotifications.json @@ -1,17 +1,15 @@ { "AWSTemplateFormatVersion": "2010-09-09", - "Description": "AWS CloudFormation Sample Template AutoScalingMultiAZWithNotifications: Create a multi-az, load balanced and Auto Scaled sample web site running on an Apache Web Server. The application is configured to span all Availability Zones in the region and is Auto-Scaled based on the CPU utilization of the web servers. Notifications will be sent to the operator email address on scaling events. The instances are load balanced with a simple health check against the default web page. **WARNING** This template creates one or more Amazon EC2 instances and an Elastic Load Balancer. You will be billed for the AWS resources used if you create a stack from this template.", + "Description": "Create a multi-az, load balanced and Auto Scaled sample web site running on\nan Apache Web Server. The application is configured to span all\nAvailability Zones in the region and is Auto-Scaled based on the CPU\nutilization of the web servers. Notifications will be sent to the operator\nemail address on scaling events. The instances are load balanced with a\nsimple health check against the default web page. **WARNING** This template\ncreates one or more Amazon EC2 instances and an Elastic Load Balancer. You\nwill be billed for the AWS resources used if you create a stack from this\ntemplate.\n", "Parameters": { "InstanceType": { "Description": "WebServer EC2 instance type", "Type": "String", - "Default": "t2.micro" + "Default": "t4g.micro" }, "OperatorEMail": { - "Description": "EMail address to notify if there are any scaling operations", - "Type": "String", - "AllowedPattern": "([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)", - "ConstraintDescription": "must be a valid email address." + "Description": "Email address to notify if there are any scaling operations", + "Type": "String" }, "KeyName": { "Description": "The EC2 Key Pair to allow SSH access to the instances", @@ -46,6 +44,14 @@ "Subnets": { "Description": "Subnets to be used", "Type": "List" + }, + "AZs": { + "Description": "Availability Zones to be used", + "Type": "List" + }, + "VPC": { + "Description": "VPC to be used", + "Type": "AWS::EC2::VPC::Id" } }, "Mappings": { @@ -156,7 +162,7 @@ }, "/etc/cfn/hooks.d/cfn-auto-reloader.conf": { "content": { - "Fn::Sub": "[cfn-auto-reloader-hook]\ntriggers=post.update\npath=Resources.LaunchConfig.Metadata.AWS::CloudFormation::Init\naction=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --region ${AWS::Region}\nrunas=root\n" + "Fn::Sub": "[cfn-auto-reloader-hook]\ntriggers=post.update\npath=Resources.LaunchTemplate.Metadata.AWS::CloudFormation::Init\naction=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchTemplate --region ${AWS::Region}\nrunas=root\n" } } }, @@ -206,7 +212,7 @@ ], "UserData": { "Fn::Base64": { - "Fn::Sub": "#!/bin/bash\n/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --region ${AWS::Region}\n/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource WebServerGroup --region ${AWS::Region}\n" + "Fn::Sub": "#!/bin/bash\n/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchTemplate --region ${AWS::Region}\n/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource WebServerGroup --region ${AWS::Region}\n" } }, "TagSpecifications": [ @@ -252,7 +258,7 @@ }, "Properties": { "AvailabilityZones": { - "Fn::GetAZs": null + "Ref": "AZs" }, "LaunchTemplate": { "LaunchTemplateId": { @@ -267,9 +273,9 @@ }, "MinSize": "1", "MaxSize": "3", - "LoadBalancerNames": [ + "TargetGroupARNs": [ { - "Ref": "ElasticLoadBalancer" + "Ref": "TargetGroup" } ], "NotificationConfigurations": [ @@ -366,28 +372,73 @@ } }, "ElasticLoadBalancer": { - "Type": "AWS::ElasticLoadBalancing::LoadBalancer", + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { - "AvailabilityZones": { - "Fn::GetAZs": null + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Ref": "LoadBalancerSecurityGroup" + } + ], + "Subnets": { + "Ref": "Subnets" }, - "CrossZone": true, - "Listeners": [ + "Type": "application" + } + }, + "LoadBalancerSecurityGroup": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Allows inbound traffic on port 443", + "SecurityGroupIngress": [ { - "LoadBalancerPort": "80", - "InstancePort": "80", - "Protocol": "HTTP", - "SSLCertificateId": { - "Ref": "CertificateArn" + "IpProtocol": "tcp", + "FromPort": 443, + "ToPort": 443, + "CidrIp": "0.0.0.0/0" + } + ], + "VpcId": { + "Ref": "VPC" + } + } + }, + "LoadBalancerListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "Type": "forward", + "TargetGroupArn": { + "Ref": "TargetGroup" } } ], - "HealthCheck": { - "Target": "HTTP:80/", - "HealthyThreshold": "3", - "UnhealthyThreshold": "5", - "Interval": "30", - "Timeout": "5" + "LoadBalancerArn": { + "Ref": "ElasticLoadBalancer" + }, + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": "ELBSecurityPolicy-2016-08", + "Certificates": [ + { + "CertificateArn": { + "Ref": "CertificateArn" + } + } + ] + } + }, + "TargetGroup": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckPath": "/", + "Name": "MyTargetGroup", + "Port": 80, + "Protocol": "HTTP", + "TargetType": "instance", + "VpcId": { + "Ref": "VPC" } } }, @@ -415,17 +466,8 @@ "IpProtocol": "tcp", "FromPort": 80, "ToPort": 80, - "SourceSecurityGroupOwnerId": { - "Fn::GetAtt": [ - "ElasticLoadBalancer", - "SourceSecurityGroup.OwnerAlias" - ] - }, - "SourceSecurityGroupName": { - "Fn::GetAtt": [ - "ElasticLoadBalancer", - "SourceSecurityGroup.GroupName" - ] + "SourceSecurityGroupId": { + "Ref": "LoadBalancerSecurityGroup" } } ] diff --git a/AutoScaling/AutoScalingMultiAZWithNotifications.yaml b/AutoScaling/AutoScalingMultiAZWithNotifications.yaml index e14f32f5..e4f28bb1 100644 --- a/AutoScaling/AutoScalingMultiAZWithNotifications.yaml +++ b/AutoScaling/AutoScalingMultiAZWithNotifications.yaml @@ -1,18 +1,25 @@ AWSTemplateFormatVersion: "2010-09-09" -Description: 'AWS CloudFormation Sample Template AutoScalingMultiAZWithNotifications: Create a multi-az, load balanced and Auto Scaled sample web site running on an Apache Web Server. The application is configured to span all Availability Zones in the region and is Auto-Scaled based on the CPU utilization of the web servers. Notifications will be sent to the operator email address on scaling events. The instances are load balanced with a simple health check against the default web page. **WARNING** This template creates one or more Amazon EC2 instances and an Elastic Load Balancer. You will be billed for the AWS resources used if you create a stack from this template.' +Description: | + Create a multi-az, load balanced and Auto Scaled sample web site running on + an Apache Web Server. The application is configured to span all + Availability Zones in the region and is Auto-Scaled based on the CPU + utilization of the web servers. Notifications will be sent to the operator + email address on scaling events. The instances are load balanced with a + simple health check against the default web page. **WARNING** This template + creates one or more Amazon EC2 instances and an Elastic Load Balancer. You + will be billed for the AWS resources used if you create a stack from this + template. Parameters: InstanceType: Description: WebServer EC2 instance type Type: String - Default: t2.micro + Default: t4g.micro OperatorEMail: - Description: EMail address to notify if there are any scaling operations + Description: Email address to notify if there are any scaling operations Type: String - AllowedPattern: ([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?) - ConstraintDescription: must be a valid email address. KeyName: Description: The EC2 Key Pair to allow SSH access to the instances @@ -48,6 +55,14 @@ Parameters: Description: Subnets to be used Type: List + AZs: + Description: Availability Zones to be used + Type: List + + VPC: + Description: VPC to be used + Type: AWS::EC2::VPC::Id + Mappings: Region2Examples: us-east-1: @@ -121,8 +136,8 @@ Resources: content: !Sub | [cfn-auto-reloader-hook] triggers=post.update - path=Resources.LaunchConfig.Metadata.AWS::CloudFormation::Init - action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --region ${AWS::Region} + path=Resources.LaunchTemplate.Metadata.AWS::CloudFormation::Init + action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchTemplate --region ${AWS::Region} runas=root services: sysvinit: @@ -149,7 +164,7 @@ Resources: UserData: !Base64 Fn::Sub: | #!/bin/bash - /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchConfig --region ${AWS::Region} + /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource LaunchTemplate --region ${AWS::Region} /opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource WebServerGroup --region ${AWS::Region} TagSpecifications: - ResourceType: instance @@ -158,6 +173,7 @@ Resources: Value: !Sub ${AWS::StackName}-Instance WebServerGroup: + Type: AWS::AutoScaling::AutoScalingGroup CreationPolicy: ResourceSignal: Timeout: PT5M @@ -168,21 +184,20 @@ Resources: MaxBatchSize: 1 PauseTime: PT5M WaitOnResourceSignals: true - Type: AWS::AutoScaling::AutoScalingGroup Metadata: cfn-lint: config: ignore_checks: - E3014 Properties: - AvailabilityZones: !GetAZs + AvailabilityZones: !Ref AZs LaunchTemplate: LaunchTemplateId: !Ref LaunchTemplate Version: !GetAtt LaunchTemplate.LatestVersionNumber MinSize: "1" MaxSize: "3" - LoadBalancerNames: - - !Ref ElasticLoadBalancer + TargetGroupARNs: + - !Ref TargetGroup NotificationConfigurations: - TopicARN: !Ref NotificationTopic NotificationTypes: @@ -244,21 +259,47 @@ Resources: ComparisonOperator: LessThanThreshold ElasticLoadBalancer: - Type: AWS::ElasticLoadBalancing::LoadBalancer + Type: AWS::ElasticLoadBalancingV2::LoadBalancer + Properties: + Scheme: internet-facing + SecurityGroups: + - !Ref LoadBalancerSecurityGroup + Subnets: !Ref Subnets + Type: application + + LoadBalancerSecurityGroup: + Type: AWS::EC2::SecurityGroup + Properties: + GroupDescription: Allows inbound traffic on port 443 + SecurityGroupIngress: + - IpProtocol: tcp + FromPort: 443 + ToPort: 443 + CidrIp: 0.0.0.0/0 + VpcId: !Ref VPC + + LoadBalancerListener: + Type: AWS::ElasticLoadBalancingV2::Listener + Properties: + DefaultActions: + - Type: forward + TargetGroupArn: !Ref TargetGroup + LoadBalancerArn: !Ref ElasticLoadBalancer + Port: 443 + Protocol: HTTPS + SslPolicy: ELBSecurityPolicy-2016-08 + Certificates: + - CertificateArn: !Ref CertificateArn + + TargetGroup: + Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: - AvailabilityZones: !GetAZs - CrossZone: true - Listeners: - - LoadBalancerPort: "80" - InstancePort: "80" - Protocol: HTTP - SSLCertificateId: !Ref CertificateArn - HealthCheck: - Target: HTTP:80/ - HealthyThreshold: "3" - UnhealthyThreshold: "5" - Interval: "30" - Timeout: "5" + HealthCheckPath: / + Name: MyTargetGroup + Port: 80 + Protocol: HTTP + TargetType: instance + VpcId: !Ref VPC InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup @@ -276,8 +317,7 @@ Resources: - IpProtocol: tcp FromPort: 80 ToPort: 80 - SourceSecurityGroupOwnerId: !GetAtt ElasticLoadBalancer.SourceSecurityGroup.OwnerAlias - SourceSecurityGroupName: !GetAtt ElasticLoadBalancer.SourceSecurityGroup.GroupName + SourceSecurityGroupId: !Ref LoadBalancerSecurityGroup Outputs: URL: diff --git a/scripts/format-yaml-single.sh b/scripts/format-yaml-single.sh index b7c12fb3..8079f6be 100755 --- a/scripts/format-yaml-single.sh +++ b/scripts/format-yaml-single.sh @@ -2,5 +2,5 @@ set -eou pipefail echo $1 n=$(basename $1) -rain fmt $1 > /tmp/$n +rain fmt -u $1 > /tmp/$n mv /tmp/$n $1