AWS CloudFormation Speed up cloud provisioning with infrastructure as code Prerequisite : Download and Install VSCode Add CloudFormation...
AWS CloudFormation
Speed up cloud provisioning with infrastructure as code
Prerequisite :
- Download and Install VSCode
- Add CloudFormation Linter Extension to VSCode
- Python latest version is to be installed on your system
Example: Create an EC2 instance using CloudFormation Template.
Step 1 Open a file .yaml is visual studio code.
Step 2: Add CloudFormation Linter Extenstion to your VSCode
Step 3: Run the following commands in the terminal
pip install cfn-lint.
pip install pydot
Step 4: Create a new file with extension .yaml or .yml (main.yml)
Step 5: Write the below sample code to create an EC2 instance using the Cloudformation template (change the imageid and keyname accordingly)
Resources:
MyEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-04893cdb768d0f9ee
InstanceType: t2.micro
KeyName: devops
Tags:
- Key: Name
Value: Ec2-Demo
Step 6: Goto Cloudformation Service.
Step 7: Click on Create Stack button.
Select option Template is ready
Select Upload a Template file
Choose your file
Step 8: Click on Next
Step 9: Provide Stack name and Click on Next
Step 10: Review and Create the stack.
Step 11: Verify the Events and once All the resources (EC2 instance) get created then check in the EC2 instance that EC2 -Demo got created or not.
Experiment:- Delete Stack and Check the EC2 instance also get deleted.
Example Create 2 resources EC2 instance and S3 bucket. Follow the same steps are metnioned in Example1 for execution.
Resources:
MyEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-04893cdb768d0f9ee
InstanceType: t2.micro
KeyName: devops
Tags:
- Key: Name
Value: Ec2-Demo
S3Bucket:
Type: 'AWS::S3::Bucket'
DeletionPolicy: Retain
Properties:
BucketName: mumbairegionmy
Exercise:
Create EC2 instance and attach a Security group with EC2 instance.
Create an IAM Group and Add a user to that group
Resources:
MyEC2Instance:
Type: AWS::IAM::Group
Properties:
GroupName: Grp1
Path: /
MyUsers:
Type: AWS::IAM::User
Properties:
Groups:
- Grp1
UserName: user90
Example
Serverless End to End Web application deployment using Beanstalk
AWSTemplateFormatVersion: '2010-09-09'
Resources:
sampleApplication:
Type: AWS::ElasticBeanstalk::Application
Properties:
Description: AWS Elastic Beanstalk Sample Application
sampleApplicationVersion:
Type: AWS::ElasticBeanstalk::ApplicationVersion
Properties:
ApplicationName:
Ref: sampleApplication
Description: AWS ElasticBeanstalk Sample Application Version
SourceBundle:
S3Bucket: !Sub "elasticbeanstalk-samples-${AWS::Region}"
S3Key: php-newsample-app.zip
sampleConfigurationTemplate:
Type: AWS::ElasticBeanstalk::ConfigurationTemplate
Properties:
ApplicationName:
Ref: sampleApplication
Description: AWS ElasticBeanstalk Sample Configuration Template
OptionSettings:
- Namespace: aws:autoscaling:asg
OptionName: MinSize
Value: '2'
- Namespace: aws:autoscaling:asg
OptionName: MaxSize
Value: '6'
- Namespace: aws:elasticbeanstalk:environment
OptionName: EnvironmentType
Value: LoadBalanced
- Namespace: aws:autoscaling:launchconfiguration
OptionName: IamInstanceProfile
Value: !Ref MyInstanceProfile
SolutionStackName: 64bit Amazon Linux 2 v3.3.11 running PHP 8.0
sampleEnvironment:
Type: AWS::ElasticBeanstalk::Environment
Properties:
ApplicationName:
Ref: sampleApplication
Description: AWS ElasticBeanstalk Sample Environment
TemplateName:
Ref: sampleConfigurationTemplate
VersionLabel:
Ref: sampleApplicationVersion
MyInstanceRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- sts:AssumeRole
Description: Beanstalk EC2 role
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier
- arn:aws:iam::aws:policy/AWSElasticBeanstalkMulticontainerDocker
- arn:aws:iam::aws:policy/AWSElasticBeanstalkWorkerTier
MyInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref MyInstanceRole
Check the BeanStalk Env and application these should be created and you will be able to access the application on browser
COMMENTS