-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathasg-alb-bookKeeper.yml
179 lines (159 loc) · 4.58 KB
/
asg-alb-bookKeeper.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
AWSTemplateFormatVersion: '2010-09-09'
Description: |
Create an Auto Scaling Group with an existing subnet, a Launch Template,
and attach an Application Load Balancer (ALB)
Resources:
# Security Group for EC2 Instances
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow HTTP access
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
SourceSecurityGroupId: !Ref LoadBalancerSecurityGroup
# Security Group for ALB
LoadBalancerSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow HTTP access to ALB
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
# Elastic IP for NAT Gateway
ElasticIP:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
# NAT Gateway
NATGateway:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt ElasticIP.AllocationId
SubnetId: !Ref PublicSubnet1
# Private Route Table and subnet associations
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
PrivateRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NATGateway
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet1
RouteTableId: !Ref PrivateRouteTable
PrivateSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet2
RouteTableId: !Ref PrivateRouteTable
# ALB
LoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Name: demoALB
Subnets:
- !Ref PublicSubnet1
- !Ref PublicSubnet2
SecurityGroups:
- !Ref LoadBalancerSecurityGroup
Scheme: internet-facing
LoadBalancerAttributes:
- Key: idle_timeout.timeout_seconds
Value: '60'
# ALB Target Group
TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: demoTargetGroup
VpcId: !Ref VPC
Protocol: HTTP
Port: 80
HealthCheckPath: /
HealthCheckIntervalSeconds: 100
HealthCheckTimeoutSeconds: 5
HealthyThresholdCount: 2
UnhealthyThresholdCount: 2
TargetType: instance
# ALB Listener
Listener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: forward
TargetGroupArn: !Ref TargetGroup
LoadBalancerArn: !Ref LoadBalancer
Port: 80
Protocol: HTTP
# Launch Template for EC2 Instances
LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName: MyLaunchTemplate
LaunchTemplateData:
InstanceType: t2.micro
KeyName: !Ref KeyPair
SecurityGroupIds:
- !Ref InstanceSecurityGroup
UserData: !Base64
Fn::Sub: |
#!/bin/bash
apt update -y
apt install -y nginx
systemctl start nginx
systemctl enable nginx
ImageId: ami-0522ab6e1ddcc7055 # Replace with your region-specific AMI
# Auto Scaling Group
AutoScalingGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
VPCZoneIdentifier:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
MinSize: '1'
MaxSize: '2'
DesiredCapacity: '1'
TargetGroupARNs:
- !Ref TargetGroup
# Outputs
Outputs:
LoadBalancerDNSName:
Description: The DNS name of the ALB
Value: !GetAtt LoadBalancer.DNSName
# Parameters for VPC, Subnets, and KeyPair
Parameters:
VPC:
Type: AWS::EC2::VPC::Id
Description: The VPC ID
PrivateSubnet1:
Type: AWS::EC2::Subnet::Id
Description: The Subnet ID for Availability Zone 1
PrivateSubnet2:
Type: AWS::EC2::Subnet::Id
Description: The Subnet ID for Availability Zone 2
PublicSubnet1:
Type: AWS::EC2::Subnet::Id
Description: The Subnet ID for Availability Zone 1
PublicSubnet2:
Type: AWS::EC2::Subnet::Id
Description: The Subnet ID for Availability Zone 1
KeyPair:
Type: AWS::EC2::KeyPair::KeyName
Description: The EC2 Key Pair to allow SSH access to the instances