aws-must-templates 0.1.2

data/mustache/resourceInstanceMetadata.mustache

@@ -0,0 +1,65 @@
+{{!
+
+
++++start+++
+
+## <a id="resourceInstanceMetadata.mustache"></a>resourceInstanceMetadata.mustache <a class='navigator' href='#top'>[top]</a>
+
+The Metadata attribute enables you to associate structured data with a
+resource. By adding a Metadata attribute to a resource, you can add
+data in JSON format to the resource declaration.
+
+**Attributes**: 
+
+* `Initialize`: array of
+  * `StartCfnHup`: see [initializeCfnInitHupFiles](#initializeCfnInitHupFiles.mustache)
+  
++++close+++
+
+}}
+{{! +++fold-on+++ }}
+
+{{! NOTICE: check for 'resourceInstanceInitialize.mustache' for using
+  '#Initialize' array to setup `UserData` -script }}
+
+{{# Initialize.length }}
+"AWS::CloudFormation::Init":{
+   "config" : {
+     "packages" : {
+     },
+     "groups" : {
+     },
+     "users" : {
+     },
+     "sources" : {
+     },
+     "files" : {
+        "/tmp/cfn-init.txt": {
+               "content":{
+                   "Fn::Join":["", [ "Installed in cfn-init", "\n" ]]
+                }
+               , "mode":"000444"
+               , "owner":"root"
+               , "group":"root"
+        }
+        {{# Initialize }}{{# StartCfnHup }}, {{> initializeCfnInitHupFiles }}{{/ StartCfnHup }}{{/ Initialize }}
+     },
+     "commands" : {
+     },
+     "services" : {
+     }
+  }
+
+} {{! AWS::CloudFormation::Init" }}
+{{/ Initialize.length }}
+
+{{! Add a metadata field, which, when updated, triggers cfn-hup. c.f. initializeCfnInitHupFiles }}
+{{# Initialize }}{{# StartCfnHup }}
+,    "CfnHup": "updating this field causes cfn-hup to trigger"
+{{/ StartCfnHup }}{{/ Initialize }}
+
+
+
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceInstanceProfile.mustache

@@ -0,0 +1,34 @@
+{{!
+
++++start+++
+
+
+## <a id="resourceInstanceProfile.mustache"></a>resourceInstanceProfile.mustache <a class='navigator' href='#top'>[top]</a>
+
+a container for an IAM role and enables you to pass role information to an Amazon EC2 instance when the instance starts
+
+**Attributes**: context=  `./resources/Instance`
+
+* `Name`: name of the InstanceProfile  to create
+
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+  "{{Name}}" : {
+    "Type" : "AWS::IAM::InstanceProfile",
+    "Properties" : {
+      "Path" : "/",
+      "Roles" : [{{# Roles}}{ "Ref": "{{Ref}}"}{{_comma}}{{/ Roles}} ]
+    }
+  },
+
+
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceInternetGateway.mustache

@@ -0,0 +1,87 @@
+{{!
+
+
++++start+++
+
+
+## <a id="resourceInternetGateway.mustache"></a>resourceInternetGateway.mustache <a class='navigator' href='#top'>[top]</a>
+
+Creates a new Internet gateway in your AWS account. After creating the
+Internet gateway, attach it to a VPC, and create/attach a routetable
+to `Vpc`, and add a routetable entry entry to enable internet
+access on `Vpc` && `Subnet`
+
+**Attributes**: context=  `./resources/InstanceSecurityGroup`
+
+* `Name` : of the Internet Gateway
+   * `Vpc`: reference to VPC where to atttace
+   * `Subnet`: reference to VPC where to attach route to InternetGateway
+   * `Tags`: (optional) as [commonKeyValue.mustache](#commonKeyValue.mustache)
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+{{! Create internet gateway }}
+"{{Name}}" : {
+    "Type" : "AWS::EC2::InternetGateway",
+    "Properties" : {
+       "Tags" : [ {{# Tags }}{{> commonKeyValue }}{{_comma}}{{/ Tags }}]
+    }
+ },
+
+{{! Attache the internet gateway created to VPC }}
+"Attach{{Vpc}}" : {
+      "Type" : "AWS::EC2::VPCGatewayAttachment",
+      "Properties" : {
+        "VpcId" : { "Ref" : "{{Vpc}}" },
+        "InternetGatewayId" : { "Ref" : "{{Name}}" }
+    }
+}, 
+
+
+{{! Create a route table for VPC }}
+
+"RouteTable{{Vpc}}" : {
+      "Type" : "AWS::EC2::RouteTable",
+      "Properties" : {
+        "VpcId" : { "Ref" : "{{ Vpc }}" },
+        "Tags" : [ 
+		           {"Key": "Name", "Value" : "RouteTable{{Vpc}}" }
+		         , {"Key" : "Application", "Value" : { "Ref" : "AWS::StackId"} } 
+				 ]
+      }
+    },
+
+
+{{! Add a route to internet gateway created }}
+
+"Route{{Vpc}}" : {
+    "Type" : "AWS::EC2::Route",
+     "DependsOn" : "Attach{{Vpc}}",
+      "Properties" : {
+          "RouteTableId" : { "Ref" : "RouteTable{{Vpc}}" }
+          , "DestinationCidrBlock" : "0.0.0.0/0"
+          , "GatewayId" : { "Ref" : "{{Name}}" }
+     }
+},
+
+{{! Associates a subnet with a route table. }}
+
+"RouteTableAssociation{{Subnet}}" : {
+    "Type" : "AWS::EC2::SubnetRouteTableAssociation"
+   , "Properties" : {
+         "SubnetId" : { "Ref" : "{{Subnet}}" }
+       , "RouteTableId" : { "Ref" : "RouteTable{{Vpc}}" }
+     }
+}
+
+{{_comma}}
+	
+
+
+{{! +++fold-off+++ }}

data/mustache/resourcePolicy.mustache

@@ -0,0 +1,50 @@
+{{!
+
++++start+++
+
+
+## <a id="resourcePolicy.mustache"></a>resourcePolicy.mustache <a class='navigator' href='#top'>[top]</a>
+
+To assign permissions to a user, group, role, or resource, you create
+a policy, which is a document that explicitly lists permissions.
+
+**Attributes**: context=  `./resources/Policy`
+
+* `Name`: name of the Role to create
+* `Statements` array of
+   * `Effect`: Allow/Deny
+   * `Actions`: list of actions for the policy
+   * `Resource`: array of [commonValues](#commonValue.mustache) concatenated to create resource reference
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+"{{Name}}" : {
+    "Type" : "AWS::IAM::Policy",
+    "Properties" : {
+        "PolicyName" : "{{Name}}",
+        "Roles" : [ { "Ref" : "{{RoleRef}}" } ],
+        "PolicyDocument" : {
+            "Statement" : [ 
+                 {{# Statements }} 
+                 {
+                    "Effect" : "{{Effect}}",
+                    "Action" : [ {{{Actions}}} ],
+                    "Resource" : 
+					  {{^ Resource.length }} "{{ Resource }}" {{/ Resource.length }} 
+					  {{# Resource.length }} {  "Fn::Join" : [ "", [ {{/ Resource.length }} 
+  						 {{# Resource }}{{> commonValue }}{{ _comma }} {{/ Resource}}
+             		  {{# Resource.length }}] ] } {{/ Resource.length }} 
+                 }{{_comma}}
+                 {{/ Statements }}
+            ]
+        }
+    }
+}{{_comma}}
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceProvisionChef.mustache

@@ -0,0 +1,38 @@
+{{!
+
+
++++start+++
+
+
+## <a id="initializeProvisionChef.mustache"></a>initializeProvisionChef.mustache<a class='navigator' href='#top'> [top]</a>
+
+UserData -script to provision Chef
+
+**Attributes**: context=  `./resources/Instance/InstallChef`
+
+* `Node`: Chef node to provision
+* `ChefZeroHost` : host where ChefZero can be accessed
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+   
+           	 ,  "NODE={{Node}}\n"
+                     {{#ChefZeroHost}}
+           	 ,  "CHEF_ZERO_HOST='", {{> commonValue }}, "'\n"
+                     {{/ChefZeroHost}}
+                 ,  "CHEF_ZERO_HOST=$(echo $CHEF_ZERO_HOST)\n" {{! Removes new-line, which Ref -contruct creates }}
+                 ,  "echo $(date): Create directory /etc/chef - to store client.pem Q\n"
+                 ,  "[ -d /etc/chef ] || sudo mkdir /etc/chef \n"
+                 ,  "echo $(date): Generating /tmp/fake.pem \n"
+                 ,  "openssl genrsa -passout pass:'' -out /tmp/fake.pem 2048\n"
+                 ,  "echo $(date): start chef provision on node  $NODE \n"
+                 ,  "sudo chef-client --validation_key /tmp/fake.pem  --server http://$CHEF_ZERO_HOST:8889 --node-name $NODE --log_level info\n"
+                 ,  "echo $(date): chef provisioned node $NODE successfully \n"
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceRole.mustache

@@ -0,0 +1,40 @@
+{{!
+
++++start+++
+
+
+## <a id="resourceRole.mustache"></a>resourceRole.mustache <a class='navigator' href='#top'>[top]</a>
+
+AWS Identity and Access Management (IAM) role.
+
+**Attributes**: context=  `./resources/Instance`
+
+* `Name`: name of the Role to create
+* `Resource`: resources you allow the action on
+
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+    "{{Name}}" : {
+      "Type" : "AWS::IAM::Role"
+      , "Properties" : {
+        "Path" : "/",
+        "AssumeRolePolicyDocument" : {
+            "Statement" : [ {
+                "Effect" : "Allow",
+                "Principal" : {
+                    "Service" : [ "ec2.amazonaws.com" ]
+                },
+                "Action" : [ "sts:AssumeRole" ]
+            } ]
+        }
+      }
+    }{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/resourceS3Bucket.mustache

@@ -0,0 +1,39 @@
+{{!
+
++++start+++
+
+
+## <a id="resourceS3Bucket.mustache"></a>resourceS3Bucket.mustache <a class='navigator' href='#top'>[top]</a>
+
+Create an S3 Bucket.
+
+**Attributes**: context=  `./resources/Instance`
+
+* `Name`: name of the S3 resource to create
+* `BucketName`: A name for the bucket. If you don't specify a name,
+  AWS CloudFormation generates a unique physical ID and uses that ID
+  for the bucket name.
+* `DeletionPolicy`: attribute you can preserve or (in some cases) backup
+  a resource when its stack is deleted. Valid values `Delete`,
+  `Retain` (default), `Snapshot`
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+    "{{Name}}" : {
+      "Type" : "AWS::S3::Bucket"
+      {{> commonCreationPolicy }}
+      , "DeletionPolicy" : "{{# DeletionPolicy }}{{DeletionPolicy}}{{/ DeletionPolicy}}{{^ DeletionPolicy }}Retain{{/ DeletionPolicy}}"
+      , "Properties" : {
+          {{# BucketName }} "BucketName" : "{{BucketName}}" {{/ BucketName }}
+          {{! 
+              ,"LifecycleConfiguration": {  "Rules" : [ ] }
+	      }}
+      }
+    }{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/resourceSecurityGroup.mustache

@@ -0,0 +1,46 @@
+{{!
+
+
++++start+++
+
+
+## <a id="resourceSecurityGroup.mustache"></a>resourceSecurityGroup.mustache <a class='navigator' href='#top'>[top]</a>
+
+Create an EC2 Security Group
+
+**Attributes**: context=  `./resources/SecurityGroup`
+
+* `Name` : of the security group
+* `VpcId`: The Reference name physical ID of the VPC.  given as commonValue, [commonValue.mustache](#commonValue.mustache)
+* `SecurityGroupIngress`: Arrays in a SecurityGroupIngr
+   * `IpProtocol`: default tcp
+   * `FromPort`: default to `Port`
+   * `ToPort`: defaults to `Port`
+   * CidrIp given as commonValue, [commonValue.mustache](#commonValue.mustache)
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+    "{{Name}}" : {
+      "Type" : "AWS::EC2::SecurityGroup",
+      "Properties" : {
+        "GroupDescription" : "Enable SSH access via port 22"
+        {{# VpcId }}, "VpcId": {{> commonValue }} {{/ VpcId }}
+        , "SecurityGroupIngress" : [ 
+                {{# SecurityGroupIngress }}
+                     {
+                         "IpProtocol" : {{#IpProtocol}}"{{IpProtocol}}"{{/IpProtocol}}{{^IpProtocol}}"tcp"{{/IpProtocol}},
+                         "FromPort" : "{{#FromPort}}{{FromPort}}{{/FromPort}}{{^FromPort}}{{Port}}{{/FromPort}}",
+                         "ToPort" : "{{#ToPort}}{{ToPort}}{{/ToPort}}{{^ToPort}}{{Port}}{{/ToPort}}",
+                         "CidrIp" : {{> commonValue }}
+                    } {{_comma}}
+                {{/ SecurityGroupIngress }}
+        ]
+      }
+    }{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/resourceStack.mustache

@@ -0,0 +1,45 @@
+{{!
+
++++start+++
+
+
+## <a id="resourceStack.mustache"></a>resourceStack.mustache<a class='navigator' href='#top'>[top]</a>
+
+Nests a stack as a resource in a top-level template.
+
+**Attributes**: context=  `./resources/Policy`
+
+* `Name`: resource name given to the nested stack
+* `TemplateFile`: local path used to create `TemplateUrl` for AWS::CloudFormation::Stack
+* `DependsOn`: With the DependsOn attribute you can specify that the
+  creation of a specific resource follows another
+* `Parameters` Array of  sub documents
+   `Key`
+   `Value` 
+  
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+"{{Name}}" : {
+    "Type" : "AWS::CloudFormation::Stack"
+	{{> commonDependsOn }}
+    , "Properties" : {
+            "TemplateURL": "{{TemplateURL}}"
+          , "Parameters" : { 
+                  {{# Parameters }}
+				     "{{Key}}" : {{> commonValue }}{{_comma}}
+                  {{/ Parameters }} 
+             }
+    }
+}{{_comma}}
+
+
+{{! +++fold-off+++ }}
+
+
+

data/mustache/resourceSubnet.mustache

@@ -0,0 +1,41 @@
+{{!
+
+
++++start+++
+
+
+## <a id="resourceSubnet.mustache"></a>resourceSubnet.mustache <a class='navigator' href='#top'>[top]</a>
+
+Creates a subnet in an existing VPC.
+
+**Attributes**: 
+
+* `Name` : of the VPC resource
+   * `CidrBlock` or as [commonKeyValue.mustache](#commonKeyValue.mustache)
+   * `VpcId`: resource name of VPC
+   * `MapPublicIpOnLaunch`: Indicates whether instances that are
+     launched in this subnet receive a public IP address. By default,
+     the value is `false`.
+   * `Tags`: (optional) as [commonKeyValue.mustache](#commonKeyValue.mustache)
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+  "{{Name}}" : {
+   "Type" : "AWS::EC2::Subnet"
+	{{> commonDependsOn }}
+   , "Properties" : {
+         "CidrBlock" : "{{CidrBlock}}"
+       , "Tags" : [ {{# Tags }}{{> commonKeyValue }}{{_comma}}{{/ Tags }}]
+       , "MapPublicIpOnLaunch" : {{^MapPublicIpOnLaunch}}false{{/ MapPublicIpOnLaunch}}{{# MapPublicIpOnLaunch}}{{MapPublicIpOnLaunch}}{{/ MapPublicIpOnLaunch}}
+       , "VpcId" : { "Ref" : "{{VpcId}}" }
+   }
+}{{_comma}}
+
+
+{{! +++fold-off+++ }}

data/mustache/resourceUser.mustache

@@ -0,0 +1,58 @@
+{{!
+
+
++++start+++
+
+## <a id="resourceUser.mustache"></a>resourceUser.mustache <a class='navigator' href='#top'>[top]</a>
+
+Creates User and AccessKey resources. User resource is associated with a fixed policy.
+
+
+**Attributes**: 
+
+* `Name`: of the user resource, derives 
+* `KeyName`: also AccessKey resource for `Name` user
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+
+"{{Name}}":{
+    "Type":"AWS::IAM::User",
+    "Properties":{
+        "Path":"/",
+        "Policies":[
+            {
+                "PolicyName":"root",
+                "PolicyDocument":{
+                    "Statement":[
+                        {
+                            "Effect":"Allow",
+                            "Action":"cloudformation:DescribeStackResource",
+                            "Resource":"*"
+                        }
+                    ]
+                }
+            }
+        ]
+    }
+}
+
+{{# KeyName }}
+,  "{{KeyName}}":{
+      "Type":"AWS::IAM::AccessKey",
+       "Properties":{
+             "UserName":{
+                  "Ref":"{{Name}}"
+             }
+         }
+}
+{{/ KeyName }}
+
+{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/resourceVPC.mustache

@@ -0,0 +1,44 @@
+{{!
+
+
++++start+++
+
+
+## <a id="resourceVPC.mustache"></a>resourceVPC.mustache <a class='navigator' href='#top'>[top]</a>
+
+Creates a Virtual Private Cloud (VPC) with the CIDR block that you specify.
+
+**Attributes**: context=  `./resources/InstanceSecurityGroup`
+
+* `Name` : of the VPC resource
+   * `CidrBlock` or as [commonKeyValue.mustache](#commonKeyValue.mustache)
+   * `EnableDnsSupport`: (= **true**) Specifies whether DNS resolution
+     is supported for the VPC. If this attribute is true, the Amazon
+     DNS server resolves DNS hostnames for your instances to their
+     corresponding IP addresses; otherwise, it does not.
+   * `EnableDnsHostnames`: (= **true**) Specifies whether the
+     instances launched in the VPC get DNS hostnames. If this
+     attribute is true, instances in the VPC get DNS hostnames;
+     otherwise, they do not. You can only set EnableDnsHostnames to
+     true if you also set the EnableDnsSupport attribute to true.
+   * `Tags`: (optional) as [commonKeyValue.mustache](#commonKeyValue.mustache)
+
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+  "{{Name}}" : {
+      "Type" : "AWS::EC2::VPC",
+      "Properties" : {
+        "CidrBlock" : "{{ CidrBlock }}"
+        , "EnableDnsSupport": true
+        , "EnableDnsHostnames": true
+        , "Tags" : [ {{# Tags }}{{> commonKeyValue }}{{_comma}}{{/ Tags }}]
+      }
+    }{{_comma}}
+
+{{! +++fold-off+++ }}

data/mustache/resourceWait.mustache

@@ -0,0 +1,39 @@
+{{!
+
+
++++start+++
+
+
+## <a id="resourceWait.mustache"></a>resourceWait.mustache<a class='navigator' href='#top'> [top]</a>
+
+Creates a WaitHandle, and a WaitCondition on a resource `DependsOn`.
+
+**Attributes**: 
+
+* `Name`: 
+* `DependsOn`: Resource on which depents
+* `Timeout`: The length of time (in seconds) to wait for the number of
+  signals that the Count property specifies.
+
++++close+++
+
+}}
+
+{{! +++fold-on+++ }}
+
+
+ "{{Name}}" : {
+      "Type" : "AWS::CloudFormation::WaitConditionHandle"
+  },
+
+ "{{Name}}Condition" : {
+      "Type" : "AWS::CloudFormation::WaitCondition"
+      {{> commonDependsOn }}
+      , "Properties" : {
+            "Handle"  : { "Ref" : "{{Name}}" }
+          , "Timeout" : "{{Timeout}}"
+      }
+    }{{_comma}}
+
+
+{{! +++fold-off+++ }}