cfndk 0.0.2 → 0.0.3

data/sample/db/db.yaml

@@ -0,0 +1,136 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: DB Stack
+Parameters:
+# ------------------------------------------------------------#
+# Input Parameters
+# ------------------------------------------------------------# 
+  VpcName:
+    Type: String
+  Environment:
+    Type: String
+  MySQLMajorVersion:
+    Type: String
+    Default: "5.7"
+    AllowedValues: [ "5.5", "5.6", "5.7" ]
+  DBInstanceClass:
+    Type: String
+    Default: "db.m4.large" 
+  DBInstanceStorageSize:
+    Type: String
+    Default: "30"
+  DBInstanceStorageType:
+    Type: String
+    Default: "gp2"
+  DBName:
+    Type: String
+    Default: "db"
+  DBRestore: 
+    Default: "false"
+    Type: String
+    AllowedValues: [ "true", "false" ]
+  DBSnapshotId:
+    Type: String
+  DBMasterUserName:
+    Type: String
+    Default: "dbuser"
+    NoEcho: true
+    MinLength: 1
+    MaxLength: 16
+    AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*"
+    ConstraintDescription: "must begin with a letter and contain only alphanumeric characters."
+  DBPassword: 
+    Default: "dbpassword"
+    NoEcho: true
+    Type: String
+    MinLength: 8
+    MaxLength: 41
+    AllowedPattern: "[a-zA-Z0-9]*"
+    ConstraintDescription: "must contain only alphanumeric characters."
+  MultiAZ: 
+    Default: "false"
+    Type: String
+    AllowedValues: [ "true", "false" ]
+  CopyTagsToSnapshot: 
+    Default: "false"
+    Type: String
+    AllowedValues: [ "true", "false" ]
+  OptionalPreferredBackupWindow:
+    Type: String
+    ConstraintDescription: "Must be like 18:00-18:30"
+  OptionalPreferredMaintenanceWindow:
+    Type: String
+    ConstraintDescription: "Must be like sat:19:00-sat:19:30"
+  OptionalBackupRetentionPeriod:
+    Type: String
+    ConstraintDescription: "Must be like 7"
+Conditions:
+  IsOptionalDBRestore:
+    !Equals [!Ref DBRestore, 'true']
+  IsOptionalPreferredBackupWindow:
+    !Not [!Equals [!Ref OptionalPreferredBackupWindow, '']]
+  IsOptionalPreferredMaintenanceWindow:
+    !Not [!Equals [!Ref OptionalPreferredMaintenanceWindow, '']]
+  IsOptionalBackupRetentionPeriod:
+    !Not [!Equals [!Ref OptionalBackupRetentionPeriod, '']]
+Resources:
+  DBInstance: 
+    Type: AWS::RDS::DBInstance
+    Properties: 
+      DBInstanceIdentifier: !Sub "${VpcName}-${Environment}-Db"
+      Engine: MySQL
+      EngineVersion: !Sub "${MySQLMajorVersion}.22"
+      DBInstanceClass: !Ref DBInstanceClass
+      AllocatedStorage: !Ref DBInstanceStorageSize
+      StorageType: !Ref DBInstanceStorageType
+      DBName: !Ref DBName
+      DBSnapshotIdentifier:
+        !If [IsOptionalDBRestore, !Ref DBSnapshotId, !Ref "AWS::NoValue"]
+      MasterUsername:
+        !If [IsOptionalDBRestore, "!Ref AWS::NoValue", !Ref DBMasterUserName]
+      MasterUserPassword:
+        !If [IsOptionalDBRestore, "!Ref AWS::NoValue", !Ref DBPassword]
+      DBSubnetGroupName: !Ref DBSubnetGroup
+      PubliclyAccessible: false
+      MultiAZ: !Ref MultiAZ
+      PreferredBackupWindow:
+        !If [IsOptionalPreferredBackupWindow, !Ref OptionalPreferredBackupWindow, !Ref "AWS::NoValue"]
+      PreferredMaintenanceWindow:
+        !If [IsOptionalPreferredMaintenanceWindow, !Ref OptionalPreferredMaintenanceWindow, !Ref "AWS::NoValue"]
+      AutoMinorVersionUpgrade: false
+      DBParameterGroupName: !Ref DBParameterGroup  
+      VPCSecurityGroups:
+        - { "Fn::ImportValue": !Sub "${VpcName}-DbSg" }
+      CopyTagsToSnapshot: !Ref CopyTagsToSnapshot
+      BackupRetentionPeriod:
+        !If [IsOptionalBackupRetentionPeriod, !Ref OptionalBackupRetentionPeriod, !Ref "AWS::NoValue"]
+      Port: 3306
+      Tags: 
+        - Key: Name
+          Value: !Sub "${VpcName}-${Environment}-Db"
+    DeletionPolicy: Delete
+  DBParameterGroup:
+    Type: AWS::RDS::DBParameterGroup
+    Properties:
+      Family: !Sub "MySQL${MySQLMajorVersion}"
+      Description: !Sub "${VpcName}-${Environment}-Db-parm"
+  DBSubnetGroup: 
+    Type: "AWS::RDS::DBSubnetGroup"
+    Properties: 
+      DBSubnetGroupName: !Sub "${VpcName}-${Environment}-Db-subnet"
+      DBSubnetGroupDescription: "Db subnet group"
+      SubnetIds: 
+        - { "Fn::ImportValue": !Sub "${VpcName}-${Environment}-Private-Subnet1" }
+        - { "Fn::ImportValue": !Sub "${VpcName}-${Environment}-Private-Subnet2" }
+Outputs:
+  DBInstanceID:
+    Value: !Ref DBInstance
+    Export:
+      Name: !Sub "${VpcName}-${Environment}-Db-id"
+  DBInstanceEndpoint:
+    Value: !GetAtt DBInstance.Endpoint.Address
+    Export:
+      Name: !Sub "${VpcName}-${Environment}-Db-endpoint"
+  DBName:
+    Value: !Ref DBName
+    Export:
+      Name: !Sub "${VpcName}-${Environment}-Db-dbname"

data/sample/db/prod.json

@@ -0,0 +1,68 @@
+{
+  "Parameters": [
+      {
+          "ParameterKey": "VpcName",
+          "ParameterValue": "sample"
+      },
+      {
+          "ParameterKey": "Environment",
+          "ParameterValue": "Prod"
+      },
+      {
+          "ParameterKey": "MySQLMajorVersion",
+          "ParameterValue": "5.7"
+      },
+      {
+          "ParameterKey": "DBInstanceClass",
+          "ParameterValue": "db.t2.micro"
+      },
+      {
+          "ParameterKey": "DBInstanceStorageSize",
+          "ParameterValue": "10"
+      },
+      {
+          "ParameterKey": "DBInstanceStorageType",
+          "ParameterValue": "gp2"
+      },
+      {
+          "ParameterKey": "DBName",
+          "ParameterValue": "db"
+      },
+      {
+          "ParameterKey": "DBRestore",
+          "ParameterValue": "false"
+      },
+      {
+          "ParameterKey": "DBSnapshotId",
+          "ParameterValue": ""
+      },
+      {
+          "ParameterKey": "DBMasterUserName",
+          "ParameterValue": "dbuser"
+      },
+      {
+          "ParameterKey": "DBPassword",
+          "ParameterValue": "dbpassword"
+      },
+      {
+          "ParameterKey": "MultiAZ",
+          "ParameterValue": "false"
+      },
+      {
+          "ParameterKey": "CopyTagsToSnapshot",
+          "ParameterValue": "false"
+      },
+      {
+          "ParameterKey": "OptionalPreferredBackupWindow",
+          "ParameterValue": ""
+      },
+      {
+          "ParameterKey": "OptionalPreferredMaintenanceWindow",
+          "ParameterValue": ""
+      },
+      {
+          "ParameterKey": "OptionalBackupRetentionPeriod",
+          "ParameterValue": ""
+      }
+  ]
+}

data/sample/elb/elb.yaml

@@ -0,0 +1,8 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: ELB Stack
+
+Parameters:
+
+Resources:
+  
+Outputs:

data/sample/iam/iam.yaml

@@ -0,0 +1,53 @@
+AWSTemplateFormatVersion: 2010-09-09
+Description: IAM EC2 Role Stack
+Parameters:
+  WebRoleName:
+    Description: Name for WebRole
+    Type: String
+  WebInstanceProfileName:
+    Description: Name for WebInstanceProfile
+    Type: String
+Resources:
+  WebRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument: 
+        Version: "2012-10-17"
+        Statement: 
+          - 
+            Effect: "Allow"
+            Principal: 
+              Service: 
+                - "ec2.amazonaws.com"
+            Action: 
+              - "sts:AssumeRole"
+      Path: "/"
+      Policies: 
+        - 
+          PolicyName: "root"
+          PolicyDocument: 
+            Version: "2012-10-17"
+            Statement: 
+              - 
+                Effect: "Allow"
+                Action: "*"
+                Resource: "*"    
+      RoleName: !Ref WebRoleName
+  WebInstanceProfile:
+    Type: AWS::IAM::InstanceProfile
+    Properties:
+      Path: "/"
+      Roles:
+        - !Ref WebRole       
+      InstanceProfileName: !Ref WebInstanceProfileName
+Outputs:
+  WebInstanceProfile:
+    Description: Web Instance Profile
+    Value: !Ref WebRoleName
+    Export:
+      Name: !Ref WebInstanceProfileName
+  WebRole:
+    Description: WebIam Role
+    Value: !Ref WebRole
+    Export:
+      Name: !Ref WebRoleName

data/sample/iam/prod.json

@@ -0,0 +1,12 @@
+{
+  "Parameters": [
+      {
+          "ParameterKey": "WebRoleName",
+          "ParameterValue": "WebRole"
+      },
+      {
+          "ParameterKey": "WebInstanceProfileName",
+          "ParameterValue": "WebInstanceProfile"            
+      }
+  ]
+}

data/sample/network/network.yaml

@@ -0,0 +1,333 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: Network Stack
+Parameters:
+  VpcName:
+    Description: Name for this VPC
+    Type: String
+  VpcCidr:
+    Description: CIDR Block for the VPC
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24
+  InternalDnsName:
+    Description: Internal DNS name
+    Type: String
+  Environment:
+    Description: Name for this Environment
+    Type: String
+  PublicSubnet1Cidr:
+    Description: CIDR Block for the subnet
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24
+  PublicSubnet2Cidr:
+    Description: CIDR Block for the subnet
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24
+  WebSubnet1Cidr:
+    Description: CIDR Block for the subnet
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24
+  WebSubnet2Cidr:
+    Description: CIDR Block for the subnet
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24
+  PrivateSubnet1Cidr:
+    Description: CIDR Block for the subnet
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24
+  PrivateSubnet2Cidr:
+    Description: CIDR Block for the subnet
+    Type: String
+    AllowedPattern: '[a-zA-Z0-9]+\..+'
+    ConstraintDescription: Must be like 192.168.0.0/24    
+Resources:
+  Vpc:
+    Type: AWS::EC2::VPC
+    Properties:
+      CidrBlock: !Ref VpcCidr
+      EnableDnsHostnames: true
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-VPC
+  Igw:
+    Type: AWS::EC2::InternetGateway
+    Properties: 
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-IGW
+  IgwAttachement:
+    Type: AWS::EC2::VPCGatewayAttachment
+    Properties:
+      InternetGatewayId: !Ref Igw
+      VpcId: !Ref Vpc
+  InternalDns:
+    Type: AWS::Route53::HostedZone
+    Properties:
+      HostedZoneConfig:
+        Comment: Internal DNS
+      Name: !Ref InternalDnsName
+      VPCs:
+        - VPCId: !Ref Vpc
+          VPCRegion: !Ref AWS::Region
+      HostedZoneTags:
+        - Key: Name
+          Value: InternalDns
+  PublicSubnet1:
+    Type: AWS::EC2::Subnet
+    Properties:
+      CidrBlock: !Ref PublicSubnet1Cidr
+      VpcId: !Ref Vpc
+      AvailabilityZone: !Select
+      - 0
+      - Fn::GetAZs: !Ref 'AWS::Region'
+      MapPublicIpOnLaunch: true
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Public-Subnet1
+  PublicSubnet2:
+    Type: AWS::EC2::Subnet
+    Properties:
+      CidrBlock: !Ref PublicSubnet2Cidr
+      VpcId: !Ref Vpc
+      AvailabilityZone: !Select
+      - 1
+      - Fn::GetAZs: !Ref 'AWS::Region'
+      MapPublicIpOnLaunch: true
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Public-Subnet2
+  WebSubnet1:
+    Type: AWS::EC2::Subnet
+    Properties:
+      CidrBlock: !Ref WebSubnet1Cidr
+      VpcId: !Ref Vpc
+      AvailabilityZone: !Select
+      - 0
+      - Fn::GetAZs: !Ref 'AWS::Region'
+      MapPublicIpOnLaunch: false
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Web-Subnet1
+  WebSubnet2:
+    Type: AWS::EC2::Subnet
+    Properties:
+      CidrBlock: !Ref WebSubnet2Cidr
+      VpcId: !Ref Vpc
+      AvailabilityZone: !Select
+      - 1
+      - Fn::GetAZs: !Ref 'AWS::Region'
+      MapPublicIpOnLaunch: false
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Web-Subnet2
+  PrivateSubnet1:
+    Type: AWS::EC2::Subnet
+    Properties:
+      CidrBlock: !Ref PrivateSubnet1Cidr
+      VpcId: !Ref Vpc
+      AvailabilityZone: !Select
+      - 0
+      - Fn::GetAZs: !Ref 'AWS::Region'
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Private-Subnet1
+  PrivateSubnet2:
+    Type: AWS::EC2::Subnet
+    Properties:
+      CidrBlock: !Ref PrivateSubnet2Cidr
+      VpcId: !Ref Vpc
+      AvailabilityZone: !Select
+      - 1
+      - Fn::GetAZs: !Ref 'AWS::Region'
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Private-Subnet2
+  PublicSubnetRT:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref Vpc
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Public-SubnetRT
+  PublicSubnetToInternetRoute:
+    Type: AWS::EC2::Route
+    Properties:
+      RouteTableId: !Ref PublicSubnetRT
+      GatewayId: !Ref Igw
+      DestinationCidrBlock: 0.0.0.0/0
+  PublicSubnetRTAssociationToPublicSubnet1:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      RouteTableId: !Ref PublicSubnetRT
+      SubnetId: !Ref PublicSubnet1
+  PublicSubnetRTAssociationToPublicSubnet2:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      RouteTableId: !Ref PublicSubnetRT
+      SubnetId: !Ref PublicSubnet2
+  WebSubnetRT1:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref Vpc
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Web-SubnetRT1
+  WebSubnetRT2:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref Vpc
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Web-SubnetRT2
+  WebSubnetRTAssociationToPublicSubnet1:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      RouteTableId: !Ref WebSubnetRT1
+      SubnetId: !Ref WebSubnet1
+  WebSubnetRTAssociationToPublicSubnet2:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      RouteTableId: !Ref WebSubnetRT2
+      SubnetId: !Ref WebSubnet2
+  PrivateSubnetRT1:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref Vpc
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Private-SubnetRT1
+  PrivateSubnetRT2:
+    Type: AWS::EC2::RouteTable
+    Properties:
+      VpcId: !Ref Vpc
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-Private-SubnetRT2
+  PrivateSubnetRT1AssociationToPrivateSubnet1:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      RouteTableId: !Ref PrivateSubnetRT1
+      SubnetId: !Ref PrivateSubnet1
+  PrivateSubnetRT2AssociationToPrivateSubnet2:
+    Type: AWS::EC2::SubnetRouteTableAssociation
+    Properties:
+      RouteTableId: !Ref PrivateSubnetRT2
+      SubnetId: !Ref PrivateSubnet2
+  NatEip1:
+    Type: AWS::EC2::EIP
+    Properties: {}
+  NatEip2:
+    Type: AWS::EC2::EIP
+    Properties: {}
+  NatGw1:
+    Type: AWS::EC2::NatGateway
+    Properties:
+      SubnetId: !Ref PublicSubnet1
+      AllocationId:
+        Fn::GetAtt:
+        - NatEip1
+        - AllocationId
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-NATGW1
+  NatGw2:
+    Type: AWS::EC2::NatGateway
+    Properties:
+      SubnetId: !Ref PublicSubnet2
+      AllocationId:
+        Fn::GetAtt:
+        - NatEip2
+        - AllocationId
+      Tags:
+      - Key: Name
+        Value: !Sub ${VpcName}-${Environment}-NATGW2
+  PrivateSubnet1ToInternetRoute:
+    Type: AWS::EC2::Route
+    Properties:
+      RouteTableId: !Ref PrivateSubnetRT1
+      NatGatewayId: !Ref NatGw1
+      DestinationCidrBlock: 0.0.0.0/0
+  PrivateSubnet2ToInternetRoute:
+    Type: AWS::EC2::Route
+    Properties:
+      RouteTableId: !Ref PrivateSubnetRT2
+      NatGatewayId: !Ref NatGw2
+      DestinationCidrBlock: 0.0.0.0/0
+  WebSubnet1ToInternetRoute:
+    Type: AWS::EC2::Route
+    Properties:
+      RouteTableId: !Ref WebSubnetRT1
+      NatGatewayId: !Ref NatGw1
+      DestinationCidrBlock: 0.0.0.0/0
+  WebSubnet2ToInternetRoute:
+    Type: AWS::EC2::Route
+    Properties:
+      RouteTableId: !Ref WebSubnetRT2
+      NatGatewayId: !Ref NatGw2
+      DestinationCidrBlock: 0.0.0.0/0          
+Outputs:
+  VpcCidr:
+    Description: VPC CIDR
+    Value: !GetAtt Vpc.CidrBlock
+    Export:
+      Name: !Sub ${VpcName}-VpcCidr
+  VpcId:
+    Description: VPC ID
+    Value: !Ref Vpc
+    Export:
+      Name: !Sub ${VpcName}-VpcId
+  Igw:
+    Description: InternetGateway of this VPC
+    Value: !Ref Igw
+    Export:
+      Name: !Sub ${VpcName}-IGW
+  IgwAttachement:
+    Description: InternetGatewayAttachement of this VPC
+    Value: !Ref IgwAttachement
+    Export:
+      Name: !Sub ${VpcName}-IGW-Attachement
+  InternalDnsName:
+    Description: Internal DNS zone name
+    Value: !Join [ ".", [ !Ref InternalDnsName, "" ]]
+    Export:
+      Name: !Sub ${VpcName}-InternalDnsName
+  InternalDns:
+    Description: Internal DNS zone id
+    Value: !Ref InternalDns
+    Export:
+      Name: !Sub ${VpcName}-InternalDns
+  PrivateSubnet1:
+    Description: Private Subnet 1 Id
+    Value: !Ref PrivateSubnet1
+    Export:
+     Name: !Sub ${VpcName}-${Environment}-Private-Subnet1
+  PrivateSubnet2:
+    Description: Private Subnet 2 Id
+    Value: !Ref PrivateSubnet2
+    Export:
+      Name: !Sub ${VpcName}-${Environment}-Private-Subnet2
+  WebSubnet1:
+    Description: Web Subnet 1 Id
+    Value: !Ref WebSubnet1
+    Export:
+      Name: !Sub ${VpcName}-${Environment}-Web-Subnet1
+  WebSubnet2:
+    Description: Web Subnet 2 Id
+    Value: !Ref WebSubnet2
+    Export:
+      Name: !Sub ${VpcName}-${Environment}-Web-Subnet2
+  PublicSubnet1:
+    Description: Public Subnet 1 Id
+    Value: !Ref PublicSubnet1
+    Export:
+      Name: !Sub ${VpcName}-${Environment}-Public-Subnet1
+  PublicSubnet2:
+    Description: Public Subnet 2 Id
+    Value: !Ref PublicSubnet2
+    Export:
+      Name: !Sub ${VpcName}-${Environment}-Public-Subnet2

data/sample/network/prod.json

@@ -0,0 +1,44 @@
+{
+    "Parameters": [
+        {
+            "ParameterKey": "VpcName",
+            "ParameterValue": "sample"
+        },
+        {
+            "ParameterKey": "VpcCidr",
+            "ParameterValue": "10.199.0.0/16"
+        },
+        {
+            "ParameterKey": "InternalDnsName",
+            "ParameterValue": "sample.local"
+        },
+        {
+            "ParameterKey": "Environment",
+            "ParameterValue": "Prod"
+        },
+        {
+            "ParameterKey": "PublicSubnet1Cidr",
+            "ParameterValue": "10.199.1.0/25"
+        },
+        {
+            "ParameterKey": "PublicSubnet2Cidr",
+            "ParameterValue": "10.199.1.128/25"
+        },
+        {
+            "ParameterKey": "WebSubnet1Cidr",
+            "ParameterValue": "10.199.2.0/25"
+        },
+        {
+            "ParameterKey": "WebSubnet2Cidr",
+            "ParameterValue": "10.199.2.128/25"
+        },
+        {
+            "ParameterKey": "PrivateSubnet1Cidr",
+            "ParameterValue": "10.199.3.0/25"
+        },
+        {
+            "ParameterKey": "PrivateSubnet2Cidr",
+            "ParameterValue": "10.199.3.128/25"
+        }
+    ]
+}

data/sample/sg/prod.json

@@ -0,0 +1,8 @@
+{
+  "Parameters": [
+      {
+          "ParameterKey": "VpcName",
+          "ParameterValue": "sample"
+      }
+  ]
+}