convection 0.2.33 → 0.2.34.pre.beta.1

data/example/instances.rb

@@ -1,93 +0,0 @@
-require_relative '../lib/convection'
-
-module Convection
-  module Demo
-    INSTANCES = Convection.template do
-      description 'Demo Foobar'
-
-      ec2_instance 'Foobar' do
-        subnet stack.get('vpc', 'TargetVPCSubnetPublic3')
-        security_group stack.get('security-groups', 'Foobar')
-
-        image_id stack['foobar-image']
-        instance_type 'm3.medium'
-        key_name 'production'
-
-        tag 'Name', 'foobar-0'
-        tag 'Service', 'foobar'
-        tag 'Stack', stack.cloud
-      end
-
-      #
-      # Create an instance with encrypted EBS mount point
-      # and an ephemeral volume
-      #
-
-      # Create a KMS encryption key to encrypt the volume
-      kms_key 'FoobarKmsKey' do
-        description 'Used to encrypt volumes'
-
-        # don't delete the key when this stack is deleted
-        deletion_policy 'Retain'
-
-        policy do
-          allow do
-            sid 'Enable IAM User Permissions'
-            principal :AWS => ["arn:aws:iam::#{MY_AWS_ACCOUNT_NUMBER}:root"]
-            action 'kms:*'
-            resource '*'
-          end
-        end
-      end
-
-      ec2_volume 'FoobarEncryptedVol' do
-        availability_zone 'us-east-1a'
-        size 20
-        volume_type :gp2
-
-        # encrypt with the key from this stack
-        encrypted true
-        kms_key fn_ref('FoobarKmsKey')
-
-        # don't delete the volume when this stack is deleted
-        deletion_policy 'Retain'
-
-        tag 'Name', 'Foobar Encrypted Volume'
-        tag 'Service', 'foobar'
-        tag 'Stack', stack.cloud
-      end
-
-      ec2_instance 'FoobarWithEncryptedVol' do
-        image_id stack['foobar-image']
-        instance_type 'm3.medium'
-        key_name 'production'
-        availability_zone 'us-east-1a'
-
-        # give the instance a static private IP and ensure
-        # it has a public ip regardless of subnet default setting
-        network_interface do
-          private_ip_address '10.1.2.3'
-          associate_public_ip_address true
-          security_group stack.get('security-groups', 'Foobar')
-          subnet stack.get('vpc', 'TargetVPCSubnetPublic3')
-        end
-
-        # mount the encrypted volume at /dev/xvdf
-        volume do
-          device '/dev/sdf'
-          volume_id fn_ref('FoobarEncryptedVol')
-        end
-
-        # mount an ephemeral drive at /dev/xvdc
-        block_device do
-          device '/dev/sdc'
-          virtual_name 'ephemeral0'
-        end
-
-        tag 'Name', 'Foobar Encrypted'
-        tag 'Service', 'foobar'
-        tag 'Stack', stack.cloud
-      end
-    end
-  end
-end

data/example/output/vpc.json

@@ -1,335 +0,0 @@
-{
-  "AWSTemplateFormatVersion": "2010-09-09",
-  "Description": "Demo VPC",
-  "Parameters": {
-  },
-  "Mappings": {
-  },
-  "Conditions": {
-  },
-  "Resources": {
-    "TargetVPCIGVPCAttachmentTargetVPC": {
-      "Type": "AWS::EC2::VPCGatewayAttachment",
-      "Properties": {
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "InternetGatewayId": {
-          "Ref": "TargetVPCIG"
-        }
-      }
-    },
-    "TargetVPCIG": {
-      "Type": "AWS::EC2::InternetGateway",
-      "Properties": {
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "TargetVPCInternetGateway"
-          }
-        ]
-      }
-    },
-    "TargetVPCACLPublicEntryAllowAllIngress": {
-      "Type": "AWS::EC2::NetworkAclEntry",
-      "Properties": {
-        "NetworkAclId": {
-          "Ref": "TargetVPCACLPublic"
-        },
-        "RuleAction": "allow",
-        "RuleNumber": 100,
-        "PortRange": {
-          "From": 0,
-          "To": 65535
-        },
-        "CidrBlock": "0.0.0.0/0",
-        "Protocol": -1
-      }
-    },
-    "TargetVPCACLPublicEntryAllowAllEgress": {
-      "Type": "AWS::EC2::NetworkAclEntry",
-      "Properties": {
-        "NetworkAclId": {
-          "Ref": "TargetVPCACLPublic"
-        },
-        "RuleAction": "allow",
-        "RuleNumber": 100,
-        "Egress": true,
-        "PortRange": {
-          "From": 0,
-          "To": 65535
-        },
-        "CidrBlock": "0.0.0.0/0",
-        "Protocol": -1
-      }
-    },
-    "TargetVPCACLPublic": {
-      "Type": "AWS::EC2::NetworkAcl",
-      "Properties": {
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "acl-public-convection-test"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          }
-        ]
-      }
-    },
-    "TargetVPCTablePublic": {
-      "Type": "AWS::EC2::RouteTable",
-      "Properties": {
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "routes-public-convection-test"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          }
-        ]
-      }
-    },
-    "TargetVPCTablePublicRouteDefault": {
-      "Type": "AWS::EC2::Route",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "TargetVPCTablePublic"
-        },
-        "DestinationCidrBlock": "0.0.0.0/0",
-        "GatewayId": {
-          "Ref": "TargetVPCIG"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic0ACLAssociationTargetVPCACLPublic": {
-      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
-      "Properties": {
-        "NetworkAclId": {
-          "Ref": "TargetVPCACLPublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic0"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic0RouteTableAssociationTargetVPCTablePublic": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "TargetVPCTablePublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic0"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic0": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "us-east-1a",
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "CidrBlock": "10.255.0.0/24",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "subnet-public-convection-test-us-east-1a"
-          },
-          {
-            "Key": "immutable_metadata",
-            "Value": "{\"purpose\":\"public-convection-test\",\"target\":\"\"}"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          },
-          {
-            "Key": "Service",
-            "Value": "Public"
-          }
-        ]
-      }
-    },
-    "TargetVPCSubnetPublic1ACLAssociationTargetVPCACLPublic": {
-      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
-      "Properties": {
-        "NetworkAclId": {
-          "Ref": "TargetVPCACLPublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic1"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic1RouteTableAssociationTargetVPCTablePublic": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "TargetVPCTablePublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic1"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic1": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "us-east-1c",
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "CidrBlock": "10.255.1.0/24",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "subnet-public-convection-test-us-east-1c"
-          },
-          {
-            "Key": "immutable_metadata",
-            "Value": "{\"purpose\":\"public-convection-test\",\"target\":\"\"}"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          },
-          {
-            "Key": "Service",
-            "Value": "Public"
-          }
-        ]
-      }
-    },
-    "TargetVPCSubnetPublic2ACLAssociationTargetVPCACLPublic": {
-      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
-      "Properties": {
-        "NetworkAclId": {
-          "Ref": "TargetVPCACLPublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic2"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic2RouteTableAssociationTargetVPCTablePublic": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "TargetVPCTablePublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic2"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic2": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "us-east-1d",
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "CidrBlock": "10.255.2.0/24",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "subnet-public-convection-test-us-east-1d"
-          },
-          {
-            "Key": "immutable_metadata",
-            "Value": "{\"purpose\":\"public-convection-test\",\"target\":\"\"}"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          },
-          {
-            "Key": "Service",
-            "Value": "Public"
-          }
-        ]
-      }
-    },
-    "TargetVPCSubnetPublic3ACLAssociationTargetVPCACLPublic": {
-      "Type": "AWS::EC2::SubnetNetworkAclAssociation",
-      "Properties": {
-        "NetworkAclId": {
-          "Ref": "TargetVPCACLPublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic3"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic3RouteTableAssociationTargetVPCTablePublic": {
-      "Type": "AWS::EC2::SubnetRouteTableAssociation",
-      "Properties": {
-        "RouteTableId": {
-          "Ref": "TargetVPCTablePublic"
-        },
-        "SubnetId": {
-          "Ref": "TargetVPCSubnetPublic3"
-        }
-      }
-    },
-    "TargetVPCSubnetPublic3": {
-      "Type": "AWS::EC2::Subnet",
-      "Properties": {
-        "AvailabilityZone": "us-east-1e",
-        "VpcId": {
-          "Ref": "TargetVPC"
-        },
-        "CidrBlock": "10.255.3.0/24",
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "subnet-public-convection-test-us-east-1e"
-          },
-          {
-            "Key": "immutable_metadata",
-            "Value": "{\"purpose\":\"public-convection-test\",\"target\":\"\"}"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          },
-          {
-            "Key": "Service",
-            "Value": "Public"
-          }
-        ]
-      }
-    },
-    "TargetVPC": {
-      "Type": "AWS::EC2::VPC",
-      "Properties": {
-        "CidrBlock": "10.255.0.0/16",
-        "EnableDnsSupport": true,
-        "EnableDnsHostnames": true,
-        "Tags": [
-          {
-            "Key": "Name",
-            "Value": "convection-test"
-          },
-          {
-            "Key": "Stack",
-            "Value": "convection-test"
-          }
-        ]
-      }
-    }
-  },
-  "Outputs": {
-  }
-}

data/example/security-groups.rb

@@ -1,77 +0,0 @@
-require_relative '../lib/convection'
-
-module Convection
-  module Demo
-    SECURITY_GROUPS = Convection.template do
-      description 'Demo Security Groups'
-
-      ec2_security_group 'FoobarELB' do
-        vpc stack.get('vpc', 'id')
-        description 'Foobar ELB Ingress'
-
-        ingress_rule(:tcp, 80, '0.0.0.0/0')
-        ingress_rule(:tcp, 443, '0.0.0.0/0')
-
-        tag 'Name', "sg-foobar-elb-#{ stack.cloud }"
-        tag 'Service', 'foobar'
-        tag 'Resource', 'ELB'
-        tag 'Scope', 'public'
-        tag 'Stack', stack.cloud
-
-        with_output
-      end
-
-      ec2_security_group 'Foobar' do
-        vpc stack.get('vpc', 'id')
-        description 'Foobar Ingress'
-
-        ingress_rule(:tcp, 8080) { source_group fn_ref('FoobarELB') }
-
-        tag 'Name', "sg-foobar-#{ stack.cloud }"
-        tag 'Service', 'foobar'
-        tag 'Resource', 'EC2'
-        tag 'Scope', 'private'
-        tag 'Stack', stack.cloud
-
-        with_output
-      end
-
-      ec2_security_group 'FoobarEgress' do
-        vpc stack.get('vpc', 'id')
-        description 'Foobar Egress'
-
-        egress_rule(:tcp, 80, '0.0.0.0/0')
-        egress_rule(:tcp, 443, '0.0.0.0/0')
-
-        tag 'Name', "sg-foobar-egress-#{ stack.cloud }"
-        tag 'Service', 'foobar'
-        tag 'Resource', 'EC2'
-        tag 'Scope', 'private'
-        tag 'Stack', stack.cloud
-
-        with_output
-      end
-
-      ec2_security_group 'FoobarNoEgress' do
-        vpc stack.get('vpc', 'id')
-        description 'Foobar No Egress'
-
-        # By default, Cloud Formation adds a default egress rule that allows
-        # egress traffic on all ports and IP protocols to any location.  The default
-        # rule is removed only when you specify one or more egress rules.  If you want
-        # to remove the default rule and limit egress traffic to just the localhost,
-        # you can use the following rule:
-        # See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
-        egress_rule(-1, nil, '127.0.0.1/32')
-
-        tag 'Name', "sg-foobar-noegress-#{ stack.cloud }"
-        tag 'Service', 'foobar'
-        tag 'Resource', 'EC2'
-        tag 'Scope', 'private'
-        tag 'Stack', stack.cloud
-
-        with_output
-      end
-    end
-  end
-end