inspec-iggy 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (17) hide show
  1. checksums.yaml +7 -0
  2. data/Gemfile +15 -0
  3. data/README.md +114 -0
  4. data/inspec-iggy.gemspec +26 -0
  5. data/lib/inspec-iggy.rb +7 -0
  6. data/lib/inspec-iggy/cli.rb +53 -0
  7. data/lib/inspec-iggy/cloudformation.rb +104 -0
  8. data/lib/inspec-iggy/inspec_helper.rb +59 -0
  9. data/lib/inspec-iggy/terraform.rb +146 -0
  10. data/lib/inspec-iggy/version.rb +11 -0
  11. data/test/bad.json +6 -0
  12. data/test/bjc-demo-aws-4.5.4.json +851 -0
  13. data/test/main.tf +156 -0
  14. data/test/outputs.tf +11 -0
  15. data/test/terraform.tfstate +383 -0
  16. data/test/variables.tf +35 -0
  17. metadata +80 -0
data/lib/inspec-iggy/version.rb ADDED
@@ -0,0 +1,11 @@
1
+ # encoding: UTF-8
2
+ #
3
+ # Author:: Matt Ray (<matt@chef.io>)
4
+ #
5
+ # Copyright:: 2018, Chef Software, Inc <legal@chef.io>
6
+ #
7
+
8
+ # Iggy version
9
+ module Iggy
10
+ VERSION = "0.2.0".freeze
11
+ end
data/test/bad.json ADDED
@@ -0,0 +1,6 @@
1
+ {
2
+ this
3
+ file
4
+ is
5
+ junk
6
+ }
data/test/bjc-demo-aws-4.5.4.json ADDED
@@ -0,0 +1,851 @@
1
+
2
+ {
3
+ "AWSTemplateFormatVersion": "2010-09-09",
4
+ "Description": "BJC Chef Demo (4.5.4)",
5
+ "Parameters": {
6
+ "AvailabilityZone": {
7
+ "Description": "Availability Zone",
8
+ "Type": "String",
9
+ "Default": "us-west-2c"
10
+ },
11
+ "DemoName": {
12
+ "Description": "Name of the customer or organization",
13
+ "Type": "String",
14
+ "Default": "bjc-demo"
15
+ },
16
+ "Version": {
17
+ "Description": "Version",
18
+ "Type": "String",
19
+ "Default": "4.5.4"
20
+ },
21
+ "KeyName": {
22
+ "Description": "Name of an existing ec2 KeyPair to enable SSH access",
23
+ "Type": "AWS::EC2::KeyPair::KeyName",
24
+ "ConstraintDescription": "must be the name of an existing EC2 KeyPair."
25
+ },
26
+ "SSHLocation": {
27
+ "Description": "The IP address range that can be used to SSH to the EC2 instances",
28
+ "Type": "String",
29
+ "MinLength": "9",
30
+ "MaxLength": "18",
31
+ "Default": "0.0.0.0/0",
32
+ "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
33
+ "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
34
+ },
35
+ "TTL": {
36
+ "Description": "Time in hours for the demo to stay active. Default is 4, maximum is 720 hours (30 days).",
37
+ "Type": "Number",
38
+ "Default": 8,
39
+ "MinValue": 0,
40
+ "MaxValue": 720
41
+ },
42
+ "ChefServerAMI": {
43
+ "Type": "String",
44
+ "Default": "ami-3e6f1a46",
45
+ "Description": "AMI ID for the Chef Server"
46
+ },
47
+ "BuildNode1AMI": {
48
+ "Type": "String",
49
+ "Default": "ami-cb6f1ab3",
50
+ "Description": "AMI ID for Build Node 1"
51
+ },
52
+ "BuildNode2AMI": {
53
+ "Type": "String",
54
+ "Default": "ami-3c6d1844",
55
+ "Description": "AMI ID for Build Node 2"
56
+ },
57
+ "BuildNode3AMI": {
58
+ "Type": "String",
59
+ "Default": "ami-4b6f1a33",
60
+ "Description": "AMI ID for Build Node 3"
61
+ },
62
+ "deliveredAMI": {
63
+ "Type": "String",
64
+ "Default": "ami-676f1a1f",
65
+ "Description": "AMI ID for delivered"
66
+ },
67
+ "ecomacceptanceAMI": {
68
+ "Type": "String",
69
+ "Default": "ami-de6c19a6",
70
+ "Description": "AMI ID for ecomacceptance"
71
+ },
72
+ "rehearsalAMI": {
73
+ "Type": "String",
74
+ "Default": "ami-846c19fc",
75
+ "Description": "AMI ID for rehearsal"
76
+ },
77
+ "unionAMI": {
78
+ "Type": "String",
79
+ "Default": "ami-1f621767",
80
+ "Description": "AMI ID for union"
81
+ },
82
+ "WindowsWorkstation1AMI": {
83
+ "Type": "String",
84
+ "Default": "ami-ba6e1bc2",
85
+ "Description": "AMI ID for the Windows Workstation"
86
+ },
87
+ "AutomateAMI": {
88
+ "Type": "String",
89
+ "Default": "ami-7d6c1905",
90
+ "Description": "AMI ID for the Automate Server"
91
+ }
92
+ },
93
+ "Resources": {
94
+ "InstanceProfile" : {
95
+ "Type" : "AWS::IAM::InstanceProfile",
96
+ "Properties" : {
97
+ "Path" : "/",
98
+ "Roles" : ["chefDemo"]
99
+ }
100
+ },
101
+ "VPC": {
102
+ "Type": "AWS::EC2::VPC",
103
+ "Properties": {
104
+ "CidrBlock": "172.31.0.0/16",
105
+ "EnableDnsSupport": "true",
106
+ "EnableDnsHostnames": "true",
107
+ "Tags": [
108
+ {
109
+ "Key": "Application",
110
+ "Value": {
111
+ "Ref": "AWS::StackId"
112
+ },
113
+ "Key": "Name",
114
+ "Value": {
115
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "VPC" ] ]
116
+ }
117
+ }
118
+ ]
119
+ }
120
+ },
121
+ "SubnetAutomate": {
122
+ "Type": "AWS::EC2::Subnet",
123
+ "Properties": {
124
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
125
+ "VpcId": {
126
+ "Ref": "VPC"
127
+ },
128
+ "CidrBlock": "172.31.54.0/24",
129
+ "Tags": [
130
+ {
131
+ "Key": "Application",
132
+ "Value": {
133
+ "Ref": "AWS::StackId"
134
+ },
135
+ "Key": "Name",
136
+ "Value": {
137
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Automate Subnet" ] ]
138
+ }
139
+ }
140
+ ]
141
+ }
142
+ },
143
+ "SubnetProd": {
144
+ "Type": "AWS::EC2::Subnet",
145
+ "Properties": {
146
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
147
+ "VpcId": {
148
+ "Ref": "VPC"
149
+ },
150
+ "CidrBlock": "172.31.62.0/24",
151
+ "Tags": [
152
+ {
153
+ "Key": "Application",
154
+ "Value": {
155
+ "Ref": "AWS::StackId"
156
+ },
157
+ "Key": "Name",
158
+ "Value": {
159
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Prod Subnet" ] ]
160
+ }
161
+ }
162
+ ]
163
+ }
164
+ },
165
+ "SubnetWorkstations": {
166
+ "Type": "AWS::EC2::Subnet",
167
+ "Properties": {
168
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
169
+ "VpcId": {
170
+ "Ref": "VPC"
171
+ },
172
+ "CidrBlock": "172.31.10.0/24",
173
+ "Tags": [
174
+ {
175
+ "Key": "Application",
176
+ "Value": {
177
+ "Ref": "AWS::StackId"
178
+ },
179
+ "Key": "Name",
180
+ "Value": {
181
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Workstations Subnet" ] ]
182
+ }
183
+ }
184
+ ]
185
+ }
186
+ },
187
+ "InternetGateway": {
188
+ "Type": "AWS::EC2::InternetGateway",
189
+ "Properties": {
190
+ "Tags": [
191
+ {
192
+ "Key": "Application",
193
+ "Value": {
194
+ "Ref": "AWS::StackId"
195
+ },
196
+ "Key": "Name",
197
+ "Value": {
198
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, " IG" ] ]
199
+ }
200
+ }
201
+ ]
202
+ }
203
+ },
204
+ "AttachGateway": {
205
+ "Type": "AWS::EC2::VPCGatewayAttachment",
206
+ "Properties": {
207
+ "VpcId": {
208
+ "Ref": "VPC"
209
+ },
210
+ "InternetGatewayId": {
211
+ "Ref": "InternetGateway"
212
+ }
213
+ }
214
+ },
215
+ "RouteTable": {
216
+ "Type": "AWS::EC2::RouteTable",
217
+ "Properties": {
218
+ "VpcId": {
219
+ "Ref": "VPC"
220
+ },
221
+ "Tags": [
222
+ {
223
+ "Key": "Application",
224
+ "Value": {
225
+ "Ref": "AWS::StackId"
226
+ },
227
+ "Key": "Name",
228
+ "Value": {
229
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Demo RouteTable" ] ]
230
+ }
231
+ }
232
+ ]
233
+ }
234
+ },
235
+ "Route": {
236
+ "Type": "AWS::EC2::Route",
237
+ "DependsOn": "AttachGateway",
238
+ "Properties": {
239
+ "RouteTableId": {
240
+ "Ref": "RouteTable"
241
+ },
242
+ "DestinationCidrBlock": "0.0.0.0/0",
243
+ "GatewayId": {
244
+ "Ref": "InternetGateway"
245
+ }
246
+ }
247
+ },
248
+ "SubnetRouteTableAssociationAutomate": {
249
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
250
+ "Properties": {
251
+ "SubnetId": {
252
+ "Ref": "SubnetAutomate"
253
+ },
254
+ "RouteTableId": {
255
+ "Ref": "RouteTable"
256
+ }
257
+ }
258
+ },
259
+ "SubnetRouteTableAssociationProd": {
260
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
261
+ "Properties": {
262
+ "SubnetId": {
263
+ "Ref": "SubnetProd"
264
+ },
265
+ "RouteTableId": {
266
+ "Ref": "RouteTable"
267
+ }
268
+ }
269
+ },
270
+ "SubnetRouteTableAssociationWorkstations": {
271
+ "Type": "AWS::EC2::SubnetRouteTableAssociation",
272
+ "Properties": {
273
+ "SubnetId": {
274
+ "Ref": "SubnetWorkstations"
275
+ },
276
+ "RouteTableId": {
277
+ "Ref": "RouteTable"
278
+ }
279
+ }
280
+ },
281
+ "NetworkAcl": {
282
+ "Type": "AWS::EC2::NetworkAcl",
283
+ "Properties": {
284
+ "VpcId": {
285
+ "Ref": "VPC"
286
+ },
287
+ "Tags": [
288
+ {
289
+ "Key": "Application",
290
+ "Value": {
291
+ "Ref": "AWS::StackId"
292
+ },
293
+ "Key": "Name",
294
+ "Value": {
295
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "NetworkAcl" ] ]
296
+ }
297
+ }
298
+ ]
299
+ }
300
+ },
301
+ "InboundNetworkAclEntry": {
302
+ "Type": "AWS::EC2::NetworkAclEntry",
303
+ "Properties": {
304
+ "NetworkAclId": {
305
+ "Ref": "NetworkAcl"
306
+ },
307
+ "RuleNumber": "100",
308
+ "Protocol": "-1",
309
+ "RuleAction": "allow",
310
+ "Egress": "false",
311
+ "CidrBlock": "0.0.0.0/0"
312
+ }
313
+ },
314
+ "OutBoundNetworkAclEntry": {
315
+ "Type": "AWS::EC2::NetworkAclEntry",
316
+ "Properties": {
317
+ "NetworkAclId": {
318
+ "Ref": "NetworkAcl"
319
+ },
320
+ "RuleNumber": "100",
321
+ "Protocol": "-1",
322
+ "RuleAction": "allow",
323
+ "Egress": "true",
324
+ "CidrBlock": "0.0.0.0/0"
325
+ }
326
+ },
327
+ "SubnetNetworkAclAssociationAutomate": {
328
+ "Type": "AWS::EC2::SubnetNetworkAclAssociation",
329
+ "Properties": {
330
+ "SubnetId": {
331
+ "Ref": "SubnetAutomate"
332
+ },
333
+ "NetworkAclId": {
334
+ "Ref": "NetworkAcl"
335
+ }
336
+ }
337
+ },
338
+ "SubnetNetworkAclAssociationProd": {
339
+ "Type": "AWS::EC2::SubnetNetworkAclAssociation",
340
+ "Properties": {
341
+ "SubnetId": {
342
+ "Ref": "SubnetProd"
343
+ },
344
+ "NetworkAclId": {
345
+ "Ref": "NetworkAcl"
346
+ }
347
+ }
348
+ },
349
+ "SubnetNetworkAclAssociationPOCWorkstations": {
350
+ "Type": "AWS::EC2::SubnetNetworkAclAssociation",
351
+ "Properties": {
352
+ "SubnetId": {
353
+ "Ref": "SubnetWorkstations"
354
+ },
355
+ "NetworkAclId": {
356
+ "Ref": "NetworkAcl"
357
+ }
358
+ }
359
+ },
360
+ "WindowsWorkstation1": {
361
+ "Type": "AWS::EC2::Instance",
362
+ "Properties": {
363
+ "InstanceType": "c4.large",
364
+ "EbsOptimized" : "true",
365
+ "IamInstanceProfile" : {"Ref" : "InstanceProfile"},
366
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
367
+ "NetworkInterfaces": [
368
+ {
369
+ "GroupSet": [
370
+ {
371
+ "Ref": "DemoSecurityGroup"
372
+ }
373
+ ],
374
+ "AssociatePublicIpAddress": "true",
375
+ "PrivateIpAddress": "172.31.54.201",
376
+ "DeviceIndex": "0",
377
+ "DeleteOnTermination": "true",
378
+ "SubnetId": {
379
+ "Ref": "SubnetAutomate"
380
+ }
381
+ }
382
+ ],
383
+ "KeyName": {
384
+ "Ref": "KeyName"
385
+ },
386
+ "UserData" : {
387
+ "Fn::Base64" : {
388
+ "Fn::Join" : [
389
+ "",
390
+ ["<powershell>\n",
391
+ "set-executionpolicy -executionpolicy unrestricted -force -scope LocalMachine",
392
+ "</powershell>"
393
+ ]
394
+ ]
395
+ }
396
+ },
397
+ "ImageId": {
398
+ "Ref": "WindowsWorkstation1AMI"
399
+ },
400
+ "Tags": [
401
+ {
402
+ "Key": "Name",
403
+ "Value": {
404
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Workstation" ] ]
405
+ }
406
+ }
407
+ ]
408
+ }
409
+ },
410
+ "BuildNode1": {
411
+ "Type": "AWS::EC2::Instance",
412
+ "Properties": {
413
+ "InstanceType": "m4.large",
414
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
415
+ "NetworkInterfaces": [
416
+ {
417
+ "GroupSet": [
418
+ {
419
+ "Ref": "DemoSecurityGroup"
420
+ }
421
+ ],
422
+ "AssociatePublicIpAddress": "true",
423
+ "PrivateIpAddress": "172.31.54.51",
424
+ "DeviceIndex": "0",
425
+ "DeleteOnTermination": "true",
426
+ "SubnetId": {
427
+ "Ref": "SubnetAutomate"
428
+ }
429
+ }
430
+ ],
431
+ "KeyName": { "Ref": "KeyName" },
432
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
433
+ "#!/bin/bash -xe\n",
434
+ "hostnamectl set-hostname build-node-1\n",
435
+ "sleep 90\n",
436
+ "sudo chef-client\n"]]}
437
+ },
438
+ "ImageId": {
439
+ "Ref": "BuildNode1AMI"
440
+ },
441
+ "Tags": [
442
+ {
443
+ "Key": "Name",
444
+ "Value": {
445
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Build Node 1" ] ]
446
+ }
447
+ }
448
+ ]
449
+ }
450
+ },
451
+ "BuildNode2": {
452
+ "Type": "AWS::EC2::Instance",
453
+ "Properties": {
454
+ "InstanceType": "m4.large",
455
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
456
+ "NetworkInterfaces": [
457
+ {
458
+ "GroupSet": [
459
+ {
460
+ "Ref": "DemoSecurityGroup"
461
+ }
462
+ ],
463
+ "AssociatePublicIpAddress": "true",
464
+ "PrivateIpAddress": "172.31.54.52",
465
+ "DeviceIndex": "0",
466
+ "DeleteOnTermination": "true",
467
+ "SubnetId": {
468
+ "Ref": "SubnetAutomate"
469
+ }
470
+ }
471
+ ],
472
+ "KeyName": { "Ref": "KeyName" },
473
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
474
+ "#!/bin/bash -xe\n",
475
+ "hostnamectl set-hostname build-node-2\n",
476
+ "sleep 90\n",
477
+ "sudo chef-client\n"]]}
478
+ },
479
+ "ImageId": {
480
+ "Ref": "BuildNode2AMI"
481
+ },
482
+ "Tags": [
483
+ {
484
+ "Key": "Name",
485
+ "Value": {
486
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Build Node 2" ] ]
487
+ }
488
+ }
489
+ ]
490
+ }
491
+ },
492
+ "BuildNode3": {
493
+ "Type": "AWS::EC2::Instance",
494
+ "Properties": {
495
+ "InstanceType": "m4.large",
496
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
497
+ "NetworkInterfaces": [
498
+ {
499
+ "GroupSet": [
500
+ {
501
+ "Ref": "DemoSecurityGroup"
502
+ }
503
+ ],
504
+ "AssociatePublicIpAddress": "true",
505
+ "PrivateIpAddress": "172.31.54.53",
506
+ "DeviceIndex": "0",
507
+ "DeleteOnTermination": "true",
508
+ "SubnetId": {
509
+ "Ref": "SubnetAutomate"
510
+ }
511
+ }
512
+ ],
513
+ "KeyName": { "Ref": "KeyName" },
514
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
515
+ "#!/bin/bash -xe\n",
516
+ "hostnamectl set-hostname build-node-3\n",
517
+ "sleep 90\n",
518
+ "sudo chef-client\n"]]}
519
+ },
520
+ "ImageId": {
521
+ "Ref": "BuildNode3AMI"
522
+ },
523
+ "Tags": [
524
+ {
525
+ "Key": "Name",
526
+ "Value": {
527
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Build Node 3" ] ]
528
+ }
529
+ }
530
+ ]
531
+ }
532
+ },
533
+ "delivered": {
534
+ "Type": "AWS::EC2::Instance",
535
+ "Properties": {
536
+ "InstanceType": "m4.large",
537
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
538
+ "NetworkInterfaces": [
539
+ {
540
+ "GroupSet": [
541
+ {
542
+ "Ref": "DemoSecurityGroup"
543
+ }
544
+ ],
545
+ "AssociatePublicIpAddress": "true",
546
+ "PrivateIpAddress": "172.31.54.101",
547
+ "DeviceIndex": "0",
548
+ "DeleteOnTermination": "true",
549
+ "SubnetId": {
550
+ "Ref": "SubnetAutomate"
551
+ }
552
+ }
553
+ ],
554
+ "KeyName": { "Ref": "KeyName" },
555
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
556
+ "#!/bin/bash -xe\n",
557
+ "hostnamectl set-hostname delivered\n",
558
+ "sleep 90\n",
559
+ "sudo chef-client\n"
560
+ ]]}
561
+ },
562
+ "ImageId": {
563
+ "Ref": "deliveredAMI"
564
+ },
565
+ "Tags": [
566
+ {
567
+ "Key": "Name",
568
+ "Value": {
569
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "delivered" ] ]
570
+ }
571
+ }
572
+ ]
573
+ }
574
+ },
575
+ "ecomacceptance": {
576
+ "Type": "AWS::EC2::Instance",
577
+ "Properties": {
578
+ "InstanceType": "m4.large",
579
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
580
+ "NetworkInterfaces": [
581
+ {
582
+ "GroupSet": [
583
+ {
584
+ "Ref": "DemoSecurityGroup"
585
+ }
586
+ ],
587
+ "AssociatePublicIpAddress": "true",
588
+ "PrivateIpAddress": "172.31.54.102",
589
+ "DeviceIndex": "0",
590
+ "DeleteOnTermination": "true",
591
+ "SubnetId": {
592
+ "Ref": "SubnetAutomate"
593
+ }
594
+ }
595
+ ],
596
+ "KeyName": { "Ref": "KeyName" },
597
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
598
+ "#!/bin/bash -xe\n",
599
+ "hostnamectl set-hostname ecomacceptance\n",
600
+ "sleep 90\n",
601
+ "sudo chef-client\n"
602
+ ]]}
603
+ },
604
+ "ImageId": {
605
+ "Ref": "ecomacceptanceAMI"
606
+ },
607
+ "Tags": [
608
+ {
609
+ "Key": "Name",
610
+ "Value": {
611
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "ecomacceptance" ] ]
612
+ }
613
+ }
614
+ ]
615
+ }
616
+ },
617
+ "rehearsal": {
618
+ "Type": "AWS::EC2::Instance",
619
+ "Properties": {
620
+ "InstanceType": "m4.large",
621
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
622
+ "NetworkInterfaces": [
623
+ {
624
+ "GroupSet": [
625
+ {
626
+ "Ref": "DemoSecurityGroup"
627
+ }
628
+ ],
629
+ "AssociatePublicIpAddress": "true",
630
+ "PrivateIpAddress": "172.31.54.103",
631
+ "DeviceIndex": "0",
632
+ "DeleteOnTermination": "true",
633
+ "SubnetId": {
634
+ "Ref": "SubnetAutomate"
635
+ }
636
+ }
637
+ ],
638
+ "KeyName": { "Ref": "KeyName" },
639
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
640
+ "#!/bin/bash -xe\n",
641
+ "hostnamectl set-hostname rehearsal\n",
642
+ "sleep 90\n",
643
+ "sudo chef-client\n"
644
+ ]]}
645
+ },
646
+ "ImageId": {
647
+ "Ref": "rehearsalAMI"
648
+ },
649
+ "Tags": [
650
+ {
651
+ "Key": "Name",
652
+ "Value": {
653
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "rehearsal" ] ]
654
+ }
655
+ }
656
+ ]
657
+ }
658
+ },
659
+ "union": {
660
+ "Type": "AWS::EC2::Instance",
661
+ "Properties": {
662
+ "InstanceType": "m4.large",
663
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
664
+ "NetworkInterfaces": [
665
+ {
666
+ "GroupSet": [
667
+ {
668
+ "Ref": "DemoSecurityGroup"
669
+ }
670
+ ],
671
+ "AssociatePublicIpAddress": "true",
672
+ "PrivateIpAddress": "172.31.54.104",
673
+ "DeviceIndex": "0",
674
+ "DeleteOnTermination": "true",
675
+ "SubnetId": {
676
+ "Ref": "SubnetAutomate"
677
+ }
678
+ }
679
+ ],
680
+ "KeyName": { "Ref": "KeyName" },
681
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
682
+ "#!/bin/bash -xe\n",
683
+ "hostnamectl set-hostname union\n",
684
+ "sleep 90\n",
685
+ "sudo chef-client\n"
686
+ ]]}
687
+ },
688
+ "ImageId": {
689
+ "Ref": "unionAMI"
690
+ },
691
+ "Tags": [
692
+ {
693
+ "Key": "Name",
694
+ "Value": {
695
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "union" ] ]
696
+ }
697
+ }
698
+ ]
699
+ }
700
+ },
701
+ "Chef": {
702
+ "Type": "AWS::EC2::Instance",
703
+ "Properties": {
704
+ "InstanceType": "c4.xlarge",
705
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
706
+ "BlockDeviceMappings" : [
707
+ {
708
+ "DeviceName" : "/dev/sda1",
709
+ "Ebs" : { "VolumeSize" : "50" }
710
+ }
711
+ ],
712
+ "NetworkInterfaces": [
713
+ {
714
+ "GroupSet": [
715
+ {
716
+ "Ref": "DemoSecurityGroup"
717
+ }
718
+ ],
719
+ "AssociatePublicIpAddress": "true",
720
+ "PrivateIpAddress": "172.31.54.10",
721
+ "DeviceIndex": "0",
722
+ "DeleteOnTermination": "true",
723
+ "SubnetId": {
724
+ "Ref": "SubnetAutomate"
725
+ }
726
+ }
727
+ ],
728
+ "KeyName": { "Ref": "KeyName" },
729
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
730
+ "#!/bin/bash -xe\n",
731
+ "hostnamectl set-hostname chef\n",
732
+ "chef-server-ctl reconfigure\n"]]}
733
+ },
734
+ "ImageId": {
735
+ "Ref": "ChefServerAMI"
736
+ },
737
+ "Tags": [
738
+ {
739
+ "Key": "Name",
740
+ "Value": {
741
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Chef Server" ] ]
742
+ }
743
+ }
744
+ ]
745
+ }
746
+ },
747
+ "Automate": {
748
+ "Type": "AWS::EC2::Instance",
749
+ "Properties": {
750
+ "InstanceType": "c4.xlarge",
751
+ "AvailabilityZone": { "Ref": "AvailabilityZone" },
752
+ "BlockDeviceMappings" : [
753
+ {
754
+ "DeviceName" : "/dev/sda1",
755
+ "Ebs" : { "VolumeSize" : "50" }
756
+ }
757
+ ] ,
758
+ "NetworkInterfaces": [
759
+ {
760
+ "GroupSet": [
761
+ {
762
+ "Ref": "DemoSecurityGroup"
763
+ }
764
+ ],
765
+ "AssociatePublicIpAddress": "true",
766
+ "PrivateIpAddress": "172.31.54.11",
767
+ "DeviceIndex": "0",
768
+ "DeleteOnTermination": "true",
769
+ "SubnetId": {
770
+ "Ref": "SubnetAutomate"
771
+ }
772
+ }
773
+ ],
774
+ "KeyName": { "Ref": "KeyName" },
775
+ "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [
776
+ "#!/bin/bash -xe\n",
777
+ "hostnamectl set-hostname automate\n",
778
+ "delivery-ctl reconfigure\n"]]}
779
+ },
780
+ "ImageId": {
781
+ "Ref": "AutomateAMI"
782
+ },
783
+ "Tags": [
784
+ {
785
+ "Key": "Name",
786
+ "Value": {
787
+ "Fn::Join" : [ " ", [ { "Ref": "DemoName" }, "Automate Server" ] ]
788
+ }
789
+ }
790
+ ]
791
+ }
792
+ },
793
+ "DemoSecurityGroup": {
794
+ "Type": "AWS::EC2::SecurityGroup",
795
+ "Properties": {
796
+ "VpcId": {
797
+ "Ref": "VPC"
798
+ },
799
+ "GroupDescription": "Enable required ports for Chef Server",
800
+ "SecurityGroupIngress": [
801
+ {
802
+ "IpProtocol": "tcp",
803
+ "FromPort": "22",
804
+ "ToPort": "22",
805
+ "CidrIp": {
806
+ "Ref": "SSHLocation"
807
+ }
808
+ },
809
+ {
810
+ "IpProtocol": "tcp",
811
+ "FromPort": "0",
812
+ "ToPort": "65535",
813
+ "CidrIp": "172.31.0.0/16"
814
+ },
815
+ {
816
+ "IpProtocol": "tcp",
817
+ "FromPort": "3389",
818
+ "ToPort": "3389",
819
+ "CidrIp": "0.0.0.0/0"
820
+ },
821
+ {
822
+ "IpProtocol": "tcp",
823
+ "FromPort": "443",
824
+ "ToPort": "443",
825
+ "CidrIp": "0.0.0.0/0"
826
+ },
827
+ {
828
+ "IpProtocol": "icmp",
829
+ "FromPort": "8",
830
+ "ToPort": "-1",
831
+ "CidrIp": "0.0.0.0/0"
832
+ },
833
+ {
834
+ "IpProtocol": "udp",
835
+ "FromPort": "3389",
836
+ "ToPort": "3389",
837
+ "CidrIp": "0.0.0.0/0"
838
+ },
839
+ {
840
+ "IpProtocol": "tcp",
841
+ "FromPort": "5985",
842
+ "ToPort": "5985",
843
+ "CidrIp": "0.0.0.0/0"
844
+ }
845
+ ]
846
+ }
847
+ }
848
+ },
849
+ "Outputs":
850
+ {"WindowsWorkstation1PubDNS":{"Description":"Public IP address of the Windows Workstation","Value":{"Fn::GetAtt":["WindowsWorkstation1","PublicIp"]}}}
851
+ }