{ "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "An example of the volume mount/dismount custom resource", "Parameters" : { "KeyName" : { "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the Instance", "Type" : "String" }, "InstanceType" : { "Description" : "Instance type", "Type" : "String", "Default" : "t1.micro", "AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","m3.xlarge","m3.2xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"], "ConstraintDescription" : "must be a valid EC2 instance type." }, "SSHLocation" : { "Description" : "The IP address range that can be used to SSH to the instance", "Type": "String", "MinLength": "9", "MaxLength": "18", "Default": "0.0.0.0/0", "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x." } }, "Mappings" : { "AwsRegionToAMI" : { "us-east-1" : { "id" : "ami-35792c5c" }, "us-west-2" : { "id" : "ami-d03ea1e0" }, "us-west-1" : { "id" : "ami-687b4f2d" }, "eu-west-1" : { "id" : "ami-149f7863" }, "ap-southeast-1" : { "id" : "ami-14f2b946" }, "ap-northeast-1" : { "id" : "ami-3561fe34" }, "ap-southeast-2" : { "id" : "ami-a148d59b" }, "sa-east-1" : { "id" : "ami-9f6ec982" } } }, "Resources" : { "CustomResourcePipeline" : { "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : "https://s3.amazonaws.com/cloudformation-examples/cr-backend-substack-template.template" } }, "ExampleRole" : { "Type" : "AWS::IAM::Role", "Properties" : { "AssumeRolePolicyDocument" : { "Version": "2008-10-17", "Statement": [{ "Effect": "Allow", "Principal": { "Service": [ "ec2.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] }] }, "Path" : "/", "Policies" : [ { "PolicyName" : "DismountExample", "PolicyDocument" : { "Statement" : [ { "Effect" : "Allow", "Action" : ["sqs:ChangeMessageVisibility", "sqs:DeleteMessage", "sqs:ReceiveMessage"], "Resource" : { "Fn::GetAtt" : ["CustomResourcePipeline", "Outputs.CustomResourceQueueARN"] } } ] } } ] } }, "ExampleInstanceProfile" : { "Type" : "AWS::IAM::InstanceProfile", "Properties" : { "Path" : "/", "Roles" : [ { "Ref" : "ExampleRole" } ] } }, "ExampleInstance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "IamInstanceProfile" : { "Ref" : "ExampleInstanceProfile" }, "ImageId" : { "Fn::FindInMap" : ["AwsRegionToAMI", { "Ref" : "AWS::Region" }, "id"] }, "InstanceType" : { "Ref" : "InstanceType" }, "KeyName" : { "Ref" : "KeyName" }, "SecurityGroups" : [ { "Ref" : "ExampleSecurityGroup" } ], "UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [ "#!/bin/bash -x\n", "exec &> /home/ec2-user/userdata.log\n", "/opt/aws/bin/cfn-init --region ", { "Ref" : "AWS::Region" }, " -s ", { "Ref" : "AWS::StackId" }, " -r ExampleInstance -v\n", "/opt/aws/bin/cfn-signal -e $? ", { "Fn::Base64" : { "Ref" : "ExampleWaitConditionHandle" }}, "\n" ]] } } }, "Metadata" : { "AWS::CloudFormation::Init" : { "config" : { "packages" : { "rpm" : { "aws-cfn-resource-bridge" : "https://s3.amazonaws.com/cloudformation-examples/aws-cfn-resource-bridge-0.1-4.noarch.rpm" } }, "files" : { "/etc/cfn/bridge.d/mount.conf" : { "content" : { "Fn::Join" : ["", [ "[mount]\n", "resource_type=Custom::VolumeMount\n", "queue_url=", { "Fn::GetAtt" : ["CustomResourcePipeline", "Outputs.CustomResourceQueueURL"] }, "\n", "timeout=600\n", "create_action=/home/ec2-user/create.sh\n", "update_action=/home/ec2-user/update.sh\n", "delete_action=/home/ec2-user/delete.sh\n" ]]} }, "/home/ec2-user/create.sh" : { "source" : "https://raw.github.com/awslabs/aws-cfn-custom-resource-examples/master/examples/mount/impl/create.sh", "mode" : "000755", "owner" : "ec2-user" }, "/home/ec2-user/update.sh" : { "source" : "https://raw.github.com/awslabs/aws-cfn-custom-resource-examples/master/examples/mount/impl/update.sh", "mode" : "000755", "owner" : "ec2-user" }, "/home/ec2-user/delete.sh" : { "source" : "https://raw.github.com/awslabs/aws-cfn-custom-resource-examples/master/examples/mount/impl/delete.sh", "mode" : "000755", "owner" : "ec2-user" } }, "services" : { "sysvinit" : { "cfn-resource-bridge" : { "enabled" : "true", "ensureRunning" : "true", "files" : ["/etc/cfn/bridge.d/mount.conf", "/home/ec2-user/create.sh", "/home/ec2-user/update.sh", "/home/ec2-user/delete.sh"] } } } } } } }, "ExampleVolume" : { "Type" : "AWS::EC2::Volume", "Properties" : { "AvailabilityZone" : { "Fn::GetAtt" : ["ExampleInstance", "AvailabilityZone"] }, "Size" : "10" } }, "ExampleVolumeAttachment" : { "Type" : "AWS::EC2::VolumeAttachment", "Properties" : { "Device" : "/dev/xvdh", "InstanceId" : { "Ref" : "ExampleInstance" }, "VolumeId" : { "Ref" : "ExampleVolume" } } }, "ExampleVolumeMount" : { "Type" : "Custom::VolumeMount", "Version" : "1.0", "DependsOn" : ["ExampleVolumeAttachment", "ExampleWaitCondition"], "Properties" : { "ServiceToken" : { "Fn::GetAtt" : ["CustomResourcePipeline", "Outputs.CustomResourceTopicARN"] }, "Device" : "/dev/xvdh", "MountPoint" : "/mnt/analysis", "FsType" : "ext3", "Format" : "true" } }, "ExampleSecurityGroup" : { "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "GroupDescription" : "SSH to the instance", "SecurityGroupIngress" : [ { "CidrIp" : { "Ref" : "SSHLocation" }, "FromPort" : "22", "ToPort" : "22", "IpProtocol" : "tcp" } ] } }, "ExampleWaitConditionHandle" : { "Type" : "AWS::CloudFormation::WaitConditionHandle" }, "ExampleWaitCondition" : { "Type" : "AWS::CloudFormation::WaitCondition", "DependsOn" : "ExampleInstance", "Properties" : { "Count" : "1", "Handle" : { "Ref" : "ExampleWaitConditionHandle" }, "Timeout" : "600" } } } }