AWSTemplateFormatVersion: '2010-09-09' Description: >- Template to launch an EC2 instance in a DC. Private Subnet to insert the sample data into the POSTGRES database. **WARNING** You will be billed for the AWS resources used if you create a stack from this template. Parameters: EnvironmentName: Description: An environment name that is prefixed to resource names Type: String KeyName: Description: Name of an existing EC2 KeyPair to enable SSH access to the instance Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. InstanceType: Description: WebServer EC2 instance type Type: String Default: t3.small AllowedValues: [t2.nano, t2.micro, t2.small, t2.medium, t2.large, t2.xlarge, t2.2xlarge, t3.nano, t3.micro, t3.small, t3.medium, t3.large, t3.xlarge, t3.2xlarge, m4.large, m4.xlarge, m4.2xlarge, m4.4xlarge, m4.10xlarge, m5.large, m5.xlarge, m5.2xlarge, m5.4xlarge, c5.large, c5.xlarge, c5.2xlarge, c5.4xlarge, c5.9xlarge, g3.8xlarge, r5.large, r5.xlarge, r5.2xlarge, r5.4xlarge, r3.12xlarge, i3.xlarge, i3.2xlarge, i3.4xlarge, i3.8xlarge, d2.xlarge, d2.2xlarge, d2.4xlarge, d2.8xlarge] ConstraintDescription: must be a valid EC2 instance type. LatestAmiId: Type: 'AWS::SSM::Parameter::Value' Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' VPC1CIDR: Description: The IP address range of the AWS vpc Type: String MinLength: 9 MaxLength: 18 Default: 0.0.0.0/0 AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2}) ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. VPC2CIDR: Description: The IP address range of the AWS vpc Type: String MinLength: 9 MaxLength: 18 Default: 0.0.0.0/0 AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2}) ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. SubnetId: Description: Id of the subnet in which this instance will be deployed Type: String VPCID: Description: ID of the vpc Type: String RDSHostname: Description: Hostname string of the RDS Type: String Resources: SSMRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - 'sts:AssumeRole' Path: / ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM EC2InstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Path: "/" Roles: - !Ref SSMRole EC2Instance: Type: AWS::EC2::Instance Properties: InstanceType: !Ref 'InstanceType' SecurityGroupIds: [!Ref 'InstanceSecurityGroup'] IamInstanceProfile: Ref: EC2InstanceProfile KeyName: !Ref 'KeyName' ImageId: !Ref 'LatestAmiId' SubnetId: !Ref 'SubnetId' SourceDestCheck: false UserData: Fn::Base64: !Sub | #! /bin/bash curl -L https://aws-samples.github.io/aws-glue-with-s2s-vpn/Templates/sample-data.csv > /tmp/sample-data.csv sudo amazon-linux-extras install postgresql10 export HOST=${RDSHostname}; export USER="master"; export PGPASSWORD=master123; export DB="sportstickets"; export PORT="5432"; echo "CREATE TABLE names (id decimal PRIMARY KEY, name varchar (50) NOT NULL); \copy names FROM '/tmp/sample-data.csv' delimiter ',' csv header;" | psql -h $HOST -p $PORT -d $DB -U $USER InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable traffic from DC-VPC and Cloud-VPC VpcId: !Ref 'VPCID' SecurityGroupIngress: - IpProtocol: -1 CidrIp: !Ref 'VPC1CIDR' - IpProtocol: -1 CidrIp: !Ref 'VPC2CIDR' Tags: - Key: Name Value: !Sub ${EnvironmentName}-private-sg Outputs: InstanceId: Description: InstanceId of the newly created EC2 instance Value: !Ref 'EC2Instance' AZ: Description: Availability Zone of the newly created EC2 instance Value: !GetAtt [EC2Instance, AvailabilityZone]