AWSTemplateFormatVersion: 2010-09-09 Description: Creates DevOps / jump box (qs-1r0baum2n) Parameters: S3BucketName: AllowedPattern: '^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$' ConstraintDescription: >- Bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: >- S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String PublicSubnet1ID: Description: Public Subnet Id 1 Type: 'AWS::EC2::Subnet::Id' KeyPairName: Type: 'AWS::EC2::KeyPair::KeyName' ConstraintDescription: Name of an existing EC2 KeyPair. SecGroup: Description: "Security Group ID." Type: 'List' InstanceType: AllowedValues: - t2.micro - t2.small - t2.medium - t2.large - t2.xlarge - t2.2xlarge - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge ConstraintDescription: "must be a valid EC2 instance type." Default: t3.medium Description: "EC2 instance type" Type: String VolumeSize: Type: Number Description: "EBS volume size of the DevOps Instance in GB" Default: 16 Mappings: AWSAMIRegionMapDevOps: ap-northeast-1: US1804HVM: ami-0278fe6949f6b1a06 ap-northeast-2: US1804HVM: ami-00edfb46b107f643c ap-south-1: US1804HVM: ami-0b44050b2d893d5f7 ap-southeast-1: US1804HVM: ami-0f7719e8b7ba25c61 ap-southeast-2: US1804HVM: ami-04fcc97b5f6edcd89 ca-central-1: US1804HVM: ami-0edd51cc29813e254 eu-central-1: US1804HVM: ami-0e342d72b12109f91 me-south-1: US1804HVM: ami-051274f257aba97f9 ap-east-1: US1804HVM: ami-c790d6b6 eu-north-1: US1804HVM: ami-050981837962d44ac eu-west-1: US1804HVM: ami-0701e7be9b2a77600 eu-west-2: US1804HVM: ami-0eb89db7593b5d434 eu-west-3: US1804HVM: ami-08c757228751c5335 sa-east-1: US1804HVM: ami-077d5d3682940b34a us-east-1: US1804HVM: ami-085925f297f89fce1 us-gov-west-1: US1804HVM: ami-adecdbcc us-gov-east-1: US1804HVM: ami-c29975b3 us-east-2: US1804HVM: ami-07c1207a9d40bc3bd us-west-1: US1804HVM: ami-0f56279347d2fa43e us-west-2: US1804HVM: ami-003634241a8fcdec0 cn-north-1: US1804HVM: ami-0071f6f4df15863cc cn-northwest-1: US1804HVM: ami-0a22b8776bb32836b Resources: InstanceRole: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Statement: - Effect: 'Allow' Principal: Service: - 'ec2.amazonaws.com' Action: - 'sts:AssumeRole' Path: '/' InstanceProfile: Type: 'AWS::IAM::InstanceProfile' Properties: Path: '/' Roles: - Ref: 'InstanceRole' AuthenticatedS3Policy: Type: AWS::IAM::Policy Properties: PolicyName: AuthenticatedS3GetObjects Roles: - !Ref InstanceRole PolicyDocument: Statement: - Sid: BucketAccess Effect: Allow Action: - 's3:GetObject' Resource: !Sub arn:aws:s3:::${S3BucketName}/* DevNode1: Type: 'AWS::EC2::Instance' Metadata: 'AWS::CloudFormation::Authentication': S3AccessCreds: type: S3 roleName: !Ref InstanceRole buckets: !Ref S3BucketName Properties: InstanceType: !Ref InstanceType IamInstanceProfile: !Ref InstanceProfile NetworkInterfaces: - DeleteOnTermination: true DeviceIndex: '0' SubnetId: !Ref PublicSubnet1ID GroupSet: !Ref SecGroup KeyName: !Ref KeyPairName ImageId: !FindInMap - AWSAMIRegionMapDevOps - !Ref 'AWS::Region' - US1804HVM BlockDeviceMappings: - DeviceName: /dev/sda1 Ebs: VolumeSize: !Ref VolumeSize VolumeType: gp2 Tags: - Key: Name Value: DevOps Outputs: DevIpAddress: Value: !GetAtt DevNode1.PublicIp Description: Dev Jump box Public IP DevUrl: Value: "http://oss-getting-started.s3-website-us-east-1.amazonaws.com" Description: Dev Url