Parameters: KeyName: Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. Resources: CloudNetaVPC: Type: AWS::EC2::VPC Properties: CidrBlock: 10.0.0.0/16 EnableDnsSupport: true EnableDnsHostnames: true Tags: - Key: Name Value: CloudNeta-VPC CloudNetaIGW: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: CloudNeta-IGW CloudNetaIGWAttachment: Type: AWS::EC2::VPCGatewayAttachment Properties: InternetGatewayId: !Ref CloudNetaIGW VpcId: !Ref CloudNetaVPC CloudNetaPublicRT: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref CloudNetaVPC Tags: - Key: Name Value: CloudNeta-Public-RT DefaultPublicRoute: Type: AWS::EC2::Route DependsOn: CloudNetaIGWAttachment Properties: RouteTableId: !Ref CloudNetaPublicRT DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref CloudNetaIGW CloudNetaPrivateRT: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref CloudNetaVPC Tags: - Key: Name Value: CloudNeta-Private-RT CloudNetaPublicSN: Type: AWS::EC2::Subnet Properties: VpcId: !Ref CloudNetaVPC AvailabilityZone: !Select [ 0, !GetAZs '' ] CidrBlock: 10.0.0.0/24 Tags: - Key: Name Value: CloudNeta-Public-SN CloudNetaPrivateSN: Type: AWS::EC2::Subnet Properties: VpcId: !Ref CloudNetaVPC AvailabilityZone: !Select [ 2, !GetAZs '' ] CidrBlock: 10.0.1.0/24 Tags: - Key: Name Value: CloudNeta-Private-SN CloudNetaPublicSNRouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref CloudNetaPublicRT SubnetId: !Ref CloudNetaPublicSN CloudNetaPrivateSNRouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref CloudNetaPrivateRT SubnetId: !Ref CloudNetaPrivateSN CloudNetaSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable HTTP access via port 80 and SSH access via port 22 and ICMP VpcId: !Ref CloudNetaVPC SecurityGroupIngress: - IpProtocol: tcp FromPort: '80' ToPort: '80' CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: '22' ToPort: '22' CidrIp: 0.0.0.0/0 - IpProtocol: icmp FromPort: -1 ToPort: -1 CidrIp: 0.0.0.0/0 CloudNetaPublicEC2: Type: AWS::EC2::Instance Properties: InstanceType: t2.micro ImageId: ami-0094965d55b3bb1ff KeyName: !Ref KeyName Tags: - Key: Name Value: CloudNeta-Public-EC2 NetworkInterfaces: - DeviceIndex: 0 SubnetId: !Ref CloudNetaPublicSN GroupSet: - !Ref CloudNetaSecurityGroup AssociatePublicIpAddress: true UserData: Fn::Base64: !Sub | #!/bin/bash AZ=`curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone` IP=`curl -s http://169.254.169.254/latest/meta-data/local-ipv4` yum install -y httpd service httpd start chkconfig httpd on echo "

Hello from Web Server - Region ( "$AZ" ) - Private IP ( "$IP" )

" > /var/www/html/index.html CloudNetaPrivateEC2: Type: AWS::EC2::Instance Properties: InstanceType: t2.micro ImageId: ami-0094965d55b3bb1ff KeyName: !Ref KeyName Tags: - Key: Name Value: CloudNeta-Private-EC2 NetworkInterfaces: - DeviceIndex: 0 SubnetId: !Ref CloudNetaPrivateSN GroupSet: - !Ref CloudNetaSecurityGroup UserData: Fn::Base64: !Sub | #!/bin/bash ( echo "qwe123222" echo "qwe123222" ) | passwd --stdin root sed -i "s/^PasswordAuthentication no/PasswordAuthentication yes/g" /etc/ssh/sshd_config sed -i "s/^#PermitRootLogin yes/PermitRootLogin yes/g" /etc/ssh/sshd_config service sshd restart