{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "AWS CloudFormation Template ElasticBeanstalk_Simple: Configure and launch an Symfony AWS Elastic Beanstalk application that connects to an Amazon RDS database instance. Monitoring is setup on the database. **WARNING** This template creates one or more Amazon EC2 instances and an Amazon Relational Database Service database instance. You will be billed for the AWS resources used if you create a stack from this template.", "Parameters": { "NameS3Bucket": { "NoEcho": "false", "Type": "String", "Description": "Name of the bucket where you stored the zip file", "MinLength": "1" }, "NameS3Key": { "NoEcho": "false", "Type": "String", "Description": "Name of the zip file", "MinLength": "1" }, "DBUser": { "NoEcho": "false", "Type": "String", "Description": "Database admin account name", "MinLength": "1", "MaxLength": "16", "AllowedPattern": "[a-zA-Z][a-zA-Z0-9]*", "ConstraintDescription": "must begin with a letter and contain only alphanumeric characters." }, "DBName": { "NoEcho": "false", "Type": "String", "Description": "Database name", "MinLength": "1", "MaxLength": "16", "AllowedPattern": "[a-zA-Z][a-zA-Z0-9]*", "ConstraintDescription": "must begin with a letter and contain only alphanumeric characters." }, "DBPassword": { "NoEcho": "true", "Type": "String", "Description": "Database admin account password", "MinLength": "8", "MaxLength": "41", "AllowedPattern": "[a-zA-Z0-9]*", "ConstraintDescription": "must contain only alphanumeric characters." } }, "Mappings": { "Region2Principal": { "us-east-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "us-west-2": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "us-west-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "eu-west-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "eu-west-2": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "ap-southeast-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "ap-northeast-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "ap-northeast-2": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "ap-southeast-2": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "ap-south-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "us-east-2": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "ca-central-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "sa-east-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" }, "cn-north-1": { "EC2Principal": "ec2.amazonaws.com.cn", "OpsWorksPrincipal": "opsworks.amazonaws.com.cn" }, "eu-central-1": { "EC2Principal": "ec2.amazonaws.com", "OpsWorksPrincipal": "opsworks.amazonaws.com" } } }, "Conditions": { "Is-EC2-VPC": { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "AWS::Region" }, "eu-central-1" ] }, { "Fn::Equals": [ { "Ref": "AWS::Region" }, "cn-north-1" ] } ] }, "Is-EC2-Classic": { "Fn::Not": [ { "Condition": "Is-EC2-VPC" } ] } }, "Resources": { "WebServerRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ { "Fn::FindInMap": [ "Region2Principal", { "Ref": "AWS::Region" }, "EC2Principal" ] } ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Path": "/" } }, "WebServerRolePolicy": { "Type": "AWS::IAM::Policy", "Properties": { "PolicyName": "WebServerRole", "PolicyDocument": { "Statement": [ { "Effect": "Allow", "NotAction": "iam:*", "Resource": "*" } ] }, "Roles": [ { "Ref": "WebServerRole" } ] } }, "WebServerInstanceProfile": { "Type": "AWS::IAM::InstanceProfile", "Properties": { "Path": "/", "Roles": [ { "Ref": "WebServerRole" } ] } }, "SampleApplication": { "Type": "AWS::ElasticBeanstalk::Application", "Properties": { "Description": "Symfony Sample Application" } }, "SampleApplicationVersion": { "Type": "AWS::ElasticBeanstalk::ApplicationVersion", "Properties": { "Description": "Version 1.0", "ApplicationName": { "Ref": "SampleApplication" }, "SourceBundle": { "S3Bucket": { "Ref": "NameS3Bucket" }, "S3Key": { "Ref": "NameS3Key" } } } }, "SampleConfigurationTemplate": { "Type": "AWS::ElasticBeanstalk::ConfigurationTemplate", "Properties": { "ApplicationName": { "Ref": "SampleApplication" }, "Description": "Default Configuration Version 1.0", "SolutionStackName": "64bit Amazon Linux 2017.03 v2.4.4 running PHP 7.0", "OptionSettings": [ { "Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "DB_HOST", "Value": { "Fn::GetAtt": [ "SampleDB", "Endpoint.Address" ] } }, { "Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "DB_USER", "Value": { "Ref": "DBUser" } }, { "Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "DB_NAME", "Value": { "Ref": "DBName" } }, { "Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "DB_PASSWORD", "Value": { "Ref": "DBPassword" } }, { "Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "SYMFONY_ENV", "Value": "prod" }, { "Namespace": "aws:elasticbeanstalk:container:php:phpini", "OptionName": "document_root", "Value": "/web/" }, { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "SecurityGroups", "Value": { "Ref": "InstanceSecurityGroup" } }, { "Namespace": "aws:autoscaling:launchconfiguration", "OptionName": "IamInstanceProfile", "Value": { "Ref": "WebServerInstanceProfile" } } ] } }, "SampleEnvironment": { "Type": "AWS::ElasticBeanstalk::Environment", "Properties": { "Description": "AWS Elastic Beanstalk Environment running Sample Application", "ApplicationName": { "Ref": "SampleApplication" }, "TemplateName": { "Ref": "SampleConfigurationTemplate" }, "VersionLabel": { "Ref": "SampleApplicationVersion" } } }, "InstanceSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "RDS allows ingress from EC2 instances in this group.", "SecurityGroupIngress": [] } }, "DBEC2SecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Condition": "Is-EC2-VPC", "Properties": { "GroupDescription": "Open database for access", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "5432", "ToPort": "5432", "SourceSecurityGroupName": { "Ref": "InstanceSecurityGroup" } } ] } }, "DBSecurityGroup": { "Type": "AWS::RDS::DBSecurityGroup", "Condition": "Is-EC2-Classic", "Properties": { "DBSecurityGroupIngress": { "EC2SecurityGroupName": { "Ref": "InstanceSecurityGroup" } }, "GroupDescription": "database access" } }, "SampleDB": { "Type": "AWS::RDS::DBInstance", "Properties": { "Engine": "postgres", "DBName": { "Ref": "DBName" }, "MasterUsername": { "Ref": "DBUser" }, "DBInstanceClass": "db.t2.small", "AllocatedStorage": "5", "MasterUserPassword": { "Ref": "DBPassword" }, "VPCSecurityGroups": { "Fn::If": [ "Is-EC2-VPC", [ { "Fn::GetAtt": [ "DBEC2SecurityGroup", "GroupId" ] } ], { "Ref": "AWS::NoValue" } ] }, "DBSecurityGroups": { "Fn::If": [ "Is-EC2-Classic", [ { "Ref": "DBSecurityGroup" } ], { "Ref": "AWS::NoValue" } ] } } } }, "Outputs": { "URL": { "Description": "URL of the AWS Elastic Beanstalk Environment", "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "SampleEnvironment", "EndpointURL" ] } ] ] } } } }