{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "WordPress powered by JINKEI (AutoScaling HVM) Version1.0.0\nSupported AutoScaling, it is really Powerful & Scalable AMIMOTO Stack made by CloudFormation.\nUse service is VPC,EC2,EIP,CloudFront,S3,RDS(MariaDB),EFS,AutoScale,CloudWatch.\n", "Metadata": { "AWS::CloudFormation::Interface": { "ParameterGroups": [ { "Label": { "default": "Select Locations" }, "Parameters": [ "AvailabilityZone", "SecondaryAvailabilityZone" ] }, { "Label": { "default": "Amazon EC2 Configuration" }, "Parameters": [ "InstanceType", "KeyName", "SSHLocation" ] }, { "Label": { "default": "EC2 AutoScaling Configuration" }, "Parameters": [ "AutoScalingMinSize", "AutoScalingMaxSize", "AutoScalingDesiredCapacity" ] }, { "Label": { "default": "WordPress Configuration" }, "Parameters": [ "WebSiteDomain", "WPUserName", "WPPassword", "WPUserEmail", "WPCoreVersion", "WPIsMultiSite", "IsMobileDetect" ] }, { "Label": { "default": "Amazon RDS Configuration" }, "Parameters": [ "RDSInstanceType", "MySQLPassword", "MulitiAZDatabase", "DBAllocatedStorage" ] }, { "Label": { "default": "Extra Configuration" }, "Parameters": [ "PHPmyAdmin", "PHPMemoryLimit", "NginxClientMaxBodySite", "LogRetentionInDays" ] } ], "ParameterLabels": { "LogRetentionInDays": { "default": "Log retention days (optional)" }, "WebSiteDomain": { "default": "website domain" }, "WPUserEmail": { "default": "Login Email address" }, "WPUserName": { "default": "Login user name" }, "WPPassword": { "default": "Login user password" }, "WPCoreVersion": { "default": "WordPress version (optional)" }, "WPIsMultiSite": { "default": "Multisite setting (optional)" }, "IsMobileDetect": { "default": "is_wp_mobile() support (optional)" }, "PHPmyAdmin": { "default": "phpMyAdmin setting (optional)" }, "NginxClientMaxBodySite": { "default": "Nginx client_max_body_size setting (optional)" }, "PHPMemoryLimit": { "default": "php memory limit setting (optional)" } } } }, "Mappings": { "MPAmimotov4": { "eu-west-3": { "AMI": "ami-b09223cd" }, "eu-west-2": { "AMI": "ami-06e7bb0e7f87eec3b" }, "eu-west-1": { "AMI": "ami-0e12dc71ad73e5caa" }, "ap-northeast-2": { "AMI": "ami-0e4e37073d7f2ef70" }, "ap-northeast-1": { "AMI": "ami-0b9b495bac0587a86" }, "ap-southeast-1": { "AMI": "ami-0d401aa724dd45e71" }, "ap-southeast-2": { "AMI": "ami-0cede1d876f6ac76e" }, "eu-central-1": { "AMI": "ami-0c57e49f2e8840f1a" }, "us-east-1": { "AMI": "ami-04d7dd9d55a493870" }, "us-west-1": { "AMI": "ami-052e58cf175d180be" }, "us-west-2": { "AMI": "ami-07b3ab653353492e8" } }, "AMIMOTOConfig": { "mobile-detect": { "enabled": "true", "disabled": "false" }, "wp-multisite": { "enabled": "true", "disabled": "false" }, "php-myadmin": { "enabled": "true", "disabled": "false" } } }, "Parameters": { "KeyName": { "Description": "Name of an existing EC2 key pair to enable SSH access to the instances", "Type": "AWS::EC2::KeyPair::KeyName", "ConstraintDescription": "Must be the name of an existing EC2 KeyPair.", "MinLength": "1" }, "SSHLocation": { "Description": "The IP address range that can be used to SSH to the EC2 instances", "Type": "String", "MinLength": "9", "MaxLength": "18", "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", "ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x." }, "AvailabilityZone": { "Description": "Pick an AvailabilityZone for the Primary Subnet. Public subnet will be created in here.", "Type": "AWS::EC2::AvailabilityZone::Name" }, "SecondaryAvailabilityZone": { "Description": "Pick an AvailabilityZone for the RDS database.", "Type": "AWS::EC2::AvailabilityZone::Name" }, "InstanceType": { "Description": "EC2 instance type", "Type": "String", "Default": "c4.large", "AllowedValues": [ "t2.micro", "t2.small", "t2.medium", "t2.large", "t2.xlarge", "t2.2xlarge", "t3.micro", "t3.small", "t3.medium", "t3.large", "t3.xlarge", "t3.2xlarge", "m3.medium", "m3.large", "m3.xlarge", "m3.2xlarge", "m4.large", "m4.xlarge", "m4.2xlarge", "m4.4xlarge", "m4.10xlarge", "m5.large", "m5.xlarge", "m5.2xlarge", "m5.4xlarge", "m5.12xlarge", "m5.24xlarge", "c3.large", "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", "c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", "c5.large", "c5.xlarge", "c5.2xlarge", "c5.4xlarge", "c5.9xlarge", "c5.18xlarge", "g2.2xlarge", "hi1.4xlarge", "hs1.8xlarge", "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge", "r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge" ], "ConstraintDescription": "Must be a valid EC2 instance type." }, "MySQLPassword": { "Description": "Password for the RDS User", "Type": "String", "MinLength": "8", "MaxLength": "64", "NoEcho": "true" }, "MulitiAZDatabase": { "Description": "Create a Multi-AZ RDS Database Instance", "Default": "false", "Type": "String", "AllowedValues": [ "true", "false" ], "ConstraintDescription": "Must be either true or false" }, "RDSInstanceType": { "Description": "RDS Instance Type", "Default": "db.t2.medium", "Type": "String", "AllowedValues": [ "db.t2.micro", "db.t2.small", "db.t2.medium", "db.m1.small", "db.m1.medium", "db.m1.large", "db.m1.xlarge", "db.m3.medium", "db.m3.large", "db.m3.xlarge", "db.m3.2xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge", "db.r3.large", "db.r3.xlarge", "db.r3.2xlarge", "db.r3.4xlarge", "db.r3.8xlarge" ], "ConstraintDescription": "Must be a valid RDS Instance Type." }, "DBAllocatedStorage": { "Default": "20", "Description": "The size of the database (Gb)", "Type": "Number", "MinValue": "5", "MaxValue": "3072", "ConstraintDescription": "Must be between 5 and 3072Gb." }, "WebSiteDomain": { "Description": "Your Website Domain", "Type": "String" }, "WPPassword": { "Description": "Password for the WordPress User", "Type": "String", "MinLength": "8", "MaxLength": "64", "NoEcho": "true" }, "WPUserEmail": { "Description": "Email address for the WordPress User", "Type": "String" }, "WPUserName": { "Description": "User Name for the WordPress User", "Type": "String" }, "WPCoreVersion": { "Description": "WordPress Version", "Type": "String", "Default": "latest", "AllowedValues": [ "4.5.4", "4.6.1", "latest" ], "ConstraintDescription": "Must be a valid WordPress Version" }, "WPIsMultiSite": { "Description": "Nginx config exchange for Multisite WordPress", "Type": "String", "Default": "disabled", "AllowedValues": [ "disabled", "enabled" ], "ConstraintDescription": "Must be a valid configuration" }, "IsMobileDetect": { "Description": "If you use `is_wp_mobile()` function, please enable it.", "Type": "String", "Default": "disabled", "AllowedValues": [ "disabled", "enabled" ], "ConstraintDescription": "Must be a valid configuration" }, "PHPmyAdmin": { "Description": "Enable phpMyAdmin", "Type": "String", "Default": "disabled", "AllowedValues": [ "disabled", "enabled" ], "ConstraintDescription": "Must be a valid configuration" }, "NginxClientMaxBodySite": { "Description": "Nginx Client max body size (MB)", "Type": "Number", "Default": "4" }, "PHPMemoryLimit": { "Description": "PHP memory limit (MB)", "Type": "Number", "Default": "128" }, "AutoScalingMaxSize": { "Description": "Max instance number of AutoScaling group", "Type": "Number", "Default": "2" }, "AutoScalingMinSize": { "Description": "Min instance number of AutoScaling group", "Type": "Number", "Default": "1" }, "AutoScalingDesiredCapacity": { "Description": "Desired capacity of AutoScaling group", "Type": "Number", "Default": "1" }, "LogRetentionInDays": { "Description": "Log retention days on CloudWatch Logs", "Type": "Number", "Default": "7" } }, "Resources": { "RDSSubnet1": { "Type": "AWS::EC2::Subnet", "Properties": { "CidrBlock": "10.0.1.0/24", "AvailabilityZone": { "Ref": "AvailabilityZone" }, "MapPublicIpOnLaunch": "false", "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "RDSSubnet2": { "Type": "AWS::EC2::Subnet", "Properties": { "CidrBlock": "10.0.2.0/24", "AvailabilityZone": { "Ref": "SecondaryAvailabilityZone" }, "MapPublicIpOnLaunch": "false", "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "DBSubnetGroup": { "Type": "AWS::RDS::DBSubnetGroup", "DependsOn": "AttachGatewayToVPC", "Properties": { "DBSubnetGroupDescription": "Subnets available for the RDS DB Instance", "SubnetIds": [ { "Ref": "RDSSubnet1" }, { "Ref": "RDSSubnet2" } ] } }, "RDSSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "This is Simple RDS SecurityGroup made by CloudFormation", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "3306", "ToPort": "3306", "SourceSecurityGroupId": { "Ref": "SecurityGroupInstance" } }, { "IpProtocol": "tcp", "FromPort": "3306", "ToPort": "3306", "SourceSecurityGroupId": { "Ref": "SecurityGroupInstance" } } ], "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "VpcId": { "Ref": "VPC" } } }, "RDS": { "Type": "AWS::RDS::DBInstance", "DeletionPolicy": "Snapshot", "Properties": { "AllocatedStorage": { "Ref": "DBAllocatedStorage" }, "AllowMajorVersionUpgrade": "true", "AutoMinorVersionUpgrade": "true", "AvailabilityZone": { "Ref": "AvailabilityZone" }, "BackupRetentionPeriod": "1", "DBInstanceClass": { "Ref": "RDSInstanceType" }, "DBName": "wordpress", "DBSubnetGroupName": { "Ref": "DBSubnetGroup" }, "Engine": "MariaDB", "MasterUsername": "amimoto", "MasterUserPassword": { "Ref": "MySQLPassword" }, "MultiAZ": { "Ref": "MulitiAZDatabase" }, "Port": "3306", "PreferredBackupWindow": "00:00-00:30", "PreferredMaintenanceWindow": "sun:16:00-sun:17:30", "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "VPCSecurityGroups": [ { "Ref": "RDSSecurityGroup" } ] } }, "EFSFileSystem": { "Type": "AWS::EFS::FileSystem", "Properties": { "FileSystemTags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "EFSMoutTarget": { "Type": "AWS::EFS::MountTarget", "Properties": { "FileSystemId": { "Ref": "EFSFileSystem" }, "SecurityGroups": [ { "Ref": "SecurityGroupFileSystem" } ], "SubnetId": { "Ref": "PublicSubnet" } } }, "SecurityGroupFileSystem": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "SG for EFS", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "2049", "ToPort": "2049", "CidrIp": "0.0.0.0/0" } ], "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "VpcId": { "Ref": "VPC" } } }, "ASLaunchConfig": { "Type": "AWS::AutoScaling::LaunchConfiguration", "Metadata": { "AWS::CloudFormation::Init": { "default": { "files": { "/opt/aws/cloud_formation.json": { "content": "{\n\t \"rds\" : {\n\t\t\"database\" : \"wordpress\",\n\t\t\"username\" : \"amimoto\",\n\t\t\"password\" : \"{{password}}\",\n\t\t\"endpoint\" : \"{{endpoint}}\",\n\t\t\"port\" : 3306\n\t },\n\t \"s3_conf\": {\n\t\t \"region\": \"{{s3region}}\",\n\t\t \"bucket\": \"{{s3bucket}}\",\n\t\t \"url\": \"{{s3url}}\",\n\t\t \"storage\": \"STANDARD\"\n\t }\n\t}", "context": { "endpoint": { "Fn::GetAtt": [ "RDS", "Endpoint.Address" ] }, "password": { "Ref": "MySQLPassword" }, "serverid": "dummy(value_will_update_by_AmimotoFrontLC)", "s3bucket": { "Ref": "S3Media" }, "s3url": { "Fn::GetAtt": [ "S3Media", "WebsiteURL" ] }, "s3region": { "Ref": "AWS::Region" } }, "mode": "00644", "owner": "root", "group": "root" }, "/etc/cfn/cfn-hup.conf": { "content": "[main]\nstack={{stackArn}}\nregion={{region}}", "mode": "000400", "owner": "root", "group": "root", "context": { "stackArn": { "Ref": "AWS::StackId" }, "region": { "Ref": "AWS::Region" } } }, "/etc/cfn/hooks.d/cfn-auto-reloader.conf": { "content": "[cfn-auto-reloader-hook]\ntriggers=post.update\npath=Resources.{{resources}}.Metadata.AWS::CloudFormation::Init\naction=/opt/aws/bin/cfn-init -s {{stackArn}} -r {{resources}} --region {{region}} --configsets provision\nrunas=root", "context": { "stackArn": { "Ref": "AWS::StackId" }, "region": { "Ref": "AWS::Region" }, "resources": "ASLaunchConfig" } }, "/tmp/cwlogs/logs.conf": { "content": "[general]\nstate_file = /var/awslogs/agent-state\n\n[/var/log/messages]\ndatetime_format = %b %d %H:%M:%S\nfile = /var/log/messages\nbuffer_duration = 5000\nlog_stream_name = /var/log/messages\nlog_group_name = {{webServerLogGroup}}\n\n[/var/log/php-fpm/www-error.log]\ndatetime_format = %d/%b/%Y:%H:%M:%S %z\nfile = /var/log/php-fpm/www-error.log\nbuffer_duration = 5000\nlog_stream_name = /var/log/php-fpm/www-error.log\nmulti_line_start_pattern = {datetime_format}\nlog_group_name = {{webServerLogGroup}}\n\n[/var/log/nginx/{instance_id}.backend.access.log]\ndatetime_format = %d/%b/%Y:%H:%M:%S %z\nfile = /var/log/nginx/*.backend.access.log\nbuffer_duration = 5000\nlog_stream_name = /var/log/nginx/{instance_id}.backend.access.log\nlog_group_name = {{webServerLogGroup}}\n\n[/var/log/nginx/{instance_id}.access.log]\ndatetime_format = %d/%b/%Y:%H:%M:%S %z\nfile = /var/log/nginx/*.access.log\nbuffer_duration = 5000\nlog_stream_name = /var/log/nginx/{instance_id}.access.log\nlog_group_name = {{webServerLogGroup}}\n\n[/var/log/nginx/{instance_id}.error.log]\ndatetime_format = %d/%b/%Y:%H:%M:%S %z\nfile = /var/log/nginx/*.error.log\nbuffer_duration = 5000\nlog_stream_name = /var/log/nginx/{instance_id}.error.log\nlog_group_name = {{webServerLogGroup}}", "context": { "webServerLogGroup": { "Ref": "CWLogs" } }, "mode": "000400", "owner": "root", "group": "root" } } }, "do:provision": { "commands": { "do:provision": { "command": "/opt/local/provision" } } }, "configSets": { "provision": [ "do_provision" ], "default": [ "default" ] } } }, "Properties": { "IamInstanceProfile": { "Ref": "IAMForEC2" }, "ImageId": { "Fn::FindInMap": [ "MPAmimotov4", { "Ref": "AWS::Region" }, "AMI" ] }, "InstanceType": { "Ref": "InstanceType" }, "SecurityGroups": [ { "Ref": "SecurityGroupInstance" }, { "Ref": "SecurityGroupInternal" } ], "KeyName": { "Ref": "KeyName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "#!/bin/bash\n", "yum update -y\n", "# Get the latest CloudFormation package\n", "yum install -y aws-cfn-bootstrap\n", "# Start cfn-init\n", "/opt/aws/bin/cfn-init -s ", { "Ref": "AWS::StackName" }, " -r ASLaunchConfig ", " --region ", { "Ref": "AWS::Region" }, " || error_exit 'Failed to run cfn-init'\n", "\n", "yum install -y nfs-utils\n", "mount -t nfs4 -o nfsvers=4.1 $(curl -s http://169.254.169.254/latest/meta-data/placement/availability-zone).", { "Ref": "EFSFileSystem" }, ".efs.", { "Ref": "AWS::Region" }, ".amazonaws.com:/ /var/www/html\n", "WP_CLI=/usr/local/bin/wp\n", "cd /usr/local/bin\n", "/usr/bin/curl -fO https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar\n", "if [ -f wp-cli.phar ] ; then\n", "mv -f wp-cli.phar /usr/local/bin/wp\n", "chmod +x /usr/local/bin/wp\n", "fi\n", "tmp_json=`mktemp`\n", "amimoto_json='/opt/local/amimoto.json'\n", "json='{", "\"wordpress\":{", "\"document_root\":\"/var/www/html\",", "\"jinkei_cf\": \"true\",", "\"version\": \"", { "Ref": "WPCoreVersion" }, "\"", "},", "\"nginx\" : {", " \"config\" : {", " \"user\" : \"ec2-user\",", " \"wp_multisite\": ", { "Fn::FindInMap": [ "AMIMOTOConfig", "wp-multisite", { "Ref": "WPIsMultiSite" } ] }, ",", " \"mobile_detect_enable\": ", { "Fn::FindInMap": [ "AMIMOTOConfig", "mobile-detect", { "Ref": "IsMobileDetect" } ] }, ",", " \"client_max_body_size\": \"", { "Ref": "NginxClientMaxBodySite" }, "M\",", " \"phpmyadmin_enable\": ", { "Fn::FindInMap": [ "AMIMOTOConfig", "php-myadmin", { "Ref": "PHPmyAdmin" } ] }, "}", "},", "\"php\" : {", " \"config\" : {", " \"user\" : \"ec2-user\",", " \"memory_limit\": \"", { "Ref": "PHPMemoryLimit" }, "M\"", "} ", "},", "\"run_list\" : [ \"recipe[amimoto]\" ]", "}'\n", "[ ! -e /opt/local ] && /bin/mkdir -p /opt/local\n", "if [ -f $amimoto_json ]; then\n", " hash jq || /usr/bin/yum install -y jq\n", " /usr/bin/jq -s '.[0] * .[1]' $amimoto_json <(echo $json) > $tmp_json\n", "else\n", " echo $json > $tmp_json\n", "fi\n", "[ -f $tmp_json ] && /bin/mv -f $tmp_json $amimoto_json\n", "/bin/sh /opt/local/provision\n", "chown -R ec2-user:nginx /var/www/html\n", "echo '@reboot /bin/sh /opt/local/provision > /dev/null 2>&1; chown -R ec2-user /var/www/html/' | crontab\n", "until [ `find /var/www/html -name local-salt.php` ]\n", "do\n", "sleep 5\n", "done\n", "sleep 5\n", "if ! $(/usr/local/bin/wp core is-installed --allow-root); then\n", "/usr/local/bin/wp core install ", "--url=", { "Ref": "WebSiteDomain" }, " ", "--admin_name=", { "Ref": "WPUserName" }, " ", "--admin_email=", { "Ref": "WPUserEmail" }, " ", "--admin_password=", { "Ref": "WPPassword" }, " ", "--path=/var/www/html --allow-root ", " --title='Welcome to the AMIMOTO'", "\n", "fi\n", "wget https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py\n", "python awslogs-agent-setup.py -n -r ", { "Ref": "AWS::Region" }, " -c /tmp/cwlogs/logs.conf || error_exit 'Failed to run CloudWatch Logs agent setup'\n", "cd /tmp\n", "curl https://amazon-ssm-", { "Ref": "AWS::Region" }, ".s3.amazonaws.com/latest/linux_amd64/amazon-ssm-agent.rpm -o amazon-ssm-agent.rpm\n", "yum install -y amazon-ssm-agent.rpm\n", "sudo service awslogs start || error_exit 'Failed to run CloudWatch Logs agent setup'\n", "chkconfig awslogs on\n", "# Start up the cfn-hup daemon to listen for changes to the EC2 instance metadata\n", "/opt/aws/bin/cfn-hup || error_exit 'Failed to start cfn-hup'\n" ] ] } } } }, "ASGroup": { "Type": "AWS::AutoScaling::AutoScalingGroup", "Properties": { "Cooldown": "600", "DesiredCapacity": { "Ref": "AutoScalingDesiredCapacity" }, "HealthCheckType": "EC2", "MaxSize": { "Ref": "AutoScalingMaxSize" }, "MinSize": { "Ref": "AutoScalingMinSize" }, "AvailabilityZones": [ { "Ref": "AvailabilityZone" } ], "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" }, "PropagateAtLaunch": "true" }, { "Key": "Name", "Value": "AutoScale", "PropagateAtLaunch": "true" } ], "LaunchConfigurationName": { "Ref": "ASLaunchConfig" }, "VPCZoneIdentifier": [ { "Ref": "PublicSubnet" } ], "LoadBalancerNames": [ { "Ref": "ELB" } ], "NotificationConfigurations": [ { "NotificationTypes": [ "autoscaling:EC2_INSTANCE_LAUNCH", "autoscaling:EC2_INSTANCE_LAUNCH_ERROR", "autoscaling:EC2_INSTANCE_TERMINATE", "autoscaling:EC2_INSTANCE_TERMINATE_ERROR", "autoscaling:TEST_NOTIFICATION" ], "TopicARN": { "Ref": "SNSAutoScaling" } } ] } }, "AutoScaleUpPolicy": { "Type": "AWS::AutoScaling::ScalingPolicy", "Properties": { "AdjustmentType": "ChangeInCapacity", "AutoScalingGroupName": { "Ref": "ASGroup" }, "Cooldown": "600", "ScalingAdjustment": "1" } }, "AutoScaleDownPolicy": { "Type": "AWS::AutoScaling::ScalingPolicy", "Properties": { "AdjustmentType": "ChangeInCapacity", "AutoScalingGroupName": { "Ref": "ASGroup" }, "Cooldown": "600", "ScalingAdjustment": "-1" } }, "ASHighCPUAlearm": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "AlarmDescription": "CPU Alarm For Your Instance.", "AlarmActions": [ { "Ref": "AutoScaleUpPolicy" } ], "MetricName": "CPUUtilization", "Namespace": "AWS/EC2", "Statistic": "Maximum", "Period": "300", "EvaluationPeriods": "1", "Threshold": "60", "ComparisonOperator": "GreaterThanThreshold", "Dimensions": [ { "Name": "AutoScalingGroupName", "Value": { "Ref": "ASGroup" } } ] } }, "ASLowCPUAlearm": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "AlarmDescription": "CPU Alarm For Your Instance.", "AlarmActions": [ { "Ref": "AutoScaleDownPolicy" } ], "MetricName": "CPUUtilization", "Namespace": "AWS/EC2", "Statistic": "Maximum", "Period": "300", "EvaluationPeriods": "1", "Threshold": "30", "ComparisonOperator": "LessThanThreshold", "Dimensions": [ { "Name": "AutoScalingGroupName", "Value": { "Ref": "ASGroup" } } ] } }, "SNSAutoScaling": { "Type": "AWS::SNS::Topic", "Properties": { "DisplayName": { "Fn::Join": [ "-", [ { "Ref": "AWS::StackName" }, "AutoScaling" ] ] }, "TopicName": { "Fn::Join": [ "-", [ { "Ref": "AWS::StackName" }, "AutoScaling" ] ] } } }, "CWLogs": { "Type": "AWS::Logs::LogGroup", "Properties": { "RetentionInDays": { "Ref": "LogRetentionInDays" } } }, "PublicSubnet": { "Type": "AWS::EC2::Subnet", "Properties": { "CidrBlock": "10.0.0.0/24", "AvailabilityZone": { "Ref": "AvailabilityZone" }, "MapPublicIpOnLaunch": "true", "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "RouteTable": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "AssociationRtToPubSub": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "RouteTableId": { "Ref": "RouteTable" }, "SubnetId": { "Ref": "PublicSubnet" } } }, "InternetGateway": { "DependsOn": "VPC", "Type": "AWS::EC2::InternetGateway", "Properties": { "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "AttachGatewayToVPC": { "DependsOn": [ "VPC", "InternetGateway" ], "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { "InternetGatewayId": { "Ref": "InternetGateway" }, "VpcId": { "Ref": "VPC" } } }, "Route": { "Type": "AWS::EC2::Route", "DependsOn": "AttachGatewayToVPC", "Properties": { "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "InternetGateway" }, "RouteTableId": { "Ref": "RouteTable" } } }, "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": "10.0.0.0/16", "InstanceTenancy": "default", "EnableDnsSupport": "true", "EnableDnsHostnames": "true", "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } }, { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ] } }, "SecurityGroupPublic": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "SG for ELB", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0" }, { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "SSHLocation" } } ], "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "VpcId": { "Ref": "VPC" } } }, "SecurityGroupInstance": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "SG for EC2 Instance", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": { "Ref": "SSHLocation" } } ], "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "VpcId": { "Ref": "VPC" } } }, "SecurityGroupInternal": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "Allow connect between EC2 Instance and ELB", "Tags": [ { "Key": "Application", "Value": { "Ref": "AWS::StackName" } } ], "VpcId": { "Ref": "VPC" } } }, "SecurityGroupInternalSelfIngress80": { "Type": "AWS::EC2::SecurityGroupIngress", "DependsOn": "SecurityGroupInternal", "Properties": { "GroupId": { "Ref": "SecurityGroupInternal" }, "SourceSecurityGroupId": { "Ref": "SecurityGroupInternal" }, "IpProtocol": "tcp", "ToPort": "80", "FromPort": "80" } }, "SecurityGroupInternalSelfIngress443": { "Type": "AWS::EC2::SecurityGroupIngress", "DependsOn": "SecurityGroupInternal", "Properties": { "GroupId": { "Ref": "SecurityGroupInternal" }, "SourceSecurityGroupId": { "Ref": "SecurityGroupInternal" }, "IpProtocol": "tcp", "ToPort": "443", "FromPort": "443" } }, "ELB": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "DependsOn": "AttachGatewayToVPC", "Properties": { "Subnets": [ { "Ref": "PublicSubnet" } ], "HealthCheck": { "HealthyThreshold": "2", "Interval": "30", "Target": "TCP:80", "Timeout": "10", "UnhealthyThreshold": "2" }, "Listeners": [ { "InstancePort": "80", "LoadBalancerPort": "80", "Protocol": "HTTP", "InstanceProtocol": "HTTP" }, { "InstancePort": "22", "LoadBalancerPort": "22", "Protocol": "TCP", "InstanceProtocol": "TCP" } ], "SecurityGroups": [ { "Ref": "SecurityGroupInternal" }, { "Ref": "SecurityGroupPublic" } ] } }, "IAMPolicyForCloudFront": { "Type": "AWS::IAM::ManagedPolicy", "Properties": { "Description": "Allow invalidation", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "cloudfront:*Invalidation*", "cloudfront:*getDistribution*" ], "Resource": "*" } ] } } }, "IAMPolicyForS3Media": { "Type": "AWS::IAM::ManagedPolicy", "Properties": { "Description": "Allow manage object under specific bucket", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListAllMyBuckets" ], "Resource": { "Fn::Join": [ "", [ "arn:aws:s3:::*" ] ] } }, { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:PutObjectAcl", "s3:GetObjectAcl", "s3:DeleteObject" ], "Resource": { "Fn::Join": [ "", [ "arn:aws:s3:::", { "Ref": "S3Media" }, "/*" ] ] } }, { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:GetBucketLocation" ], "Resource": { "Fn::Join": [ "", [ "arn:aws:s3:::", { "Ref": "S3Media" } ] ] } } ] } } }, "IAMPolicyForCWL": { "Type": "AWS::IAM::ManagedPolicy", "Properties": { "Description": "CloudWatch Logs", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "logs:Create*", "logs:PutLogEvents", "s3:GetObject" ], "Resource": [ "arn:aws:logs:*:*:*", "arn:aws:s3:::*" ] } ] } } }, "IAMPolicyForSSM": { "Type": "AWS::IAM::ManagedPolicy", "Properties": { "Description": "Allow EC2 System Manager", "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ssm:DescribeAssociation", "ssm:GetDeployablePatchSnapshotForInstance", "ssm:GetDocument", "ssm:GetManifest", "ssm:GetParameters", "ssm:ListAssociations", "ssm:ListInstanceAssociations", "ssm:PutInventory", "ssm:PutComplianceItems", "ssm:PutConfigurePackageResult", "ssm:UpdateAssociationStatus", "ssm:UpdateInstanceAssociationStatus", "ssm:UpdateInstanceInformation" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ec2messages:AcknowledgeMessage", "ec2messages:DeleteMessage", "ec2messages:FailMessage", "ec2messages:GetEndpoint", "ec2messages:GetMessages", "ec2messages:SendReply" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "cloudwatch:PutMetricData" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ec2:DescribeInstanceStatus" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ds:CreateComputer", "ds:DescribeDirectories" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "logs:CreateLogGroup", "logs:CreateLogStream", "logs:DescribeLogGroups", "logs:DescribeLogStreams", "logs:PutLogEvents" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:AbortMultipartUpload", "s3:ListMultipartUploadParts", "s3:ListBucket", "s3:ListBucketMultipartUploads" ], "Resource": "*" } ] } } }, "IAMRoleForInstance": { "Type": "AWS::IAM::Role", "DependsOn": [ "IAMPolicyForCloudFront", "IAMPolicyForS3Media", "IAMPolicyForSSM", "IAMPolicyForCWL" ], "Properties": { "ManagedPolicyArns": [ { "Ref": "IAMPolicyForCloudFront" }, { "Ref": "IAMPolicyForS3Media" }, { "Ref": "IAMPolicyForSSM" }, { "Ref": "IAMPolicyForCWL" } ], "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": { "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com" }, "Action": [ "sts:AssumeRole" ] } }, "Path": "/" } }, "IAMForEC2": { "Type": "AWS::IAM::InstanceProfile", "Properties": { "Path": "/", "Roles": [ { "Ref": "IAMRoleForInstance" } ] } }, "CloudFront": { "Type": "AWS::CloudFront::Distribution", "Properties": { "DistributionConfig": { "Aliases": [ { "Ref": "WebSiteDomain" } ], "Origins": [ { "DomainName": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ELB", "DNSName" ] } ] ] }, "Id": { "Ref": "AWS::StackName" }, "CustomOriginConfig": { "HTTPPort": "80", "HTTPSPort": "443", "OriginProtocolPolicy": "http-only" } } ], "PriceClass": "PriceClass_All", "Enabled": "true", "Comment": "Created by AMIMOTO CloudFormation.", "DefaultRootObject": "", "DefaultCacheBehavior": { "SmoothStreaming": "false", "AllowedMethods": [ "HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH" ], "CachedMethods": [ "HEAD", "GET" ], "MinTTL": "0", "TargetOriginId": { "Ref": "AWS::StackName" }, "ForwardedValues": { "QueryString": "true", "Headers": [ "*" ], "Cookies": { "Forward": "all" } }, "ViewerProtocolPolicy": "allow-all", "Compress": "true" }, "ViewerCertificate": { "CloudFrontDefaultCertificate": "true", "MinimumProtocolVersion": "SSLv3" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none" } }, "CacheBehaviors": [ { "TargetOriginId": { "Ref": "AWS::StackName" }, "ViewerProtocolPolicy": "allow-all", "ForwardedValues": { "Headers": [ "Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-Tablet-Viewer", "Host", "User-Agent", "Referer" ], "Cookies": { "Forward": "all" }, "QueryString": "true" }, "PathPattern": "*.php", "SmoothStreaming": "false", "AllowedMethods": [ "HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH" ], "CachedMethods": [ "HEAD", "GET" ], "MinTTL": "0", "Compress": "true" }, { "TargetOriginId": { "Ref": "AWS::StackName" }, "ViewerProtocolPolicy": "allow-all", "ForwardedValues": { "Headers": [ "Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-Tablet-Viewer", "Host", "User-Agent", "Referer" ], "Cookies": { "Forward": "all" }, "QueryString": "true" }, "PathPattern": "/wp-admin/*", "SmoothStreaming": "false", "AllowedMethods": [ "HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH" ], "CachedMethods": [ "HEAD", "GET" ], "MinTTL": "0", "Compress": "true" }, { "TargetOriginId": { "Ref": "AWS::StackName" }, "ViewerProtocolPolicy": "allow-all", "ForwardedValues": { "Headers": [ "Authorization", "Host" ], "Cookies": { "Forward": "none" }, "QueryString": "true" }, "PathPattern": "/wp-content/uploads/*", "SmoothStreaming": "false", "AllowedMethods": [ "HEAD", "GET" ], "CachedMethods": [ "HEAD", "GET" ], "MinTTL": "43200", "Compress": "true" }, { "TargetOriginId": { "Ref": "AWS::StackName" }, "ViewerProtocolPolicy": "allow-all", "ForwardedValues": { "Headers": [ "Authorization", "Host" ], "Cookies": { "Forward": "none" }, "QueryString": "true" }, "PathPattern": "/wp-includes/*", "SmoothStreaming": "false", "AllowedMethods": [ "HEAD", "GET" ], "CachedMethods": [ "HEAD", "GET" ], "MinTTL": "43200", "Compress": "true" }, { "TargetOriginId": { "Ref": "AWS::StackName" }, "ViewerProtocolPolicy": "allow-all", "ForwardedValues": { "Headers": [ "Authorization", "Host" ], "Cookies": { "Forward": "none" }, "QueryString": "true" }, "PathPattern": "/wp-content/*", "SmoothStreaming": "false", "AllowedMethods": [ "HEAD", "GET" ], "CachedMethods": [ "HEAD", "GET" ], "MinTTL": "43200", "Compress": "true" } ] } } }, "S3Media": { "Type": "AWS::S3::Bucket", "Properties": { "WebsiteConfiguration": { "IndexDocument": "index.html" } }, "DeletionPolicy": "Retain" } }, "Outputs": { "ELBDomain": { "Description": "ssh login address", "Value": { "Fn::GetAtt": [ "ELB", "DNSName" ] } }, "WebSiteURL": { "Description": "WordPress Site URL (Please wait a few minutes for the installation to complete before accessing.)", "Value": { "Fn::Join": [ "", [ "http://", { "Fn::GetAtt": [ "CloudFront", "DomainName" ] } ] ] } }, "CloudFrontDistributionId": { "Description": "This is the CloudFront Disctribution ID. Please set the 'C3 CloudFlont Cache Clear' plugin on admin page.", "Value": { "Ref": "CloudFront" } }, "S3MediaBucketURL": { "Description": "This is the S3 Bucket URL. Please set 'Nephila clavata' Plugin on admin page.", "Value": { "Fn::GetAtt": [ "S3Media", "WebsiteURL" ] } } } }