-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlime-compiler-cloudformation.yml
120 lines (120 loc) · 3.52 KB
/
lime-compiler-cloudformation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
AWSTemplateFormatVersion: "2010-09-09"
Description: Creates the LimeCompiler from CloudFormation and Runs a Build
Resources:
LimeCompilerInternetGateway:
Type: "AWS::EC2::InternetGateway"
Properties:
Tags:
- Key: LimeCompiler-Pony-Type
Value: LimeCompiler
LimeCompilerVPC:
Type: "AWS::EC2::VPC"
DependsOn: LimeCompilerInternetGateway
Properties:
CidrBlock: "10.0.0.0/16"
EnableDnsSupport: True
EnableDnsHostnames: True
Tags:
- Key: LimeCompiler-Pony-Type
Value: LimeCompiler
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
DependsOn: LimeCompilerVPC
Properties:
VpcId:
Ref: LimeCompilerVPC
InternetGatewayId:
Ref: LimeCompilerInternetGateway
LimeCompilerSubnet1:
Type: "AWS::EC2::Subnet"
DependsOn: LimeCompilerVPC
Properties:
AvailabilityZone: "us-west-2a"
CidrBlock: "10.0.0.0/24"
MapPublicIpOnLaunch: True
Tags:
- Key: LimeCompiler-Pony-Type
Value: LimeCompiler
VpcId:
Ref: LimeCompilerVPC
LimeCompilerSubnet2:
Type: "AWS::EC2::Subnet"
DependsOn: LimeCompilerVPC
Properties:
AvailabilityZone: "us-west-2b"
CidrBlock: "10.0.1.0/24"
MapPublicIpOnLaunch: True
Tags:
- Key: LimeCompiler-Pony-Type
Value: LimeCompiler
VpcId:
Ref: LimeCompilerVPC
LimeCompilerRouteTable:
Type: "AWS::EC2::RouteTable"
DependsOn: LimeCompilerVPC
Properties:
VpcId:
Ref: LimeCompilerVPC
Tags:
- Key: LimeCompiler-Pony-Type
Value: LimeCompiler
DefaultRoute:
Type: AWS::EC2::Route
DependsOn: LimeCompilerRouteTable
Properties:
RouteTableId:
Ref: LimeCompilerRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: LimeCompilerInternetGateway
LimeCompilerSecGroup:
Type: "AWS::EC2::SecurityGroup"
DependsOn: LimeCompilerVPC
Properties:
GroupDescription: "Allows ports to test instance during LimeCompiler pony run"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
Tags:
- Key: LimeCompiler-Pony-Type
Value: LimeCompiler
VpcId:
Ref: LimeCompilerVPC
LimeCompilerInstance:
Type: "AWS::EC2::Instance"
DependsOn: LimeCompilerSecGroup
Properties:
AvailabilityZone: 'us-west-2b'
ImageId: ami-0ce3586c
IamInstanceProfile: lime-compiler
InstanceInitiatedShutdownBehavior: terminate
InstanceType: m4.large
KeyName: roger
SecurityGroupIds:
- Ref: LimeCompilerSecGroup
SubnetId:
Ref: LimeCompilerSubnet2
#UserData: IyEvYmluL2Jhc2gKc2V0IC1lIC14CgovaG9tZS9mZWRvcmEvMDAtdGFncy0xMC1lbnYuc2gKL2hvbWUvZmVkb3JhLzAxLXN5bmMuc2gKL2hvbWUvZmVkb3JhLzAyLWJ1aWxkLnNoCg==
Tags:
- Key: GPG_FINGERPRINT
Value: '80DA92CB09161F241C8F9BC918BA980367172B17'
- Key: GPG_HOME
Value: 'build_gpg_home'
- Key: GPG_SIGN
Value: 0
- Key: KMS_REGION
Value: 'us-west-2'
- Key: S3_REGION
Value: 'us-west-2'
- Key: AES_KEY_EXPORT_PATH
Value: 's3://threatresponse.limecompiler.configs/aes_export.aes'
- Key: GPG_KEY_EXPORT_PATH
Value: 's3://threatresponse.limecompiler.configs/gpg_export.aes'
- Key: CostCenter
Value: LimeCompiler
Outputs:
InstancePublicIp:
Value:
"Fn::GetAtt": [ LimeCompilerInstance, PublicIp ]