PetrMc · June 20, 2024 21:01
diff --git a/gateway-cf-template.yaml b/gateway-cf-template.yaml
 AWSTemplateFormatVersion: '2010-09-09'
 Description: AWS CloudFormation Template to deploy control-plane and gateway VMs with necessary security groups and ingress rules

 Parameters:
  KeyName:
    Description: Name of an existing EC2 KeyPair to enable SSH access
    Type: AWS::EC2::KeyPair::KeyName
    ConstraintDescription: must be the name of an existing EC2 KeyPair.
  InstanceTypeCP:
    Description: EC2 instance type for control-plane
    Type: String
    Default: t2.large
    AllowedValues:
      - t2.medium
      - t2.large 
      - m5.xlarge
  InstanceTypeGW:
    Description: EC2 instance type for gateway
    Type: String
    Default: t2.large 
    AllowedValues:
      - t2.small
      - t2.medium
      - t2.large 
      - m5.xlarge
  ControlPlaneAMI:
    Description: The AMI ID for the control-plane instance
    Type: AWS::EC2::Image::Id
  GatewayAMI:
    Description: The AMI ID for the gateway instance
    Type: AWS::EC2::Image::Id

 Resources:
  ControlPlaneSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: !Sub "Security group for control-plane VM in stack ${AWS::StackName}"
      GroupName: !Sub 
        - "control-plane-sg-${RandomizedValue}"
        - RandomizedValue:
            Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]] 
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 9977
          ToPort: 9977
          CidrIp: 0.0.0.0/0

  GatewaySecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: !Sub "Security group for gateway VM in stack ${AWS::StackName}"
      GroupName: !Sub 
        - "gateway-sg-${RandomizedValue}"
        - RandomizedValue:
            Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]] # Takes the first part of the random GUID in the cloudformation stacks arn.
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 443
          ToPort: 443
          CidrIp: 0.0.0.0/0          
        - IpProtocol: tcp
          FromPort: 8080
          ToPort: 8080
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 8443
          ToPort: 8443
          CidrIp: 0.0.0.0/0

  ControlPlaneInstance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: !Ref InstanceTypeCP
      KeyName: !Ref KeyName
      ImageId: !Ref ControlPlaneAMI
      SecurityGroupIds:
        - !Ref ControlPlaneSecurityGroup
      Tags:
        - Key: Name
          Value: !Sub
            - "ControlPlaneVM-${RandomizedValue}"
            - RandomizedValue:
                Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]] # Takes the first part of the random GUID in the cloudformation stacks arn.
        - Key: created-by
          Value: !Ref AWS::StackName

  GatewayInstance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: !Ref InstanceTypeGW
      KeyName: !Ref KeyName
      ImageId: !Ref GatewayAMI
      SecurityGroupIds:
        - !Ref GatewaySecurityGroup
      Tags:
        - Key: Name
          Value: !Sub 
            - "GatewayVM-${RandomizedValue}"
            - RandomizedValue:
                Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]] 
        - Key: created-by
          Value: !Ref AWS::StackName

 Outputs:
  ControlPlaneInstanceId:
    Description: Instance ID of the Control Plane
    Value: !Ref ControlPlaneInstance

  GatewayInstanceId:
    Description: Instance ID of the Gateway
    Value: !Ref GatewayInstance

  ControlPlanePublicIP:
    Description: Public IP address of the Control Plane instance
    Value: !GetAtt ControlPlaneInstance.PublicIp

  GatewayPublicIP:
    Description: Public IP address of the Gateway instance
    Value: !GetAtt GatewayInstance.PublicIp

  ControlPlanePrivateIP:
    Description: Private IP address of the Control Plane instance
    Value: !GetAtt ControlPlaneInstance.PrivateIp
	AWSTemplateFormatVersion: '2010-09-09'
	Description: AWS CloudFormation Template to deploy control-plane and gateway VMs with necessary security groups and ingress rules

	Parameters:
	KeyName:
	Description: Name of an existing EC2 KeyPair to enable SSH access
	Type: AWS::EC2::KeyPair::KeyName
	ConstraintDescription: must be the name of an existing EC2 KeyPair.
	InstanceTypeCP:
	Description: EC2 instance type for control-plane
	Type: String
	Default: t2.large
	AllowedValues:
	- t2.medium
	- t2.large
	- m5.xlarge
	InstanceTypeGW:
	Description: EC2 instance type for gateway
	Type: String
	Default: t2.large
	AllowedValues:
	- t2.small
	- t2.medium
	- t2.large
	- m5.xlarge
	ControlPlaneAMI:
	Description: The AMI ID for the control-plane instance
	Type: AWS::EC2::Image::Id
	GatewayAMI:
	Description: The AMI ID for the gateway instance
	Type: AWS::EC2::Image::Id

	Resources:
	ControlPlaneSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: !Sub "Security group for control-plane VM in stack ${AWS::StackName}"
	GroupName: !Sub
	- "control-plane-sg-${RandomizedValue}"
	- RandomizedValue:
	Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]]
	SecurityGroupIngress:
	- IpProtocol: tcp
	FromPort: 22
	ToPort: 22
	CidrIp: 0.0.0.0/0
	- IpProtocol: tcp
	FromPort: 9977
	ToPort: 9977
	CidrIp: 0.0.0.0/0

	GatewaySecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: !Sub "Security group for gateway VM in stack ${AWS::StackName}"
	GroupName: !Sub
	- "gateway-sg-${RandomizedValue}"
	- RandomizedValue:
	Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]] # Takes the first part of the random GUID in the cloudformation stacks arn.
	SecurityGroupIngress:
	- IpProtocol: tcp
	FromPort: 22
	ToPort: 22
	CidrIp: 0.0.0.0/0
	- IpProtocol: tcp
	FromPort: 80
	ToPort: 80
	CidrIp: 0.0.0.0/0
	- IpProtocol: tcp
	FromPort: 443
	ToPort: 443
	CidrIp: 0.0.0.0/0
	- IpProtocol: tcp
	FromPort: 8080
	ToPort: 8080
	CidrIp: 0.0.0.0/0
	- IpProtocol: tcp
	FromPort: 8443
	ToPort: 8443
	CidrIp: 0.0.0.0/0

	ControlPlaneInstance:
	Type: AWS::EC2::Instance
	Properties:
	InstanceType: !Ref InstanceTypeCP
	KeyName: !Ref KeyName
	ImageId: !Ref ControlPlaneAMI
	SecurityGroupIds:
	- !Ref ControlPlaneSecurityGroup
	Tags:
	- Key: Name
	Value: !Sub
	- "ControlPlaneVM-${RandomizedValue}"
	- RandomizedValue:
	Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]] # Takes the first part of the random GUID in the cloudformation stacks arn.
	- Key: created-by
	Value: !Ref AWS::StackName

	GatewayInstance:
	Type: AWS::EC2::Instance
	Properties:
	InstanceType: !Ref InstanceTypeGW
	KeyName: !Ref KeyName
	ImageId: !Ref GatewayAMI
	SecurityGroupIds:
	- !Ref GatewaySecurityGroup
	Tags:
	- Key: Name
	Value: !Sub
	- "GatewayVM-${RandomizedValue}"
	- RandomizedValue:
	Fn::Select: [0, Fn::Split: [-, Fn::Select: [2, Fn::Split: [/, !Ref AWS::StackId ]]]]
	- Key: created-by
	Value: !Ref AWS::StackName

	Outputs:
	ControlPlaneInstanceId:
	Description: Instance ID of the Control Plane
	Value: !Ref ControlPlaneInstance

	GatewayInstanceId:
	Description: Instance ID of the Gateway
	Value: !Ref GatewayInstance

	ControlPlanePublicIP:
	Description: Public IP address of the Control Plane instance
	Value: !GetAtt ControlPlaneInstance.PublicIp

	GatewayPublicIP:
	Description: Public IP address of the Gateway instance
	Value: !GetAtt GatewayInstance.PublicIp

	ControlPlanePrivateIP:
	Description: Private IP address of the Control Plane instance
	Value: !GetAtt ControlPlaneInstance.PrivateIp