servers.yml

Description: >
    Antonella Bernobich Dean
    This template defines the Load Balancer and servers security groups,
    the autoscaling group, and the launch configuration.
    It deploys the Load Balancer and 4 servers spread in two
    availability zones.

Parameters:
    EnvironmentName:
        Description: An environment name used as a prefix to resource names
        Type: String
    VpcCIDR:
        Description: The IP range in CIDR notation for this VPC
        Type: String
        Default: 10.0.0.0/16

Resources:
    LBSecurityGroup:
        Type: AWS::EC2::SecurityGroup
        Properties:
            GroupDescription: Allow HTTP to our Load Balancer
            VpcId:
                Fn::ImportValue:
                    !Sub "${EnvironmentName}-VPCID"
            SecurityGroupIngress:
                - IpProtocol: tcp
                  FromPort: 80
                  ToPort: 80
                  CidrIp: 0.0.0.0/0
            SecurityGroupEgress:
                - IpProtocol: tcp
                  FromPort: 80
                  ToPort: 80
                  CidrIp: !Ref VpcCIDR
    
    WebServersSecurityGroup:
        Type: AWS::EC2::SecurityGroup
        Properties:
            GroupDescription: Allow HTTP to our servers
            VpcId:
                Fn::ImportValue:
                    !Sub "${EnvironmentName}-VPCID"
            SecurityGroupIngress:
                - IpProtocol: tcp
                  FromPort: 80
                  ToPort: 80
                  CidrIp: !Ref VpcCIDR
            SecurityGroupEgress:
                - IpProtocol: tcp
                  FromPort: 0
                  ToPort: 65535
                  CidrIp: 0.0.0.0/0

    WebAppLaunchConfiguration:
        Type: AWS::AutoScaling::LaunchConfiguration
        Properties:
            UserData:
                Fn::Base64: !Sub |
                    #!/bin/bash
                    apt-get update -y
                    apt-get install unzip awscli -y
                    apt-get install apache2 -y
                    systemctl start apache2.service
                    cd /var/www/html
                    aws s3 cp s3://udagram-s3bucket/index.zip .
                    unzip -o index.zip
            ImageId: ami-003634241a8fcdec0
            SecurityGroups:
                - Ref: WebServersSecurityGroup
            InstanceType: t3.medium
            IamInstanceProfile:
                Fn::ImportValue:
                    !Sub "${EnvironmentName}-INST-PROF"
            BlockDeviceMappings:
                - DeviceName: "/dev/sdk"
                  Ebs:
                    VolumeSize: '10'

    WebAppAutoScalingGroup:
        Type: AWS::AutoScaling::AutoScalingGroup
        Properties:
            VPCZoneIdentifier:
                - Fn::ImportValue:
                    !Sub "${EnvironmentName}-PRIV-NETS"
            LaunchConfigurationName:
                Ref: WebAppLaunchConfiguration
            MinSize: '4'
            MaxSize: '6'
            TargetGroupARNs:
                - Ref: WebAppTargetGroup
    
    WebAppLB:
        Type: AWS::ElasticLoadBalancingV2::LoadBalancer
        Properties:
            Subnets:
                - Fn::ImportValue: !Sub "${EnvironmentName}-PUB-SN1"
                - Fn::ImportValue: !Sub "${EnvironmentName}-PUB-SN2"
            SecurityGroups:
                - Ref: LBSecurityGroup

    Listener:
        Type: AWS::ElasticLoadBalancingV2::Listener
        Properties:
            DefaultActions:
                - Type: forward
                  TargetGroupArn:
                    Ref: WebAppTargetGroup
            LoadBalancerArn:
                Ref: WebAppLB
            Port: '80'
            Protocol: HTTP
    
    ListenerRule:
        Type: AWS::ElasticLoadBalancingV2::ListenerRule
        Properties:
            Actions:
                - Type: forward
                  TargetGroupArn: !Ref 'WebAppTargetGroup'
            Conditions:
                - Field: path-pattern
                  Values: [/]
            ListenerArn: !Ref 'Listener'
            Priority: 1
    
    WebAppTargetGroup:
        Type: AWS::ElasticLoadBalancingV2::TargetGroup
        Properties:
            HealthCheckIntervalSeconds: 30
            HealthCheckPath: /
            HealthCheckProtocol: HTTP
            HealthCheckTimeoutSeconds: 20
            HealthyThresholdCount: 2
            Port: 80
            Protocol: HTTP
            UnhealthyThresholdCount: 5
            VpcId:
                Fn::ImportValue:
                    Fn::Sub: "${EnvironmentName}-VPCID"

Outputs:
    LBDNS:
        Description: The Load Balancer DNS Name
        Value: !GetAtt WebAppLB.DNSName
        Export:
            Name: !Sub ${EnvironmentName}-LB-DNS