-
Notifications
You must be signed in to change notification settings - Fork 52
/
Copy pathcube-in-a-box-cloudformation.yml
155 lines (152 loc) · 4.61 KB
/
cube-in-a-box-cloudformation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
AWSTemplateFormatVersion: "2010-09-09"
Metadata:
License: Apache-2.0
Description: "Open Data Cube template with EC2 instance and RDS."
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: Must be the name of an existing EC2 KeyPair.
InstanceType:
Description: WebServer EC2 instance type
Type: String
Default: t2.small
AllowedValues:
[
t2.small,
t2.medium,
t2.large,
m1.large,
m1.xlarge,
m2.xlarge,
c4.large,
c4.xlarge,
c4.2xlarge,
g2.8xlarge,
r3.large,
r3.xlarge,
]
ConstraintDescription: Must be a valid EC2 instance type.
ExtentToIndex:
Description: An extent to index for use in the Cube in a Box
Type: String
Default: "25,20,35,30"
SecretPassword:
Description: Password to open up the Jupyter notebook
Type: String
Default: "secretpassword"
EC2InstanceName:
Description: The name of the Cube in a Box EC2 instance
Type: String
Default: "Cube-in-a-Box"
SSHLocation:
Description: The IP address range that can be used to access the Cube in a Box
Type: String
MinLength: "9"
MaxLength: "18"
Default: 0.0.0.0/0
AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Region:
Description: The AWS region to deploy in
Type: String
Default: us-west-2
AllowedValues: [eu-west-1, us-west-2, ap-southeast-2]
Mappings:
RegionMap:
eu-west-1:
"HVM64": "ami-0ae0cb89fc578cd9c"
us-west-2:
"HVM64": "ami-04ef7170e45541f07"
ap-southeast-2:
"HVM64": "ami-033c54f661460cfd2"
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: !Ref "InstanceType"
SecurityGroups: [!Ref "InstanceSecurityGroup"]
KeyName: !Ref "KeyName"
ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", HVM64]
IamInstanceProfile: !Ref ODCInstanceProfile
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: 50
UserData:
Fn::Base64: !Sub |
#!/bin/bash -ex
export DEBIAN_FRONTEND=noninteractive
apt-get update && apt-get install -y wget unzip
wget https://github.com/opendatacube/cube-in-a-box/archive/refs/heads/main.zip -O /home/ubuntu/archive.zip
unzip /home/ubuntu/archive.zip -d /home/ubuntu
bash /home/ubuntu/cube-in-a-box-main/setup.sh
echo 'CIABPASSWORD=${SecretPassword}' > /home/ubuntu/cube-in-a-box-main/.env
make -C /home/ubuntu/cube-in-a-box-main setup-prod BBOX="${ExtentToIndex}"
Tags:
- Key: "Name"
Value: !Ref "EC2InstanceName"
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable access
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: "22"
ToPort: "22"
CidrIp: !Ref "SSHLocation"
- IpProtocol: tcp
FromPort: "80"
ToPort: "80"
CidrIp: !Ref "SSHLocation"
- IpProtocol: tcp
FromPort: "8888"
ToPort: "8888"
CidrIp: !Ref "SSHLocation"
ODCRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
RolePolicies:
Type: AWS::IAM::Policy
Properties:
PolicyName: odc-policy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action: ["S3:ListBucket"]
Resource: ["arn:aws:s3:::landsat-pds"]
- Effect: Allow
Action: ["S3:GetObject"]
Resource: ["arn:aws:s3:::landsat-pds/*"]
Roles:
- !Ref ODCRole
ODCInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Path: "/"
Roles:
- !Ref ODCRole
Outputs:
InstanceId:
Description: InstanceId of the newly created EC2 instance
Value: !Ref "EC2Instance"
AZ:
Description: Availability Zone of the newly created EC2 instance
Value: !GetAtt [EC2Instance, AvailabilityZone]
PublicDNS:
Description: Public DNSName of the newly created EC2 instance
Value: !GetAtt [EC2Instance, PublicDnsName]
PublicIP:
Description: Public IP address of the newly created EC2 instance
Value: !GetAtt [EC2Instance, PublicIp]