cloud-formation-template.yml

AWSTemplateFormatVersion: "2010-09-09"
Description: An AWS EC2 jumpbox/vpnbox/proxybox deployer

Parameters:
  EC2Name:
    Type: String
    Description: The name for the ec2 box to be created
  EC2IPAddressField:
    Type: String
    Description: The output field of the EC2 IP address
  KeyPairName:
    Type: String
    Description: The name for the key pair to be created
  SecurityGroupName:
    Type: String
    Description: The name for the security group to be created
  Cidr:
    Type: String
    Description: Cidr block that can use proxy


Mappings:
  RegionMap:
    ap-southeast-1:
      UbuntuAMI: ami-04d9e855d716f9c99
    ap-northeast-1:
      UbuntuAMI: ami-081ce1b631be2b337
    eu-west-1:
      UbuntuAMI: ami-00c90dbdc12232b58
    eu-west-2:
      UbuntuAMI: ami-0eb260c4d5475b901
    eu-central-1:
      UbuntuAMI: ami-04e601abe3e1a910f
    eu-north-1:
      UbuntuAMI: ami-0989fb15ce71ba39e
    us-east-1:
      UbuntuAMI: ami-052efd3df9dad4825


Resources:

  EC2Image:
    Type: AWS::EC2::Instance
    Properties:
      ImageId:
        Fn::FindInMap:
          - RegionMap
          - !Ref AWS::Region
          - UbuntuAMI
      InstanceType: t2.medium
      Tags:
        - Key: Name
          Value: !Ref EC2Name
      KeyName: !Ref KeyPair
      SecurityGroups:
        - !Ref SecurityGroup


  KeyPair:
    Type: AWS::EC2::KeyPair
    Properties:
      KeyName: !Ref KeyPairName


  SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: !Ref SecurityGroupName
      SecurityGroupIngress:
        - CidrIp: !Ref Cidr
          FromPort: 8888
          ToPort: 8888
          IpProtocol: tcp
          Description: Allow HTTP Proxy Traffic
        - CidrIp: !Ref Cidr
          FromPort: 1194
          ToPort: 1194
          IpProtocol: tcp
          Description: Allow OpenVPN TCP Traffic
        - CidrIp: !Ref Cidr
          FromPort: 1194
          ToPort: 1194
          IpProtocol: udp
          Description: Allow OpenVPN UDP Traffic
        - CidrIp: !Ref Cidr
          FromPort: 1080
          ToPort: 1080
          IpProtocol: tcp
          Description: Allow SOCKS5 Proxy Traffic
        - CidrIp: !Ref Cidr
          FromPort: 22
          ToPort: 22
          IpProtocol: tcp
          Description: Allow SSH Traffic to Known IP


Outputs:
  EC2IpAddress:
    Description: The IP address of the EC2 box
    Value: !GetAtt EC2Image.PublicIp
    Export:
      Name: !Ref EC2IPAddressField