Service Catalog AWS

Improve this page

Description

Back to Infrastructure as Code index <–

Catalog of predefined AWS resource templates grouped by type.

TO DO add Cloud formation guidelines

S02 Management
S03 Identity
S04 Connectivity
S05 Security
S06 Integration
S07 Compute
S08 Datastores
S09 Platform
S10 Data Analytics

S02 Management

Resource	Description
Monitoring Logging	This script will create required AWS resources for AWS Monitoring and Logging. We are creating CloudTrail Alarm for CloudWatch Logs, sending logs to the S3 bucket, notification via email using SNS topic. we are also creating a logGroup to see the cloudtrail logs on aws console.
Simple Storage Service(S3)	This template creates a S3 bucket on the AWS account.

S03 Identity

Resource	Description
Account Password Policy	This template sets account password policy for user by executing lambda function
Admin User	This template creates admin user on AWS cloud formation
Cross Account Role	This script will Create a role to authorize the VPC Peering request from a specific account, this is used to create the VPC Peer between different accounts in CloudFormation.
Dev User	This template creates Dev user on AWS CloudFormation.
Group Creation	This template creates four IAM groups namely admin group, developer group,readonly group and poweruser group and inline policies are attached to it.
Power User	Creates power user on AWS CloudFormation.
Read Only User	Creates read only user on AWS CloudFormation.
Role Creation	This template will create 2 IAM Roles namely AdminRole and DeveloperRole and trusted as well as inline policies are attached to it.

S04 Connectivity

Resource	Description
Application Load Balancer	This Template will create Application load balancer and has an attached refenced subnet and security group. It will also create a target group with a reference to an existing instance and also creates a listener that redirects the incoming requests to the path specified.
Business_VPC_Creation	This template creates a Business VPC on the AWS account.
Bussiness VPC Creation	This Template will create VPC. It will also create 4 private (App & Database) and 2 public (Web) Subnets along with their routetable and their entries,SecurityGroups (Application,database,administrator,web) with inbound and outbound traffic and 1 private and 1 public network ACL with traffic entries.
Classic Load Balancer	This template will create Load Balancer-CLB / Listener-CLB / Target Group-CLB.
ITMGMT VPC Creation	This Template will create a VPC. It will also create 4 private (App & Database) and 2 public (Web) Subnets along with their routetable and their entries,SecurityGroups (Application,database,administrator,web) with inbound and outbound traffic and 1 private and 1 public network ACL with traffic entries.
ITMGMT_VPC_Creation	This script will create a vpc, two public and one private subnet, internet gateway, public and private routetable with association with their entries;
Network Load Balancer(NLB)	This script will create Load Balancer-NLB / Listener-NLB / Target Group-NLB.
VPC Peer	This template create a lambda function and use it to generate a cross account VPC Peer request ,prior to this the destination account must have created the IAM role to authorize the VPC Peer request to confirm the peering connection.
VPC Peering Version 2	This script is to create a VPC Peering connection between Business VPC and IT Management VPC. Along with this we are also adding PCX entries for public subnets of IT management VPC to the private & public route table of business VPC and allowing PCX entry of business vpc into public route table of IT management vpc.
VPC_Flow_Logs	This template creates VPC flow logs for REJECT packets.
VPC_Peering	This script is to create a VPC Peering connection between Business VPC and IT Management VPC. Along with this we are also adding PCX entries for public subnets of IT management VPC to the private & public route table of business VPC and allowing PCX entry of business vpc into public route table of IT management vpc.

S05 Security

Resource	Description
Cloudtrail_logging	This script will create a trail that logs events in all regions, an Amazon S3 bucket where logs are published, and an SNS topic where notifications are sent. The bucket and topic policies allow CloudTrail (from the specified regions) to publish logs to the S3 bucket and to send notifications to an email that you specify.Create a CloudWatch Log Group to store CloudTrail logs, and the IAM Role required for this. Include Data Events for Lambda and/or S3 to record data plane operations
Security Group	This script will create Security Groups like Instance Security Group, Web Public Security Group & Application Security Group in AWS cloud formation.

S06 Integration

Resource	Description
Simple Notification Service(SNS)	Creates a SNS Topic.
Simple Queue Service(SQS)	Creates a simple queue service.

S07 Compute

Resource	Description
Elastic Beanstalk	Creates an elastic beanstalk along with EC2 template in AWS cloud formation
Elastic Compute Cloud(EC2)	Creates an Elastic Compute Cloud.
Lambda	Creates a Lambda function to create AMI backups.
virtualmachine	virtualmachine.

S08 Datastores

Resource	Description
Cloud Front	Creates a Cloudfront distribution.
DynamoDb	Creates a DynamoDb Table.
Elastic Cache (Redis)	Creates a Redis Cluster.

S09 Platform

Resource	Description

S10 Data Analytics

Resource	Description