Last active
January 8, 2018 15:05
-
-
Save BeardedCloudWalker/90bfc084263d4e3df6c6c01f18546f1c to your computer and use it in GitHub Desktop.
This template deploys a VPC, with a pair of public and private subnets spread across two Availabilty Zones. It deploys an Internet Gateway, with a default route on the public subnets. It deploys a pair of NAT Gateways (one in each AZ), and default routes for them in the private subnets. This also adds a S3 VPC Endpoint for local VPC access to S3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Description: > | |
| This template deploys a VPC, with a pair of public and private subnets spread | |
| across two Availabilty Zones. It deploys an Internet Gateway, with a default | |
| route on the public subnets. It deploys a pair of NAT Gateways (one in each AZ), | |
| and default routes for them in the private subnets. This also adds a S3 VPC | |
| Endpoint for local VPC access to S3 | |
| Parameters: | |
| EnvironmentName: | |
| Description: An environment name that will be prefixed to resource names | |
| Type: String | |
| Default: Dev | |
| VpcCIDR: | |
| Description: Please enter the IP range (CIDR notation) for this VPC | |
| Type: String | |
| Default: 10.192.0.0/16 | |
| PublicSubnetACIDR: | |
| Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone, if you do not wish to create a Public Zone, leave this blank | |
| Type: String | |
| Default: 10.192.10.0/24 | |
| PublicSubnetBCIDR: | |
| Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone, if you do not wish to create a Public Zone, leave this blank | |
| Type: String | |
| Default: 10.192.11.0/24 | |
| PrivateSubnetACIDR: | |
| Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone | |
| Type: String | |
| Default: 10.192.20.0/24 | |
| PrivateSubnetBCIDR: | |
| Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone | |
| Type: String | |
| Default: 10.192.21.0/24 | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: !Ref VpcCIDR | |
| Tags: | |
| - Key: Name | |
| Value: !Ref EnvironmentName | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| Properties: | |
| Tags: | |
| - Key: Name | |
| Value: !Ref EnvironmentName | |
| InternetGatewayAttachment: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| InternetGatewayId: !Ref InternetGateway | |
| VpcId: !Ref VPC | |
| PublicSubnetA: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !Select [ 0, !GetAZs ] | |
| CidrBlock: !Ref PublicSubnetACIDR | |
| MapPublicIpOnLaunch: true | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Public Subnet (AZA) | |
| PublicSubnetB: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !Select [ 1, !GetAZs ] | |
| CidrBlock: !Ref PublicSubnetBCIDR | |
| MapPublicIpOnLaunch: true | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Public Subnet (AZB) | |
| PrivateSubnetA: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !Select [ 0, !GetAZs ] | |
| CidrBlock: !Ref PrivateSubnetACIDR | |
| MapPublicIpOnLaunch: false | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Private Subnet (AZA) | |
| PrivateSubnetB: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !Select [ 1, !GetAZs ] | |
| CidrBlock: !Ref PrivateSubnetBCIDR | |
| MapPublicIpOnLaunch: false | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Private Subnet (AZB) | |
| NatGatewayAEIP: | |
| Type: AWS::EC2::EIP | |
| DependsOn: InternetGatewayAttachment | |
| Properties: | |
| Domain: vpc | |
| # NatGatewayBEIP: | |
| # Type: AWS::EC2::EIP | |
| # DependsOn: InternetGatewayAttachment | |
| # Properties: | |
| # Domain: vpc | |
| NatGatewayA: | |
| Type: AWS::EC2::NatGateway | |
| Properties: | |
| AllocationId: !GetAtt NatGatewayAEIP.AllocationId | |
| SubnetId: !Ref PublicSubnetA | |
| # NatGatewayB: | |
| # Type: AWS::EC2::NatGateway | |
| # Properties: | |
| # AllocationId: !GetAtt NatGatewayBEIP.AllocationId | |
| # SubnetId: !Ref PublicSubnetB | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Public Routes | |
| DefaultPublicRoute: | |
| Type: AWS::EC2::Route | |
| DependsOn: InternetGatewayAttachment | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref InternetGateway | |
| PublicSubnetARouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| SubnetId: !Ref PublicSubnetA | |
| PublicSubnetBRouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| SubnetId: !Ref PublicSubnetB | |
| PrivateRouteTableA: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Private Routes (AZA) | |
| DefaultPrivateRouteA: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref PrivateRouteTableA | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: !Ref NatGatewayA | |
| PrivateSubnetARouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PrivateRouteTableA | |
| SubnetId: !Ref PrivateSubnetA | |
| PrivateRouteTableB: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${EnvironmentName} Private Routes (AZB) | |
| DefaultPrivateRouteB: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref PrivateRouteTableB | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: !Ref NatGatewayA | |
| PrivateSubnetBRouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PrivateRouteTableB | |
| SubnetId: !Ref PrivateSubnetB | |
| S3Endpoint: | |
| Type: 'AWS::EC2::VPCEndpoint' | |
| Properties: | |
| RouteTableIds: | |
| - !Ref PrivateRouteTableA | |
| - !Ref PrivateRouteTableB | |
| ServiceName: !Join | |
| - '' | |
| - - com.amazonaws. | |
| - !Ref 'AWS::Region' | |
| - .s3 | |
| VpcId: !Ref VPC | |
| Outputs: | |
| VPC: | |
| Description: A reference to the created VPC | |
| Value: !Ref VPC | |
| PublicSubnets: | |
| Description: A list of the public subnets | |
| Value: !Join [ ",", [ !Ref PublicSubnetA, !Ref PublicSubnetB ]] | |
| PrivateSubnets: | |
| Description: A list of the private subnets | |
| Value: !Join [ ",", [ !Ref PrivateSubnetA, !Ref PrivateSubnetB ]] | |
| PublicSubnetA: | |
| Description: A reference to the public subnet in the 1st Availability Zone | |
| Value: !Ref PublicSubnetA | |
| PublicSubnetB: | |
| Description: A reference to the public subnet in the 2nd Availability Zone | |
| Value: !Ref PublicSubnetB | |
| PrivateSubnetA: | |
| Description: A reference to the private subnet in the 1st Availability Zone | |
| Value: !Ref PrivateSubnetA | |
| PrivateSubnetB: | |
| Description: A reference to the private subnet in the 2nd Availability Zone | |
| Value: !Ref PrivateSubnetB |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment