Last active
May 6, 2019 06:40
-
-
Save Kailashcj/0da59d5ba82b9fa377b730d62d6da36c to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description : >- | |
| This template deploys a VPC and creates following resources in the VPC; | |
| 1 Public and 1 Private Subnet in a single availabilty zone | |
| 1 Internet gateway | |
| 1 NATGateway | |
| 1 Public RouteTable and 1 Private RouteTable | |
| Parameters: | |
| EnvironmentName: | |
| Type: String | |
| Description: Enter a unique id for this stack. This id will be used as a Tag for this deployment | |
| AllowedPattern: '[a-zA-Z0-9_\-]+' | |
| ConstraintDescription: It should be a combination of characters from [A-Z],[a-z],[0-9],- and _. | |
| VpcName: | |
| Description: Specify the VPC Name | |
| Type: String | |
| AvailabilityZone: | |
| Description: Please select the AvailabilityZone for this deployment | |
| Type: AWS::EC2::AvailabilityZone::Name | |
| VpcCIDR: | |
| Description: Please enter the IP range (CIDR) for this VPC. Must be a /20 range for this example(auto cIDR calcuation). For example, 192.168.0.0/20 | |
| Type: String | |
| AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([2][0]))$ # only /20 allowed | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: !Ref VpcCIDR | |
| EnableDnsSupport: true | |
| EnableDnsHostnames: true | |
| Tags: | |
| - Key: Name | |
| Value: !Ref VpcName | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| Properties: | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${VpcName}-InternetGateway | |
| InternetGatewayAttachment: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| InternetGatewayId: !Ref InternetGateway | |
| VpcId: !Ref VPC | |
| PublicSubnet: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !Ref AvailabilityZone | |
| CidrBlock: !Select [ 0 , !Cidr [ !GetAtt VPC.CidrBlock, 32, 7 ]] # 32 subnets of VpcCIDR range; 128 host addresses; 32-7= /25 Cidr range | |
| # Use a subnet calculator to calculate values for !Cidr. For example # https://www.site24x7.com/tools/ipv4-subnetcalculator.html | |
| MapPublicIpOnLaunch: true # Assign a public IP to the instances launched in this subnet | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${VpcName}-PublicSubnet-${AvailabilityZone} | |
| PrivateSubnet: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| AvailabilityZone: !Ref AvailabilityZone | |
| CidrBlock: !Select [ 1 , !Cidr [ !GetAtt VPC.CidrBlock, 8, 9 ]] # 8 subnets of VpcCIDR range; 512 host addresses; 32-9= /23 Cidr range | |
| MapPublicIpOnLaunch: false | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${VpcName}-PrivateSubnet-${AvailabilityZone} | |
| NatGatewayEIP: | |
| Type: AWS::EC2::EIP | |
| Properties: | |
| Domain: vpc | |
| NatGateway: | |
| Type: AWS::EC2::NatGateway | |
| Properties: | |
| AllocationId: !GetAtt NatGatewayEIP.AllocationId | |
| SubnetId: !Ref PublicSubnet | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${VpcName}-NATGateway-${AvailabilityZone} | |
| RouteTablePublic: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${VpcName}-PublicRouteTable-${AvailabilityZone} | |
| PublicRoute: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref RouteTablePublic | |
| DestinationCidrBlock: 0.0.0.0/0 # Outgoing traffic any:any | |
| GatewayId: !Ref InternetGateway | |
| RouteTablePublicAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref RouteTablePublic | |
| SubnetId: !Ref PublicSubnet | |
| RouteTablePrivate: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub ${VpcName}-PrivateRouteTable-${AvailabilityZone} | |
| PrivateRoute: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref RouteTablePrivate | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: !Ref NatGateway | |
| RouteTablePrivateAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref RouteTablePrivate | |
| SubnetId: !Ref PrivateSubnet | |
| NoIngressSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupName: "no-ingress-sg" | |
| GroupDescription: "Security group with no ingress rule" | |
| VpcId: !Ref VPC | |
| Outputs: | |
| VpcEnvironmentName: | |
| Description: Name of the Stack which created VPC | |
| Value: !Sub ${AWS::StackName} | |
| Export: | |
| Name: !Sub ${EnvironmentName}-VpcEnvironmentName | |
| VPC: | |
| Description: A reference to the created VPC | |
| Value: !Ref VPC | |
| Export: | |
| Name: !Sub ${EnvironmentName}-VPC |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment