Created
December 21, 2018 18:22
-
-
Save VojtechVitek/2c8c9f6e7da0fe4639bcf110d7c065d5 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"AWSTemplateFormatVersion":"2010-09-09","Description":"EKS cluster (dedicated VPC: true, dedicated IAM: true) [created and managed by eksctl]","Resources":{"ControlPlane":{"Type":"AWS::EKS::Cluster","Properties":{"Name":"dev3","ResourcesVpcConfig":{"SecurityGroupIds":[{"Ref":"ControlPlaneSecurityGroup"}],"SubnetIds":[{"Ref":"SubnetPublicUSWEST2C"},{"Ref":"SubnetPublicUSWEST2A"},{"Ref":"SubnetPublicUSWEST2B"},{"Ref":"SubnetPrivateUSWEST2C"},{"Ref":"SubnetPrivateUSWEST2A"},{"Ref":"SubnetPrivateUSWEST2B"}]},"RoleArn":{"Fn::GetAtt":"ServiceRole.Arn"},"Version":"1.11"}},"ControlPlaneSecurityGroup":{"Type":"AWS::EC2::SecurityGroup","Properties":{"GroupDescription":"Communication between the control plane and worker node groups","Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/ControlPlaneSecurityGroup"}}],"VpcId":{"Ref":"VPC"}}},"InternetGateway":{"Type":"AWS::EC2::InternetGateway","Properties":{"Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/InternetGateway"}}]}},"NATGateway":{"Type":"AWS::EC2::NatGateway","Properties":{"AllocationId":{"Fn::GetAtt":"NATIP.AllocationId"},"SubnetId":{"Ref":"SubnetPublicUSWEST2C"},"Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/NATGateway"}}]}},"NATIP":{"Type":"AWS::EC2::EIP","Properties":{"Domain":"vpc"}},"PolicyCloudWatchMetrics":{"Type":"AWS::IAM::Policy","Properties":{"PolicyDocument":{"Statement":[{"Action":["cloudwatch:PutMetricData"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"PolicyName":{"Fn::Sub":"${AWS::StackName}-PolicyCloudWatchMetrics"},"Roles":[{"Ref":"ServiceRole"}]}},"PolicyNLB":{"Type":"AWS::IAM::Policy","Properties":{"PolicyDocument":{"Statement":[{"Action":["elasticloadbalancing:*","ec2:CreateSecurityGroup","ec2:Describe*"],"Effect":"Allow","Resource":"*"}],"Version":"2012-10-17"},"PolicyName":{"Fn::Sub":"${AWS::StackName}-PolicyNLB"},"Roles":[{"Ref":"ServiceRole"}]}},"PrivateRouteTable":{"Type":"AWS::EC2::RouteTable","Properties":{"Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/PrivateRouteTable"}}],"VpcId":{"Ref":"VPC"}}},"PrivateSubnetRoute":{"Type":"AWS::EC2::Route","Properties":{"DestinationCidrBlock":"0.0.0.0/0","NatGatewayId":{"Ref":"NATGateway"},"RouteTableId":{"Ref":"PrivateRouteTable"}}},"PublicRouteTable":{"Type":"AWS::EC2::RouteTable","Properties":{"Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/PublicRouteTable"}}],"VpcId":{"Ref":"VPC"}}},"PublicSubnetRoute":{"Type":"AWS::EC2::Route","Properties":{"DestinationCidrBlock":"0.0.0.0/0","GatewayId":{"Ref":"InternetGateway"},"RouteTableId":{"Ref":"PublicRouteTable"}}},"RouteTableAssociationPrivateUSWEST2A":{"Type":"AWS::EC2::SubnetRouteTableAssociation","Properties":{"RouteTableId":{"Ref":"PrivateRouteTable"},"SubnetId":{"Ref":"SubnetPrivateUSWEST2A"}}},"RouteTableAssociationPrivateUSWEST2B":{"Type":"AWS::EC2::SubnetRouteTableAssociation","Properties":{"RouteTableId":{"Ref":"PrivateRouteTable"},"SubnetId":{"Ref":"SubnetPrivateUSWEST2B"}}},"RouteTableAssociationPrivateUSWEST2C":{"Type":"AWS::EC2::SubnetRouteTableAssociation","Properties":{"RouteTableId":{"Ref":"PrivateRouteTable"},"SubnetId":{"Ref":"SubnetPrivateUSWEST2C"}}},"RouteTableAssociationPublicUSWEST2A":{"Type":"AWS::EC2::SubnetRouteTableAssociation","Properties":{"RouteTableId":{"Ref":"PublicRouteTable"},"SubnetId":{"Ref":"SubnetPublicUSWEST2A"}}},"RouteTableAssociationPublicUSWEST2B":{"Type":"AWS::EC2::SubnetRouteTableAssociation","Properties":{"RouteTableId":{"Ref":"PublicRouteTable"},"SubnetId":{"Ref":"SubnetPublicUSWEST2B"}}},"RouteTableAssociationPublicUSWEST2C":{"Type":"AWS::EC2::SubnetRouteTableAssociation","Properties":{"RouteTableId":{"Ref":"PublicRouteTable"},"SubnetId":{"Ref":"SubnetPublicUSWEST2C"}}},"ServiceRole":{"Type":"AWS::IAM::Role","Properties":{"AssumeRolePolicyDocument":{"Statement":[{"Action":["sts:AssumeRole"],"Effect":"Allow","Principal":{"Service":["eks.amazonaws.com"]}}],"Version":"2012-10-17"},"ManagedPolicyArns":["arn:aws:iam::aws:policy/AmazonEKSServicePolicy","arn:aws:iam::aws:policy/AmazonEKSClusterPolicy"]}},"SubnetPrivateUSWEST2A":{"Type":"AWS::EC2::Subnet","Properties":{"AvailabilityZone":"us-west-2a","CidrBlock":"192.168.128.0/19","Tags":[{"Key":"kubernetes.io/role/internal-elb","Value":"1"},{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/SubnetPrivateUSWEST2A"}}],"VpcId":{"Ref":"VPC"}}},"SubnetPrivateUSWEST2B":{"Type":"AWS::EC2::Subnet","Properties":{"AvailabilityZone":"us-west-2b","CidrBlock":"192.168.160.0/19","Tags":[{"Key":"kubernetes.io/role/internal-elb","Value":"1"},{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/SubnetPrivateUSWEST2B"}}],"VpcId":{"Ref":"VPC"}}},"SubnetPrivateUSWEST2C":{"Type":"AWS::EC2::Subnet","Properties":{"AvailabilityZone":"us-west-2c","CidrBlock":"192.168.96.0/19","Tags":[{"Key":"kubernetes.io/role/internal-elb","Value":"1"},{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/SubnetPrivateUSWEST2C"}}],"VpcId":{"Ref":"VPC"}}},"SubnetPublicUSWEST2A":{"Type":"AWS::EC2::Subnet","Properties":{"AvailabilityZone":"us-west-2a","CidrBlock":"192.168.32.0/19","Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/SubnetPublicUSWEST2A"}}],"VpcId":{"Ref":"VPC"}}},"SubnetPublicUSWEST2B":{"Type":"AWS::EC2::Subnet","Properties":{"AvailabilityZone":"us-west-2b","CidrBlock":"192.168.64.0/19","Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/SubnetPublicUSWEST2B"}}],"VpcId":{"Ref":"VPC"}}},"SubnetPublicUSWEST2C":{"Type":"AWS::EC2::Subnet","Properties":{"AvailabilityZone":"us-west-2c","CidrBlock":"192.168.0.0/19","Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/SubnetPublicUSWEST2C"}}],"VpcId":{"Ref":"VPC"}}},"VPC":{"Type":"AWS::EC2::VPC","Properties":{"CidrBlock":"192.168.0.0/16","EnableDnsHostnames":true,"EnableDnsSupport":true,"Tags":[{"Key":"Name","Value":{"Fn::Sub":"${AWS::StackName}/VPC"}}]}},"VPCGatewayAttachment":{"Type":"AWS::EC2::VPCGatewayAttachment","Properties":{"InternetGatewayId":{"Ref":"InternetGateway"},"VpcId":{"Ref":"VPC"}}}},"Outputs":{"ARN":{"Export":{"Name":{"Fn::Sub":"${AWS::StackName}::ARN"}},"Value":{"Fn::GetAtt":"ControlPlane.Arn"}},"CertificateAuthorityData":{"Value":{"Fn::GetAtt":"ControlPlane.CertificateAuthorityData"}},"ClusterStackName":{"Value":{"Ref":"AWS::StackName"}},"Endpoint":{"Export":{"Name":{"Fn::Sub":"${AWS::StackName}::Endpoint"}},"Value":{"Fn::GetAtt":"ControlPlane.Endpoint"}},"SecurityGroup":{"Export":{"Name":{"Fn::Sub":"${AWS::StackName}::SecurityGroup"}},"Value":{"Fn::Join":[",",[{"Ref":"ControlPlaneSecurityGroup"}]]}},"SubnetsPrivate":{"Export":{"Name":{"Fn::Sub":"${AWS::StackName}::SubnetsPrivate"}},"Value":{"Fn::Join":[",",[{"Ref":"SubnetPrivateUSWEST2C"},{"Ref":"SubnetPrivateUSWEST2A"},{"Ref":"SubnetPrivateUSWEST2B"}]]}},"SubnetsPublic":{"Export":{"Name":{"Fn::Sub":"${AWS::StackName}::SubnetsPublic"}},"Value":{"Fn::Join":[",",[{"Ref":"SubnetPublicUSWEST2C"},{"Ref":"SubnetPublicUSWEST2A"},{"Ref":"SubnetPublicUSWEST2B"}]]}},"VPC":{"Export":{"Name":{"Fn::Sub":"${AWS::StackName}::VPC"}},"Value":{"Ref":"VPC"}}}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment