Created
January 14, 2014 06:27
-
-
Save chhibber/8413983 to your computer and use it in GitHub Desktop.
Cloudformation - VPC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion" : "2010-09-09", | |
| "Description" : "US West 2 (Oregon) Development VPC :: SG, Routing, EIPs :: Avalability Zones: 2A,2B,2C", | |
| "Parameters" : { | |
| }, | |
| "Mappings" : { | |
| "RegionMap" : { | |
| "us-east-1" : { | |
| "VPCCIDR" : "10.200.0.0/16", | |
| "PublicSubnet1" : "10.200.0.0/23", | |
| "PublicSubnet2" : "10.200.2.0/23", | |
| "PublicSubnet3" : "10.200.4.0/23", | |
| "PrivateSubnet1" : "10.200.128.0/23", | |
| "PrivateSubnet2" : "10.200.130.0/23", | |
| "PrivateSubnet3" : "10.200.132.0/23", | |
| "PrivateSubnet4" : "10.200.134.0/23", | |
| "PrivateSubnet5" : "10.200.136.0/23", | |
| "PrivateSubnet6" : "10.200.138.0/23", | |
| "AMI" : "ami-570f603e", | |
| "NATAMI" : "ami-4f9fee26" | |
| }, | |
| "us-west-1" : { | |
| "VPCCIDR" : "10.203.0.0/16", | |
| "PublicSubnet1" : "10.203.0.0/23", | |
| "PublicSubnet2" : "10.203.2.0/23", | |
| "PrivateSubnet1" : "10.203.128.0/23", | |
| "PrivateSubnet2" : "10.203.130.0/23", | |
| "PrivateSubnet3" : "10.203.132.0/23", | |
| "PrivateSubnet4" : "10.203.134.0/23", | |
| "AMI" : "ami-c5fed180", | |
| "NATAMI" : "ami-7850793d" | |
| }, | |
| "us-west-2" : { | |
| "VPCCIDR" : "10.204.0.0/16", | |
| "PublicSubnet1" : "10.204.0.0/23", | |
| "PublicSubnet2" : "10.204.2.0/23", | |
| "PublicSubnet3" : "10.204.4.0/23", | |
| "PrivateSubnet1" : "10.204.128.0/23", | |
| "PrivateSubnet2" : "10.204.130.0/23", | |
| "PrivateSubnet3" : "10.204.132.0/23", | |
| "PrivateSubnet4" : "10.204.134.0/23", | |
| "PrivateSubnet5" : "10.204.136.0/23", | |
| "PrivateSubnet6" : "10.204.138.0/23", | |
| "AMI" : "ami-5359cf63", | |
| "NATAMI" : "ami-6d29b85d" | |
| }, | |
| "eu-west-1" : { | |
| "VPCCIDR" : "10.205.0.0/16", | |
| "PublicSubnet1" : "10.205.0.0/23", | |
| "PublicSubnet2" : "10.205.2.0/23", | |
| "PublicSubnet3" : "10.205.4.0/23", | |
| "PrivateSubnet1" : "10.205.128.0/23", | |
| "PrivateSubnet2" : "10.205.130.0/23", | |
| "PrivateSubnet3" : "10.205.132.0/23", | |
| "PrivateSubnet4" : "10.205.134.0/23", | |
| "PrivateSubnet5" : "10.205.136.0/23", | |
| "PrivateSubnet6" : "10.205.138.0/23", | |
| "AMI" : "ami-d9c0d6ad", | |
| "NATAMI" : "ami-ed352799" | |
| } | |
| } | |
| }, | |
| "Resources" : { | |
| "VPC" : { | |
| "Type" : "AWS::EC2::VPC", | |
| "Properties" : { | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" }, | |
| {"Key" : "Region", "Value" : { "Ref" : "AWS::Region" } } | |
| ] | |
| } | |
| }, | |
| "PublicSubnet1" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "0", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] } , | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PublicSubnet1" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ] | |
| } | |
| }, | |
| "PublicSubnet2" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "1", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PublicSubnet2" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ] | |
| } | |
| }, | |
| "PublicSubnet3" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "2", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PublicSubnet3" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ] | |
| } | |
| }, | |
| "InternetGateway" : { | |
| "Type" : "AWS::EC2::InternetGateway", | |
| "Properties" : { | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ] | |
| } | |
| }, | |
| "AttachGateway" : { | |
| "Type" : "AWS::EC2::VPCGatewayAttachment", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "InternetGatewayId" : { "Ref" : "InternetGateway" } | |
| } | |
| }, | |
| "PublicRouteTable" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ] | |
| } | |
| }, | |
| "PublicRoute1" : { | |
| "Type" : "AWS::EC2::Route", | |
| "Properties" : { | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" }, | |
| "DestinationCidrBlock" : "0.0.0.0/0", | |
| "GatewayId" : { "Ref" : "InternetGateway" } | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociation1" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet1" }, | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" } | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociation2" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet2" }, | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" } | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociation3" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet3" }, | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" } | |
| } | |
| }, | |
| "PrivateSubnet1" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "0", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PrivateSubnet1" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnet2" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "1", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PrivateSubnet2" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnet3" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "2", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PrivateSubnet3" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnet4" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "0", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PrivateSubnet4" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnet5" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "1", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PrivateSubnet5" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnet6" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "AvailabilityZone" : { "Fn::Select" : [ "2", { "Fn::GetAZs" : { "Ref" : "AWS::Region" } } ] }, | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "PrivateSubnet6" ] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateRouteTable1" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateRouteTable2" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateRouteTable3" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnetRouteTableAssociation1" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PrivateSubnet1" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable1" } | |
| } | |
| }, | |
| "PrivateSubnetRouteTableAssociation2" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PrivateSubnet2" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable2" } | |
| } | |
| }, | |
| "PrivateSubnetRouteTableAssociation3" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PrivateSubnet3" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable3" } | |
| } | |
| }, | |
| "SGnat" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Enable SSH access via port 22", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "22", | |
| "ToPort" : "22", | |
| "CidrIp" : "0.0.0.0/0" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "60522", | |
| "ToPort" : "60522", | |
| "CidrIp" : "97.79.252.52/32" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "60522", | |
| "ToPort" : "60522", | |
| "CidrIp" : "173.160.50.209/32" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "60522", | |
| "ToPort" : "60522", | |
| "CidrIp" : "195.160.233.10/32" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "60522", | |
| "ToPort" : "60522", | |
| "CidrIp" : "195.160.233.11/32" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "0", | |
| "ToPort" : "65535", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "udp", | |
| "FromPort": "0", | |
| "ToPort" : "65535", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "icmp", | |
| "FromPort": "-1", | |
| "ToPort" : "-1", | |
| "CidrIp" : "0.0.0.0/0" | |
| }] | |
| } | |
| }, | |
| "SGsaltelb" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Enable access to salt via ELB", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "80", | |
| "ToPort" : "80", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "443", | |
| "ToPort" : "443", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort": "4505", | |
| "ToPort" : "4506", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "icmp", | |
| "FromPort": "-1", | |
| "ToPort" : "-1", | |
| "CidrIp" : "0.0.0.0/0" | |
| }] | |
| } | |
| }, | |
| "SGsalt" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Web Server - Allow access to port 80 and 443", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "22", | |
| "ToPort" : "22", | |
| "SourceSecurityGroupId" : { "Ref" : "SGnat" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "80", | |
| "ToPort" : "80", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "443", | |
| "ToPort" : "443", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "4505", | |
| "ToPort" : "4506", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| } ] | |
| } | |
| }, | |
| "SGwwwelb" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Web Server - Allow access to port 80 and 443", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "80", | |
| "ToPort" : "80", | |
| "CidrIp" : "97.79.252.52/32" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "80", | |
| "ToPort" : "80", | |
| "CidrIp" : "173.160.50.209/32" | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "443", | |
| "ToPort" : "443", | |
| "CidrIp" : "0.0.0.0/0" | |
| } ] | |
| } | |
| }, | |
| "SGwww" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Web Server - Allow access to port 80 and 443", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "22", | |
| "ToPort" : "22", | |
| "SourceSecurityGroupId" : { "Ref" : "SGsalt" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "80", | |
| "ToPort" : "80", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "443", | |
| "ToPort" : "443", | |
| "CidrIp" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "VPCCIDR" ] } | |
| } ] | |
| } | |
| }, | |
| "SGworker" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Worker Server - Allow access to port 22", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "22", | |
| "ToPort" : "22", | |
| "SourceSecurityGroupId" : { "Ref" : "SGsalt" } | |
| } ] | |
| } | |
| }, | |
| "SGecache" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Allow salt and webserver to talk to Elasticache", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "11211", | |
| "ToPort" : "11211", | |
| "SourceSecurityGroupId" : { "Ref" : "SGsalt" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "11211", | |
| "ToPort" : "11211", | |
| "SourceSecurityGroupId" : { "Ref" : "SGwww" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "6379", | |
| "ToPort" : "6379", | |
| "SourceSecurityGroupId" : { "Ref" : "SGsalt" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "6379", | |
| "ToPort" : "6379", | |
| "SourceSecurityGroupId" : { "Ref" : "SGwww" } | |
| } ] | |
| } | |
| }, | |
| "SGrds" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : | |
| { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "GroupDescription" : "Allow salt and webserver to talk to Elasticache", | |
| "SecurityGroupIngress" : [ { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "3306", | |
| "ToPort" : "3306", | |
| "SourceSecurityGroupId" : { "Ref" : "SGsalt" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "3306", | |
| "ToPort" : "3306", | |
| "SourceSecurityGroupId" : { "Ref" : "SGwww" } | |
| }, { | |
| "IpProtocol" : "tcp", | |
| "FromPort" : "3306", | |
| "ToPort" : "3306", | |
| "SourceSecurityGroupId" : { "Ref" : "SGworker" } | |
| } ] | |
| } | |
| }, | |
| "NATAIPAddress" : { | |
| "Type" : "AWS::EC2::EIP", | |
| "Properties" : { | |
| "Domain" : "vpc" | |
| } | |
| }, | |
| "NATBIPAddress" : { | |
| "Type" : "AWS::EC2::EIP", | |
| "Properties" : { | |
| "Domain" : "vpc" | |
| } | |
| }, | |
| "NATCIPAddress" : { | |
| "Type" : "AWS::EC2::EIP", | |
| "Properties" : { | |
| "Domain" : "vpc" | |
| } | |
| }, | |
| "NATANIC" : { | |
| "Type" : "AWS::EC2::NetworkInterface", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet1" }, | |
| "Description" :"Interface for control traffic such as SSH", | |
| "GroupSet" : [ {"Ref" : "SGnat"} ], | |
| "SourceDestCheck" : "true", | |
| "Tags" : [ {"Key" : "Network", "Value" : "Control"}] | |
| } | |
| }, | |
| "NATBNIC" : { | |
| "Type" : "AWS::EC2::NetworkInterface", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet2" }, | |
| "Description" :"Interface for control traffic such as SSH", | |
| "GroupSet" : [ {"Ref" : "SGnat"} ], | |
| "SourceDestCheck" : "true", | |
| "Tags" : [ {"Key" : "Network", "Value" : "Control"}] | |
| } | |
| }, | |
| "NATCNIC" : { | |
| "Type" : "AWS::EC2::NetworkInterface", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "PublicSubnet3" }, | |
| "Description" :"Interface for control traffic such as SSH", | |
| "GroupSet" : [ {"Ref" : "SGnat"} ], | |
| "SourceDestCheck" : "true", | |
| "Tags" : [ {"Key" : "Network", "Value" : "Control"}] | |
| } | |
| }, | |
| "NATATONATAIPAddress" : { | |
| "Type" : "AWS::EC2::EIPAssociation", | |
| "Properties" : { | |
| "AllocationId" : { "Fn::GetAtt" : [ "NATAIPAddress", "AllocationId" ]}, | |
| "NetworkInterfaceId" : { "Ref" : "NATANIC" } | |
| } | |
| }, | |
| "NATBTONATBIPAddress" : { | |
| "Type" : "AWS::EC2::EIPAssociation", | |
| "Properties" : { | |
| "AllocationId" : { "Fn::GetAtt" : [ "NATBIPAddress", "AllocationId" ]}, | |
| "NetworkInterfaceId" : { "Ref" : "NATBNIC" } | |
| } | |
| }, | |
| "NATCTONATCIPAddress" : { | |
| "Type" : "AWS::EC2::EIPAssociation", | |
| "Properties" : { | |
| "AllocationId" : { "Fn::GetAtt" : [ "NATCIPAddress", "AllocationId" ]}, | |
| "NetworkInterfaceId" : { "Ref" : "NATCNIC" } | |
| } | |
| }, | |
| "PrivateRoute1" : { | |
| "Type" : "AWS::EC2::Route", | |
| "Properties" : { | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable1" }, | |
| "DestinationCidrBlock" : "0.0.0.0/0", | |
| "NetworkInterfaceId" : { "Ref" : "NATANIC" } | |
| } | |
| }, | |
| "PrivateRoute2" : { | |
| "Type" : "AWS::EC2::Route", | |
| "Properties" : { | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable2" }, | |
| "DestinationCidrBlock" : "0.0.0.0/0", | |
| "NetworkInterfaceId" : { "Ref" : "NATBNIC" } | |
| } | |
| }, | |
| "PrivateRoute3" : { | |
| "Type" : "AWS::EC2::Route", | |
| "Properties" : { | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable3" }, | |
| "DestinationCidrBlock" : "0.0.0.0/0", | |
| "NetworkInterfaceId" : { "Ref" : "NATCNIC" } | |
| } | |
| }, | |
| "DNSRecordNATA" : { | |
| "Type" : "AWS::Route53::RecordSet", | |
| "Properties" : { | |
| "HostedZoneId" : "/hostedzone/Z12F92KMETYU0Z", | |
| "Comment" : "DNS name NAT instance", | |
| "Name" : { | |
| "Fn::Join" : [ "", | |
| [ | |
| { "Fn::GetAtt" : [ "PublicSubnet1", "AvailabilityZone" ] }, | |
| "-dev-nat", | |
| ".FOOBAR.com" | |
| ] | |
| ] | |
| }, | |
| "Type" : "A", | |
| "TTL" : "300", | |
| "ResourceRecords" : [ | |
| {"Ref" : "NATAIPAddress"} | |
| ] | |
| } | |
| }, | |
| "DNSRecordNATB" : { | |
| "Type" : "AWS::Route53::RecordSet", | |
| "Properties" : { | |
| "HostedZoneId" : "/hostedzone/Z12F92KMETYU0Z", | |
| "Comment" : "DNS name NAT instance", | |
| "Name" : { | |
| "Fn::Join" : [ "", | |
| [ | |
| { "Fn::GetAtt" : [ "PublicSubnet2", "AvailabilityZone" ] }, | |
| "-dev-nat", | |
| ".FOOBAR.com" | |
| ] | |
| ] | |
| }, | |
| "Type" : "A", | |
| "TTL" : "300", | |
| "ResourceRecords" : [ | |
| {"Ref" : "NATBIPAddress"} | |
| ] | |
| } | |
| }, | |
| "DNSRecordNATC" : { | |
| "Type" : "AWS::Route53::RecordSet", | |
| "Properties" : { | |
| "HostedZoneId" : "/hostedzone/Z12F92KMETYU0Z", | |
| "Comment" : "DNS name NAT instance", | |
| "Name" : { | |
| "Fn::Join" : [ "", | |
| [ | |
| { "Fn::GetAtt" : [ "PublicSubnet3", "AvailabilityZone" ] }, | |
| "-dev-nat", | |
| ".FOOBAR.com" | |
| ] | |
| ] | |
| }, | |
| "Type" : "A", | |
| "TTL" : "300", | |
| "ResourceRecords" : [ | |
| {"Ref" : "NATCIPAddress"} | |
| ] | |
| } | |
| } | |
| }, | |
| "Outputs" : { | |
| "VPCINFO" : { | |
| "Value" : { "Ref" : "VPC" } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment