Last active
June 13, 2018 05:12
-
-
Save dijeesh/2bc2709009e5cc740d542d263f11068e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: 'CloudFormation - EKS VPC Stack' | |
| Parameters: | |
| EnvironmentName: | |
| Description: 'CloudFormation - EKS VPC Stack' | |
| Type: String | |
| Default: '- CloudFormation - EKS VPC Stack' | |
| VPCName: | |
| Description: "Enter your VPC Stack Name in CLIENT_ENV_VPC format ( Eg: NETWORKREDUX_DEV_VPC )" | |
| Type: String | |
| # Define Availabilty Zones | |
| AZ1: | |
| Description: Set Availability Zone 1 | |
| Type: String | |
| Default: us-west-2a | |
| AllowedValues: | |
| - us-west-2a | |
| - us-west-2b | |
| ConstraintDescription: Must be a valid EC2 Availability Zone | |
| AZ2: | |
| Description: Set Availability Zone 2 | |
| Type: String | |
| Default: us-west-2b | |
| AllowedValues: | |
| - us-west-2a | |
| - us-west-2b | |
| ConstraintDescription: Must be a valid EC2 Availability Zone | |
| # Define SSH KeyPairName | |
| KeyPairName: | |
| Description: Key file used to SSH into servers | |
| Default: ssh-keypair-labs-us-west-2 | |
| Type: String | |
| Resources: | |
| # Provision VPC, InternetGateway and Attach InternetGateway | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: 10.10.0.0/16 | |
| EnableDnsSupport: 'true' | |
| EnableDnsHostnames: 'true' | |
| InstanceTenancy: default | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}" | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| Properties: | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_IG" | |
| AttachGateway: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| InternetGatewayId: | |
| Ref: InternetGateway | |
| # Provision EIP for NAT Gateway and NAT Gateway - AZ 01 | |
| NGWEIPAZ01: | |
| Type: AWS::EC2::EIP | |
| Properties: | |
| Domain: vpc | |
| NATGATEWAYAZ01: | |
| DependsOn: AttachGateway | |
| Type: AWS::EC2::NatGateway | |
| Properties: | |
| AllocationId: | |
| Fn::GetAtt: | |
| - NGWEIPAZ01 | |
| - AllocationId | |
| SubnetId: | |
| Ref: PublicSubnet1 | |
| # Provision EIP for NAT Gateway and NAT Gateway - AZ 02 | |
| NGWEIPAZ02: | |
| Type: AWS::EC2::EIP | |
| Properties: | |
| Domain: vpc | |
| NATGATEWAYAZ02: | |
| DependsOn: AttachGateway | |
| Type: AWS::EC2::NatGateway | |
| Properties: | |
| AllocationId: | |
| Fn::GetAtt: | |
| - NGWEIPAZ02 | |
| - AllocationId | |
| SubnetId: | |
| Ref: PublicSubnet2 | |
| # Provision Public Subnets, RouteTable and SubnetRouteTableAssociations in AZ 01 and 02 | |
| PublicSubnet1: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.1.0/19 | |
| AvailabilityZone: | |
| Ref: AZ1 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_DMZ_PUBLIC_AZ01" | |
| PublicSubnet2: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.32.0/19 | |
| AvailabilityZone: | |
| Ref: AZ2 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_DMZ_PUBLIC_AZ02" | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_RT_DMZ_EGRESS" | |
| PublicRoute1: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: | |
| Ref: PublicRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: | |
| Ref: InternetGateway | |
| PublicSubnetRouteTableAssociation1: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PublicSubnet1 | |
| RouteTableId: | |
| Ref: PublicRouteTable | |
| PublicSubnetRouteTableAssociation2: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PublicSubnet2 | |
| RouteTableId: | |
| Ref: PublicRouteTable | |
| # Provision Private Subnets, RouteTable and SubnetRouteTableAssociations in AZ 01 and 02 | |
| # EKS Cluster Subnets | |
| PrivateSubnet1: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.64.0/19 | |
| AvailabilityZone: | |
| Ref: AZ1 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_EKS_PRIVATE_AZ01" | |
| PrivateSubnet2: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.96.0/19 | |
| AvailabilityZone: | |
| Ref: AZ2 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_EKS_PRIVATE_AZ02" | |
| # Elasticache Cluster Subnets | |
| PrivateSubnet3: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.130.0/24 | |
| AvailabilityZone: | |
| Ref: AZ1 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_CACHE_PRIVATE_AZ01" | |
| PrivateSubnet4: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.135.0/24 | |
| AvailabilityZone: | |
| Ref: AZ2 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_CACHE_PRIVATE_AZ02" | |
| # RDS Cluster Subnets | |
| PrivateSubnet5: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.140.0/24 | |
| AvailabilityZone: | |
| Ref: AZ1 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_RDS_PRIVATE_AZ01" | |
| PrivateSubnet6: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| CidrBlock: 10.10.145.0/24 | |
| AvailabilityZone: | |
| Ref: AZ2 | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_RDS_PRIVATE_AZ02" | |
| PrivateRouteTable1: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_RT_TRUST_EGRESS_AZ1" | |
| PrivateRouteTable2: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| Tags: | |
| - Key: Name | |
| Value: !Sub "${VPCName}_RT_TRUST_EGRESS_AZ2" | |
| PrivateSubnetRouteTableAssociation1: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnet1 | |
| RouteTableId: | |
| Ref: PrivateRouteTable1 | |
| PrivateSubnetRouteTableAssociation2: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnet2 | |
| RouteTableId: | |
| Ref: PrivateRouteTable2 | |
| PrivateSubnetRouteTableAssociation3: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnet3 | |
| RouteTableId: | |
| Ref: PrivateRouteTable1 | |
| PrivateSubnetRouteTableAssociation4: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnet4 | |
| RouteTableId: | |
| Ref: PrivateRouteTable2 | |
| PrivateSubnetRouteTableAssociation5: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnet5 | |
| RouteTableId: | |
| Ref: PrivateRouteTable1 | |
| PrivateSubnetRouteTableAssociation6: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnet6 | |
| RouteTableId: | |
| Ref: PrivateRouteTable2 | |
| PrivateNATRouteTableAssociation1: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: | |
| Ref: PrivateRouteTable1 | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: | |
| Ref: NATGATEWAYAZ01 | |
| PrivateNATRouteTableAssociation2: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: | |
| Ref: PrivateRouteTable2 | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: | |
| Ref: NATGATEWAYAZ02 | |
| ControlPlaneSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupName: SG_EKS_CLUSTER_CONTROL_PLANE | |
| GroupDescription: Cluster communication with worker nodes | |
| VpcId: !Ref VPC | |
| Outputs: | |
| StackName: | |
| Description: Name of the stack as specified with the cfn-create-stack command. | |
| Value: | |
| Ref: AWS::StackName | |
| RegionName: | |
| Description: Name of the stack as specified with the cfn-create-stack command. | |
| Value: | |
| Ref: AWS::Region | |
| VPCID: | |
| Description: VPC | |
| Value: | |
| Ref: VPC |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment