Created
December 2, 2019 09:52
-
-
Save karngyan/2b9c6fe426d343f5e3d83a3737b8e7eb to your computer and use it in GitHub Desktop.
VPC Creator using Cloud Formation for EKS, 3 subnets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
AWSTemplateFormatVersion: '2010-09-09' | |
Description: 'Amazon EKS Sample VPC' | |
Parameters: | |
VpcBlock: | |
Type: String | |
Default: 192.168.0.0/16 | |
Description: The CIDR range for the VPC. This should be a valid private (RFC 1918) CIDR range. | |
Subnet01Block: | |
Type: String | |
Default: 192.168.64.0/18 | |
Description: CidrBlock for subnet 01 within the VPC | |
Subnet02Block: | |
Type: String | |
Default: 192.168.128.0/18 | |
Description: CidrBlock for subnet 02 within the VPC | |
Subnet03Block: | |
Type: String | |
Default: 192.168.192.0/18 | |
Description: CidrBlock for subnet 03 within the VPC. This is used only if the region has more than 2 AZs. | |
Metadata: | |
AWS::CloudFormation::Interface: | |
ParameterGroups: | |
- | |
Label: | |
default: "Worker Network Configuration" | |
Parameters: | |
- VpcBlock | |
- Subnet01Block | |
- Subnet02Block | |
- Subnet03Block | |
Conditions: | |
Has2Azs: | |
Fn::Or: | |
- Fn::Equals: | |
- {Ref: 'AWS::Region'} | |
- ap-south-1 | |
- Fn::Equals: | |
- {Ref: 'AWS::Region'} | |
- ap-northeast-2 | |
- Fn::Equals: | |
- {Ref: 'AWS::Region'} | |
- ca-central-1 | |
- Fn::Equals: | |
- {Ref: 'AWS::Region'} | |
- cn-north-1 | |
HasMoreThan2Azs: | |
Fn::Not: | |
- Condition: Has2Azs | |
Resources: | |
VPC: | |
Type: AWS::EC2::VPC | |
Properties: | |
CidrBlock: !Ref VpcBlock | |
EnableDnsSupport: true | |
EnableDnsHostnames: true | |
Tags: | |
- Key: Name | |
Value: !Sub '${AWS::StackName}-VPC' | |
InternetGateway: | |
Type: "AWS::EC2::InternetGateway" | |
VPCGatewayAttachment: | |
Type: "AWS::EC2::VPCGatewayAttachment" | |
Properties: | |
InternetGatewayId: !Ref InternetGateway | |
VpcId: !Ref VPC | |
RouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- Key: Name | |
Value: Public Subnets | |
- Key: Network | |
Value: Public | |
Route: | |
DependsOn: VPCGatewayAttachment | |
Type: AWS::EC2::Route | |
Properties: | |
RouteTableId: !Ref RouteTable | |
DestinationCidrBlock: 0.0.0.0/0 | |
GatewayId: !Ref InternetGateway | |
Subnet01: | |
Type: AWS::EC2::Subnet | |
Metadata: | |
Comment: Subnet 01 | |
Properties: | |
AvailabilityZone: | |
Fn::Select: | |
- '0' | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
CidrBlock: | |
Ref: Subnet01Block | |
VpcId: | |
Ref: VPC | |
Tags: | |
- Key: Name | |
Value: !Sub "${AWS::StackName}-Subnet01" | |
Subnet02: | |
Type: AWS::EC2::Subnet | |
Metadata: | |
Comment: Subnet 02 | |
Properties: | |
AvailabilityZone: | |
Fn::Select: | |
- '1' | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
CidrBlock: | |
Ref: Subnet02Block | |
VpcId: | |
Ref: VPC | |
Tags: | |
- Key: Name | |
Value: !Sub "${AWS::StackName}-Subnet02" | |
Subnet03: | |
Condition: HasMoreThan2Azs | |
Type: AWS::EC2::Subnet | |
Metadata: | |
Comment: Subnet 03 | |
Properties: | |
AvailabilityZone: | |
Fn::Select: | |
- '2' | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
CidrBlock: | |
Ref: Subnet03Block | |
VpcId: | |
Ref: VPC | |
Tags: | |
- Key: Name | |
Value: !Sub "${AWS::StackName}-Subnet03" | |
Subnet01RouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref Subnet01 | |
RouteTableId: !Ref RouteTable | |
Subnet02RouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref Subnet02 | |
RouteTableId: !Ref RouteTable | |
Subnet03RouteTableAssociation: | |
Condition: HasMoreThan2Azs | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref Subnet03 | |
RouteTableId: !Ref RouteTable | |
ControlPlaneSecurityGroup: | |
Type: AWS::EC2::SecurityGroup | |
Properties: | |
GroupDescription: Cluster communication with worker nodes | |
VpcId: !Ref VPC | |
Outputs: | |
SubnetIds: | |
Description: All subnets in the VPC | |
Value: | |
Fn::If: | |
- HasMoreThan2Azs | |
- !Join [ ",", [ !Ref Subnet01, !Ref Subnet02, !Ref Subnet03 ] ] | |
- !Join [ ",", [ !Ref Subnet01, !Ref Subnet02 ] ] | |
SecurityGroups: | |
Description: Security group for the cluster control plane communication with worker nodes | |
Value: !Join [ ",", [ !Ref ControlPlaneSecurityGroup ] ] | |
VpcId: | |
Description: The VPC Id | |
Value: !Ref VPC |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment