-
-
Save kenriortega/7fe4a31905e8b2282296b532bd46ecbc to your computer and use it in GitHub Desktop.
SAM Template with VPC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Transform: AWS::Serverless-2016-10-31 | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: 10.0.0.0/16 | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| VPCGatewayAttachment: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| InternetGatewayId: !Ref InternetGateway | |
| VpcId: !Ref VPC | |
| PublicSubnet: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.1.0/28 | |
| AvailabilityZone: !Select | |
| - 0 | |
| - !GetAZs | |
| Ref: AWS::Region | |
| LambdaSubnet: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.128.0/20 | |
| AvailabilityZone: !Select | |
| - 1 | |
| - !GetAZs | |
| Ref: AWS::Region | |
| NatGatewayEIP: | |
| Type: AWS::EC2::EIP | |
| Properties: | |
| Domain: vpc | |
| NatGateway: | |
| Type: AWS::EC2::NatGateway | |
| Properties: | |
| SubnetId: !Ref PublicSubnet | |
| AllocationId: !GetAtt NatGatewayEIP.AllocationId | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| PublicRTAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| SubnetId: !Ref PublicSubnet | |
| LambdaRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| LambdaRouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref LambdaRouteTable | |
| SubnetId: !Ref LambdaSubnet | |
| InternetRoute: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref InternetGateway | |
| NatGatewayRoute: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: !Ref LambdaRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: !Ref NatGateway | |
| LambdaSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: Open Lambda ports | |
| VpcId: !Ref VPC | |
| SecurityGroupIngress: | |
| - CidrIp: 0.0.0.0/0 | |
| FromPort: 80 | |
| ToPort: 80 | |
| IpProtocol: tcp | |
| - CidrIp: 0.0.0.0/0 | |
| FromPort: 443 | |
| ToPort: 443 | |
| IpProtocol: tcp | |
| HelloWorldFunction: | |
| Type: AWS::Serverless::Function | |
| Properties: | |
| Handler: index.handler | |
| CodeUri: ./functions | |
| Runtime: nodejs8.10 | |
| Role: !GetAtt ExecutionRole.Arn | |
| VpcConfig: | |
| SubnetIds: | |
| - !Ref LambdaSubnet | |
| SecurityGroupIds: | |
| - !Ref LambdaSecurityGroup | |
| Events: | |
| ApiGatewayEvent: | |
| Type: Api | |
| Properties: | |
| Method: get | |
| Path: /hello-world | |
| ExecutionRole: | |
| Type: AWS::IAM::Role | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Version: 2012-10-17 | |
| Statement: | |
| - Effect: Allow | |
| Action: sts:AssumeRole | |
| Principal: | |
| Service: lambda.amazonaws.com | |
| Policies: | |
| - PolicyName: Policies | |
| PolicyDocument: | |
| Version: 2012-10-17 | |
| Statement: | |
| - Effect: Allow | |
| Action: | |
| - logs:CreateLogGroup | |
| - logs:CreateLogStream | |
| - logs:PutLogEvents | |
| - ec2:*NetworkInterface* | |
| Resource: "*" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment