Last active
August 29, 2015 14:15
-
-
Save maimai-swap/7a255c3fb0fffacae56e to your computer and use it in GitHub Desktop.
VPCを作るCloudFormationテンプレート。SubnetConfigで正しく書いたら出来上がる
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Description": "VPC 120 with multiple subnets", | |
| "Mappings": { | |
| "SubnetConfig": { | |
| "VPC": { | |
| "CIDR": "10.120.0.0/24" | |
| }, | |
| "PublicA": { | |
| "CIDR": "10.120.0.0/26", | |
| "AvailabilityZone": "ap-northeast-1a" | |
| }, | |
| "PublicB": { | |
| "CIDR": "10.120.0.64/26", | |
| "AvailabilityZone": "ap-northeast-1c" | |
| }, | |
| "PrivateA": { | |
| "CIDR": "10.120.0.128/26", | |
| "AvailabilityZone": "ap-northeast-1a" | |
| }, | |
| "PrivateB": { | |
| "CIDR": "10.120.0.192/26", | |
| "AvailabilityZone": "ap-northeast-1c" | |
| } | |
| } | |
| }, | |
| "Resources": { | |
| "VPC": { | |
| "Type": "AWS::EC2::VPC", | |
| "Properties": { | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "VPC", | |
| "CIDR" | |
| ] | |
| }, | |
| "EnableDnsSupport": "true", | |
| "EnableDnsHostnames": "true", | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicSubnetA": { | |
| "Type": "AWS::EC2::Subnet", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PublicA", | |
| "CIDR" | |
| ] | |
| }, | |
| "AvailabilityZone": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PublicA", | |
| "AvailabilityZone" | |
| ] | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicSubnetB": { | |
| "Type": "AWS::EC2::Subnet", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PublicB", | |
| "CIDR" | |
| ] | |
| }, | |
| "AvailabilityZone": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PublicB", | |
| "AvailabilityZone" | |
| ] | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "InternetGateway": { | |
| "Type": "AWS::EC2::InternetGateway", | |
| "Properties": { | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "AttachGateway": { | |
| "Type": "AWS::EC2::VPCGatewayAttachment", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "InternetGatewayId": { | |
| "Ref": "InternetGateway" | |
| } | |
| } | |
| }, | |
| "PublicRouteTable": { | |
| "Type": "AWS::EC2::RouteTable", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "PublicRoute": { | |
| "Type": "AWS::EC2::Route", | |
| "Properties": { | |
| "RouteTableId": { | |
| "Ref": "PublicRouteTable" | |
| }, | |
| "DestinationCidrBlock": "0.0.0.0/0", | |
| "GatewayId": { | |
| "Ref": "InternetGateway" | |
| } | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociationA": { | |
| "Type": "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PublicSubnetA" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PublicRouteTable" | |
| } | |
| } | |
| }, | |
| "PublicSubnetRouteTableAssociationB": { | |
| "Type": "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PublicSubnetB" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PublicRouteTable" | |
| } | |
| } | |
| }, | |
| "PublicNetworkAcl": { | |
| "Type": "AWS::EC2::NetworkAcl", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Public" | |
| } | |
| ] | |
| } | |
| }, | |
| "InboundPublicNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| }, | |
| "CidrBlock": "0.0.0.0/0", | |
| "Egress": "false", | |
| "Protocol": "-1", | |
| "RuleAction": "allow", | |
| "RuleNumber": "100" | |
| } | |
| }, | |
| "OutboundPublicNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| }, | |
| "CidrBlock": "0.0.0.0/0", | |
| "Egress": "true", | |
| "Protocol": "-1", | |
| "RuleAction": "allow", | |
| "RuleNumber": "100" | |
| } | |
| }, | |
| "PublicSubnetNetworkAclAssociationA": { | |
| "Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PublicSubnetA" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| } | |
| } | |
| }, | |
| "PublicSubnetNetworkAclAssociationB": { | |
| "Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PublicSubnetB" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PublicNetworkAcl" | |
| } | |
| } | |
| }, | |
| "PrivateSubnetA": { | |
| "Type": "AWS::EC2::Subnet", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PrivateA", | |
| "CIDR" | |
| ] | |
| }, | |
| "AvailabilityZone": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PrivateA", | |
| "AvailabilityZone" | |
| ] | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Private" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnetB": { | |
| "Type": "AWS::EC2::Subnet", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PrivateB", | |
| "CIDR" | |
| ] | |
| }, | |
| "AvailabilityZone": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "PrivateB", | |
| "AvailabilityZone" | |
| ] | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Private" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateRouteTable": { | |
| "Type": "AWS::EC2::RouteTable", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Private" | |
| } | |
| ] | |
| } | |
| }, | |
| "PrivateSubnetRouteTableAssociationA": { | |
| "Type": "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PrivateSubnetA" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PrivateRouteTable" | |
| } | |
| } | |
| }, | |
| "PrivateSubnetRouteTableAssociationB": { | |
| "Type": "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PrivateSubnetB" | |
| }, | |
| "RouteTableId": { | |
| "Ref": "PrivateRouteTable" | |
| } | |
| } | |
| }, | |
| "PrivateNetworkAcl": { | |
| "Type": "AWS::EC2::NetworkAcl", | |
| "Properties": { | |
| "VpcId": { | |
| "Ref": "VPC" | |
| }, | |
| "Tags": [ | |
| { | |
| "Key": "Application", | |
| "Value": { | |
| "Ref": "AWS::StackName" | |
| } | |
| }, | |
| { | |
| "Key": "Network", | |
| "Value": "Private" | |
| } | |
| ] | |
| } | |
| }, | |
| "InboundPrivateNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| }, | |
| "RuleNumber": "100", | |
| "Protocol": "-1", | |
| "RuleAction": "allow", | |
| "Egress": "false", | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "VPC", | |
| "CIDR" | |
| ] | |
| } | |
| } | |
| }, | |
| "OutboundPrivateNetworkAclEntry": { | |
| "Type": "AWS::EC2::NetworkAclEntry", | |
| "Properties": { | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| }, | |
| "RuleNumber": "100", | |
| "Protocol": "-1", | |
| "RuleAction": "allow", | |
| "Egress": "true", | |
| "CidrBlock": { | |
| "Fn::FindInMap": [ | |
| "SubnetConfig", | |
| "VPC", | |
| "CIDR" | |
| ] | |
| } | |
| } | |
| }, | |
| "PrivateSubnetNetworkAclAssociationA": { | |
| "Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PrivateSubnetA" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| } | |
| } | |
| }, | |
| "PrivateSubnetNetworkAclAssociationB": { | |
| "Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties": { | |
| "SubnetId": { | |
| "Ref": "PrivateSubnetB" | |
| }, | |
| "NetworkAclId": { | |
| "Ref": "PrivateNetworkAcl" | |
| } | |
| } | |
| } | |
| }, | |
| "Outputs": { | |
| "PublicSubnetAId": { | |
| "Value": { | |
| "Ref": "PublicSubnetA" | |
| }, | |
| "Description": "Id of PublicSubnetA" | |
| }, | |
| "PublicSubnetBId": { | |
| "Value": { | |
| "Ref": "PublicSubnetB" | |
| }, | |
| "Description": "Id of PublicSubnetB" | |
| }, | |
| "PrivateSubnetAId": { | |
| "Value": { | |
| "Ref": "PrivateSubnetA" | |
| }, | |
| "Description": "Id of PrivateSubnetA" | |
| }, | |
| "PrivateSubnetBId": { | |
| "Value": { | |
| "Ref": "PrivateSubnetB" | |
| }, | |
| "Description": "Id of PrivateSubnetB" | |
| }, | |
| "PublicNetworkAclId": { | |
| "Value": { | |
| "Ref": "PublicNetworkAcl" | |
| }, | |
| "Description": "Id of PublicNetworkAcl" | |
| }, | |
| "PrivateNetworkAclId": { | |
| "Value": { | |
| "Ref": "PrivateNetworkAcl" | |
| }, | |
| "Description": "Id of PrivateNetworkAcl" | |
| }, | |
| "VPCID": { | |
| "Value": { | |
| "Ref": "VPC" | |
| }, | |
| "Description": "Id of VPC" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
public接続できるようにNetworkACLなおした