Skip to content

Instantly share code, notes, and snippets.

@sandromello

sandromello/lab-aws

Created April 24, 2015 19:33
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save sandromello/65be1ebb26b373bac674 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save sandromello/65be1ebb26b373bac674 to your computer and use it in GitHub Desktop.
Download ZIP
Lab Aws
Raw
lab-aws
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters" : {
"BastionKeyName" : {
"Type" : "String",
"Description" : "The bastion server key."
},
"BastionSecurityCIDR" : {
"Type" : "String",
"Description" : "The CIDR block range for SSH."
}
},
"Mappings" : {
"AmazonLinuxAMI" : {
"us-east-1": {
"AMI": "ami-b66ed3de"
},
"us-west-1": {
"AMI": "ami-4b6f650e"
},
"us-west-2": {
"AMI": "ami-b5a7ea85"
},
"eu-west-1": {
"AMI": "ami-6e7bd919"
},
"sa-east-1": {
"AMI": "ami-8737829a"
},
"ap-southeast-1": {
"AMI": "ami-ac5c7afe"
},
"ap-southeast-2": {
"AMI": "ami-63f79559"
},
"ap-northeast-1": {
"AMI": "ami-4985b048"
}
}
},
"Resources": {
"vpce96eea8c": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "10.1.0.0/16",
"InstanceTenancy": "default",
"EnableDnsSupport": "true",
"EnableDnsHostnames": "true",
"Tags": [
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "Name",
"Value": "Lab VPC"
},
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "VPC",
"Value": "System Operations v2.1 Lab 7 - CloudFormation"
}
]
}
},
"subnetf55ae882": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "10.1.50.0/24",
"AvailabilityZone" : {
"Fn::Select" : ["0", {
"Fn::GetAZs" : {
"Ref" : "AWS::Region"
}
}]
},
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "Name",
"Value": "Private Subnet 1"
},
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "LabName",
"Value": "827"
}
]
}
},
"subnetf45ae883": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "10.1.10.0/24",
"AvailabilityZone" : {
"Fn::Select" : ["1", {
"Fn::GetAZs" : {
"Ref" : "AWS::Region"
}
}]
},
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "Name",
"Value": "Public Subnet 1"
},
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "CustomerName",
"Value": "aws"
}
]
}
},
"igw50c96e35": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "LabName",
"Value": "827"
}
]
}
},
"acl4d43c328": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "vpce96eea8c"
}
}
},
"acl5343c336": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "Network",
"Value": "Private"
},
{
"Key": "LabName",
"Value": "827"
}
]
}
},
"acla8eae0ca": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": "vpc-31d1db53"
}
},
"rtb2ef47a4b": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "Name",
"Value": "Private"
}
]
}
},
"rtbbdf6fcdf": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": "vpc-31d1db53"
}
},
"rtb2ff47a4a": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "Name",
"Value": "Public"
},
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
}
]
}
},
"rtb5ef47a3b": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "vpce96eea8c"
}
}
},
"instancei2744d9d1": {
"Type": "AWS::EC2::Instance",
"Properties": {
"DisableApiTermination": "false",
"InstanceInitiatedShutdownBehavior": "stop",
"ImageId" : {
"Fn::FindInMap" : [
"AmazonLinuxAMI", {
"Ref" : "AWS::Region"
},
"AMI"
]
},
"InstanceType": "t2.small",
"Monitoring": "false",
"Tags": [
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "Name",
"Value": "NAT"
}
],
"UserData" : {
"Fn::Base64" : {
"Fn::Join" : [
"\n",
[
"#!/bin/bash",
"yum -y update",
"echo 1 > /proc/sys/net/ipv4/ip_forward",
"echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects",
"/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 0.0.0.0/0 -j MASQUERADE",
"/sbin/iptables-save > /etc/sysconfig/iptables",
"mkdir -p /etc/sysctl.d/",
"cat <<EOF > /etc/sysctl.d/nat.conf",
"net.ipv4.ip_forward = 1",
"net.ipv4.conf.eth0.send_redirects = 0",
"EOF \n"
]
]
}
},
"NetworkInterfaces": [
{
"DeleteOnTermination": "true",
"DeviceIndex": 0,
"SubnetId": {
"Ref": "subnetf45ae883"
},
"PrivateIpAddresses": [
{
"PrivateIpAddress": "10.1.10.13",
"Primary": "true"
}
],
"GroupSet": [
{
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511NATSecurityGroupV1BJA14N1BVN"
}
],
"AssociatePublicIpAddress": "true"
}
]
}
},
"instancei1244d9e4": {
"Type": "AWS::EC2::Instance",
"Properties": {
"DisableApiTermination": "false",
"InstanceInitiatedShutdownBehavior": "stop",
"ImageId" : {
"Fn::FindInMap" : [
"AmazonLinuxAMI", {
"Ref" : "AWS::Region"
},
"AMI"
]
},
"InstanceType": "t2.micro",
"KeyName" : {
"Ref" : "BastionKeyName"
},
"Monitoring": "false",
"Tags": [
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "Name",
"Value": "BastionServer"
},
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
},
{
"Key": "LabName",
"Value": "827"
}
],
"NetworkInterfaces": [
{
"DeleteOnTermination": "true",
"DeviceIndex": 0,
"SubnetId": {
"Ref": "subnetf55ae882"
},
"PrivateIpAddresses": [
{
"PrivateIpAddress": "10.1.50.137",
"Primary": "true"
}
],
"GroupSet": [
{
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511BastionServerSecurityGroupY0WH6XQTFBVR"
}
],
"AssociatePublicIpAddress": "true"
}
]
}
},
"sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511NATSecurityGroupV1BJA14N1BVN": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Enable internal access to the NAT device",
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "CustomerName",
"Value": "aws"
}
]
}
},
"sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511BastionServerSecurityGroupY0WH6XQTFBVR": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Security Group for bastion server",
"VpcId": {
"Ref": "vpce96eea8c"
},
"Tags": [
{
"Key": "CustomerName",
"Value": "aws"
},
{
"Key": "Name",
"Value": "BastionServerSecurityGroup"
},
{
"Key": "LabName",
"Value": "827"
},
{
"Key": "ResourceGroup",
"Value": "CloudFormationResource"
}
]
}
},
"acl1": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Egress": "true",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "acl4d43c328"
}
}
},
"acl2": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "acl4d43c328"
}
}
},
"acl3": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Egress": "true",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "acla8eae0ca"
}
}
},
"acl4": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"CidrBlock": "0.0.0.0/0",
"Protocol": "-1",
"RuleAction": "allow",
"RuleNumber": "100",
"NetworkAclId": {
"Ref": "acla8eae0ca"
}
}
},
"subnetacl1": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "acl4d43c328"
},
"SubnetId": {
"Ref": "subnetf45ae883"
}
}
},
"subnetacl2": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "acl4d43c328"
},
"SubnetId": {
"Ref": "subnetf55ae882"
}
}
},
"subnetacl3": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "acla8eae0ca"
},
"SubnetId": "subnet-e956639d"
}
},
"subnetacl4": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "acla8eae0ca"
},
"SubnetId": "subnet-07b2b965"
}
},
"subnetacl5": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"NetworkAclId": {
"Ref": "acla8eae0ca"
},
"SubnetId": "subnet-a9f6a2ef"
}
},
"gw1": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "vpce96eea8c"
},
"InternetGatewayId": {
"Ref": "igw50c96e35"
}
}
},
"subnetroute1": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "rtb2ef47a4b"
},
"SubnetId": {
"Ref": "subnetf55ae882"
}
}
},
"subnetroute2": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "rtbbdf6fcdf"
},
"SubnetId": "subnet-a9f6a2ef"
}
},
"subnetroute3": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "rtbbdf6fcdf"
},
"SubnetId": "subnet-e956639d"
}
},
"subnetroute5": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "rtbbdf6fcdf"
},
"SubnetId": "subnet-07b2b965"
}
},
"subnetroute6": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "rtb2ff47a4a"
},
"SubnetId": {
"Ref": "subnetf45ae883"
}
}
},
"route1": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "rtb2ef47a4b"
},
"InstanceId": {
"Ref": "instancei2744d9d1"
}
}
},
"route2": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "rtbbdf6fcdf"
},
"GatewayId": "igw-13b6bd71"
}
},
"route3": {
"Type": "AWS::EC2::Route",
"Properties": {
"DestinationCidrBlock": "0.0.0.0/0",
"RouteTableId": {
"Ref": "rtb2ff47a4a"
},
"GatewayId": {
"Ref": "igw50c96e35"
}
},
"DependsOn": "gw1"
},
"ingress1": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511NATSecurityGroupV1BJA14N1BVN"
},
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": {
"Ref" : "BastionSecurityCIDR"
}
}
},
"ingress2": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511NATSecurityGroupV1BJA14N1BVN"
},
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": {
"Ref" : "BastionSecurityCIDR"
}
}
},
"ingress3": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511BastionServerSecurityGroupY0WH6XQTFBVR"
},
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": {
"Ref" : "BastionSecurityCIDR"
}
}
},
"egress1": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511NATSecurityGroupV1BJA14N1BVN"
},
"IpProtocol": "-1",
"CidrIp": {
"Ref" : "BastionSecurityCIDR"
}
}
},
"egress2": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511NATSecurityGroupV1BJA14N1BVN"
},
"IpProtocol": "-1",
"CidrIp": {
"Ref" : "BastionSecurityCIDR"
}
}
},
"egress3": {
"Type": "AWS::EC2::SecurityGroupEgress",
"Properties": {
"GroupId": {
"Ref": "sgqlstack2labinstance25458600ace3e0fffd4b99a2e0e4100154e511BastionServerSecurityGroupY0WH6XQTFBVR"
},
"IpProtocol": "-1",
"CidrIp": {
"Ref" : "BastionSecurityCIDR"
}
}
}
},
"Description": ""
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment