cfndk 0.0.2 → 0.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/README.md +86 -36
- data/bin/cfndk +20 -16
- data/lib/cfndk/{parameter_string.rb → erb_string.rb} +1 -1
- data/lib/cfndk/key_pair.rb +44 -0
- data/lib/cfndk/key_pairs.rb +27 -0
- data/lib/cfndk/stack.rb +1 -1
- data/lib/cfndk/stacks.rb +27 -12
- data/lib/cfndk/version.rb +1 -1
- data/lib/cfndk.rb +3 -1
- data/sample/cfndk.yml +24 -12
- data/sample/db/db.yaml +136 -0
- data/sample/db/prod.json +68 -0
- data/sample/elb/elb.yaml +8 -0
- data/sample/elb/prod.json +0 -0
- data/sample/iam/iam.yaml +53 -0
- data/sample/iam/prod.json +12 -0
- data/sample/key/.gitkeep +0 -0
- data/sample/network/network.yaml +333 -0
- data/sample/network/prod.json +44 -0
- data/sample/sg/prod.json +8 -0
- data/sample/sg/sg.yaml +51 -0
- data/sample/web/prod.json +48 -0
- data/sample/web/web.yaml +132 -0
- data/skel/cfndk.yml +4 -0
- metadata +18 -4
- data/README-ja.md +0 -282
data/sample/db/db.yaml
ADDED
@@ -0,0 +1,136 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: DB Stack
|
3
|
+
Parameters:
|
4
|
+
# ------------------------------------------------------------#
|
5
|
+
# Input Parameters
|
6
|
+
# ------------------------------------------------------------#
|
7
|
+
VpcName:
|
8
|
+
Type: String
|
9
|
+
Environment:
|
10
|
+
Type: String
|
11
|
+
MySQLMajorVersion:
|
12
|
+
Type: String
|
13
|
+
Default: "5.7"
|
14
|
+
AllowedValues: [ "5.5", "5.6", "5.7" ]
|
15
|
+
DBInstanceClass:
|
16
|
+
Type: String
|
17
|
+
Default: "db.m4.large"
|
18
|
+
DBInstanceStorageSize:
|
19
|
+
Type: String
|
20
|
+
Default: "30"
|
21
|
+
DBInstanceStorageType:
|
22
|
+
Type: String
|
23
|
+
Default: "gp2"
|
24
|
+
DBName:
|
25
|
+
Type: String
|
26
|
+
Default: "db"
|
27
|
+
DBRestore:
|
28
|
+
Default: "false"
|
29
|
+
Type: String
|
30
|
+
AllowedValues: [ "true", "false" ]
|
31
|
+
DBSnapshotId:
|
32
|
+
Type: String
|
33
|
+
DBMasterUserName:
|
34
|
+
Type: String
|
35
|
+
Default: "dbuser"
|
36
|
+
NoEcho: true
|
37
|
+
MinLength: 1
|
38
|
+
MaxLength: 16
|
39
|
+
AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*"
|
40
|
+
ConstraintDescription: "must begin with a letter and contain only alphanumeric characters."
|
41
|
+
DBPassword:
|
42
|
+
Default: "dbpassword"
|
43
|
+
NoEcho: true
|
44
|
+
Type: String
|
45
|
+
MinLength: 8
|
46
|
+
MaxLength: 41
|
47
|
+
AllowedPattern: "[a-zA-Z0-9]*"
|
48
|
+
ConstraintDescription: "must contain only alphanumeric characters."
|
49
|
+
MultiAZ:
|
50
|
+
Default: "false"
|
51
|
+
Type: String
|
52
|
+
AllowedValues: [ "true", "false" ]
|
53
|
+
CopyTagsToSnapshot:
|
54
|
+
Default: "false"
|
55
|
+
Type: String
|
56
|
+
AllowedValues: [ "true", "false" ]
|
57
|
+
OptionalPreferredBackupWindow:
|
58
|
+
Type: String
|
59
|
+
ConstraintDescription: "Must be like 18:00-18:30"
|
60
|
+
OptionalPreferredMaintenanceWindow:
|
61
|
+
Type: String
|
62
|
+
ConstraintDescription: "Must be like sat:19:00-sat:19:30"
|
63
|
+
OptionalBackupRetentionPeriod:
|
64
|
+
Type: String
|
65
|
+
ConstraintDescription: "Must be like 7"
|
66
|
+
Conditions:
|
67
|
+
IsOptionalDBRestore:
|
68
|
+
!Equals [!Ref DBRestore, 'true']
|
69
|
+
IsOptionalPreferredBackupWindow:
|
70
|
+
!Not [!Equals [!Ref OptionalPreferredBackupWindow, '']]
|
71
|
+
IsOptionalPreferredMaintenanceWindow:
|
72
|
+
!Not [!Equals [!Ref OptionalPreferredMaintenanceWindow, '']]
|
73
|
+
IsOptionalBackupRetentionPeriod:
|
74
|
+
!Not [!Equals [!Ref OptionalBackupRetentionPeriod, '']]
|
75
|
+
Resources:
|
76
|
+
DBInstance:
|
77
|
+
Type: AWS::RDS::DBInstance
|
78
|
+
Properties:
|
79
|
+
DBInstanceIdentifier: !Sub "${VpcName}-${Environment}-Db"
|
80
|
+
Engine: MySQL
|
81
|
+
EngineVersion: !Sub "${MySQLMajorVersion}.22"
|
82
|
+
DBInstanceClass: !Ref DBInstanceClass
|
83
|
+
AllocatedStorage: !Ref DBInstanceStorageSize
|
84
|
+
StorageType: !Ref DBInstanceStorageType
|
85
|
+
DBName: !Ref DBName
|
86
|
+
DBSnapshotIdentifier:
|
87
|
+
!If [IsOptionalDBRestore, !Ref DBSnapshotId, !Ref "AWS::NoValue"]
|
88
|
+
MasterUsername:
|
89
|
+
!If [IsOptionalDBRestore, "!Ref AWS::NoValue", !Ref DBMasterUserName]
|
90
|
+
MasterUserPassword:
|
91
|
+
!If [IsOptionalDBRestore, "!Ref AWS::NoValue", !Ref DBPassword]
|
92
|
+
DBSubnetGroupName: !Ref DBSubnetGroup
|
93
|
+
PubliclyAccessible: false
|
94
|
+
MultiAZ: !Ref MultiAZ
|
95
|
+
PreferredBackupWindow:
|
96
|
+
!If [IsOptionalPreferredBackupWindow, !Ref OptionalPreferredBackupWindow, !Ref "AWS::NoValue"]
|
97
|
+
PreferredMaintenanceWindow:
|
98
|
+
!If [IsOptionalPreferredMaintenanceWindow, !Ref OptionalPreferredMaintenanceWindow, !Ref "AWS::NoValue"]
|
99
|
+
AutoMinorVersionUpgrade: false
|
100
|
+
DBParameterGroupName: !Ref DBParameterGroup
|
101
|
+
VPCSecurityGroups:
|
102
|
+
- { "Fn::ImportValue": !Sub "${VpcName}-DbSg" }
|
103
|
+
CopyTagsToSnapshot: !Ref CopyTagsToSnapshot
|
104
|
+
BackupRetentionPeriod:
|
105
|
+
!If [IsOptionalBackupRetentionPeriod, !Ref OptionalBackupRetentionPeriod, !Ref "AWS::NoValue"]
|
106
|
+
Port: 3306
|
107
|
+
Tags:
|
108
|
+
- Key: Name
|
109
|
+
Value: !Sub "${VpcName}-${Environment}-Db"
|
110
|
+
DeletionPolicy: Delete
|
111
|
+
DBParameterGroup:
|
112
|
+
Type: AWS::RDS::DBParameterGroup
|
113
|
+
Properties:
|
114
|
+
Family: !Sub "MySQL${MySQLMajorVersion}"
|
115
|
+
Description: !Sub "${VpcName}-${Environment}-Db-parm"
|
116
|
+
DBSubnetGroup:
|
117
|
+
Type: "AWS::RDS::DBSubnetGroup"
|
118
|
+
Properties:
|
119
|
+
DBSubnetGroupName: !Sub "${VpcName}-${Environment}-Db-subnet"
|
120
|
+
DBSubnetGroupDescription: "Db subnet group"
|
121
|
+
SubnetIds:
|
122
|
+
- { "Fn::ImportValue": !Sub "${VpcName}-${Environment}-Private-Subnet1" }
|
123
|
+
- { "Fn::ImportValue": !Sub "${VpcName}-${Environment}-Private-Subnet2" }
|
124
|
+
Outputs:
|
125
|
+
DBInstanceID:
|
126
|
+
Value: !Ref DBInstance
|
127
|
+
Export:
|
128
|
+
Name: !Sub "${VpcName}-${Environment}-Db-id"
|
129
|
+
DBInstanceEndpoint:
|
130
|
+
Value: !GetAtt DBInstance.Endpoint.Address
|
131
|
+
Export:
|
132
|
+
Name: !Sub "${VpcName}-${Environment}-Db-endpoint"
|
133
|
+
DBName:
|
134
|
+
Value: !Ref DBName
|
135
|
+
Export:
|
136
|
+
Name: !Sub "${VpcName}-${Environment}-Db-dbname"
|
data/sample/db/prod.json
ADDED
@@ -0,0 +1,68 @@
|
|
1
|
+
{
|
2
|
+
"Parameters": [
|
3
|
+
{
|
4
|
+
"ParameterKey": "VpcName",
|
5
|
+
"ParameterValue": "sample"
|
6
|
+
},
|
7
|
+
{
|
8
|
+
"ParameterKey": "Environment",
|
9
|
+
"ParameterValue": "Prod"
|
10
|
+
},
|
11
|
+
{
|
12
|
+
"ParameterKey": "MySQLMajorVersion",
|
13
|
+
"ParameterValue": "5.7"
|
14
|
+
},
|
15
|
+
{
|
16
|
+
"ParameterKey": "DBInstanceClass",
|
17
|
+
"ParameterValue": "db.t2.micro"
|
18
|
+
},
|
19
|
+
{
|
20
|
+
"ParameterKey": "DBInstanceStorageSize",
|
21
|
+
"ParameterValue": "10"
|
22
|
+
},
|
23
|
+
{
|
24
|
+
"ParameterKey": "DBInstanceStorageType",
|
25
|
+
"ParameterValue": "gp2"
|
26
|
+
},
|
27
|
+
{
|
28
|
+
"ParameterKey": "DBName",
|
29
|
+
"ParameterValue": "db"
|
30
|
+
},
|
31
|
+
{
|
32
|
+
"ParameterKey": "DBRestore",
|
33
|
+
"ParameterValue": "false"
|
34
|
+
},
|
35
|
+
{
|
36
|
+
"ParameterKey": "DBSnapshotId",
|
37
|
+
"ParameterValue": ""
|
38
|
+
},
|
39
|
+
{
|
40
|
+
"ParameterKey": "DBMasterUserName",
|
41
|
+
"ParameterValue": "dbuser"
|
42
|
+
},
|
43
|
+
{
|
44
|
+
"ParameterKey": "DBPassword",
|
45
|
+
"ParameterValue": "dbpassword"
|
46
|
+
},
|
47
|
+
{
|
48
|
+
"ParameterKey": "MultiAZ",
|
49
|
+
"ParameterValue": "false"
|
50
|
+
},
|
51
|
+
{
|
52
|
+
"ParameterKey": "CopyTagsToSnapshot",
|
53
|
+
"ParameterValue": "false"
|
54
|
+
},
|
55
|
+
{
|
56
|
+
"ParameterKey": "OptionalPreferredBackupWindow",
|
57
|
+
"ParameterValue": ""
|
58
|
+
},
|
59
|
+
{
|
60
|
+
"ParameterKey": "OptionalPreferredMaintenanceWindow",
|
61
|
+
"ParameterValue": ""
|
62
|
+
},
|
63
|
+
{
|
64
|
+
"ParameterKey": "OptionalBackupRetentionPeriod",
|
65
|
+
"ParameterValue": ""
|
66
|
+
}
|
67
|
+
]
|
68
|
+
}
|
data/sample/elb/elb.yaml
ADDED
File without changes
|
data/sample/iam/iam.yaml
ADDED
@@ -0,0 +1,53 @@
|
|
1
|
+
AWSTemplateFormatVersion: 2010-09-09
|
2
|
+
Description: IAM EC2 Role Stack
|
3
|
+
Parameters:
|
4
|
+
WebRoleName:
|
5
|
+
Description: Name for WebRole
|
6
|
+
Type: String
|
7
|
+
WebInstanceProfileName:
|
8
|
+
Description: Name for WebInstanceProfile
|
9
|
+
Type: String
|
10
|
+
Resources:
|
11
|
+
WebRole:
|
12
|
+
Type: AWS::IAM::Role
|
13
|
+
Properties:
|
14
|
+
AssumeRolePolicyDocument:
|
15
|
+
Version: "2012-10-17"
|
16
|
+
Statement:
|
17
|
+
-
|
18
|
+
Effect: "Allow"
|
19
|
+
Principal:
|
20
|
+
Service:
|
21
|
+
- "ec2.amazonaws.com"
|
22
|
+
Action:
|
23
|
+
- "sts:AssumeRole"
|
24
|
+
Path: "/"
|
25
|
+
Policies:
|
26
|
+
-
|
27
|
+
PolicyName: "root"
|
28
|
+
PolicyDocument:
|
29
|
+
Version: "2012-10-17"
|
30
|
+
Statement:
|
31
|
+
-
|
32
|
+
Effect: "Allow"
|
33
|
+
Action: "*"
|
34
|
+
Resource: "*"
|
35
|
+
RoleName: !Ref WebRoleName
|
36
|
+
WebInstanceProfile:
|
37
|
+
Type: AWS::IAM::InstanceProfile
|
38
|
+
Properties:
|
39
|
+
Path: "/"
|
40
|
+
Roles:
|
41
|
+
- !Ref WebRole
|
42
|
+
InstanceProfileName: !Ref WebInstanceProfileName
|
43
|
+
Outputs:
|
44
|
+
WebInstanceProfile:
|
45
|
+
Description: Web Instance Profile
|
46
|
+
Value: !Ref WebRoleName
|
47
|
+
Export:
|
48
|
+
Name: !Ref WebInstanceProfileName
|
49
|
+
WebRole:
|
50
|
+
Description: WebIam Role
|
51
|
+
Value: !Ref WebRole
|
52
|
+
Export:
|
53
|
+
Name: !Ref WebRoleName
|
data/sample/key/.gitkeep
ADDED
File without changes
|
@@ -0,0 +1,333 @@
|
|
1
|
+
AWSTemplateFormatVersion: '2010-09-09'
|
2
|
+
Description: Network Stack
|
3
|
+
Parameters:
|
4
|
+
VpcName:
|
5
|
+
Description: Name for this VPC
|
6
|
+
Type: String
|
7
|
+
VpcCidr:
|
8
|
+
Description: CIDR Block for the VPC
|
9
|
+
Type: String
|
10
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
11
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
12
|
+
InternalDnsName:
|
13
|
+
Description: Internal DNS name
|
14
|
+
Type: String
|
15
|
+
Environment:
|
16
|
+
Description: Name for this Environment
|
17
|
+
Type: String
|
18
|
+
PublicSubnet1Cidr:
|
19
|
+
Description: CIDR Block for the subnet
|
20
|
+
Type: String
|
21
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
22
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
23
|
+
PublicSubnet2Cidr:
|
24
|
+
Description: CIDR Block for the subnet
|
25
|
+
Type: String
|
26
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
27
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
28
|
+
WebSubnet1Cidr:
|
29
|
+
Description: CIDR Block for the subnet
|
30
|
+
Type: String
|
31
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
32
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
33
|
+
WebSubnet2Cidr:
|
34
|
+
Description: CIDR Block for the subnet
|
35
|
+
Type: String
|
36
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
37
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
38
|
+
PrivateSubnet1Cidr:
|
39
|
+
Description: CIDR Block for the subnet
|
40
|
+
Type: String
|
41
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
42
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
43
|
+
PrivateSubnet2Cidr:
|
44
|
+
Description: CIDR Block for the subnet
|
45
|
+
Type: String
|
46
|
+
AllowedPattern: '[a-zA-Z0-9]+\..+'
|
47
|
+
ConstraintDescription: Must be like 192.168.0.0/24
|
48
|
+
Resources:
|
49
|
+
Vpc:
|
50
|
+
Type: AWS::EC2::VPC
|
51
|
+
Properties:
|
52
|
+
CidrBlock: !Ref VpcCidr
|
53
|
+
EnableDnsHostnames: true
|
54
|
+
Tags:
|
55
|
+
- Key: Name
|
56
|
+
Value: !Sub ${VpcName}-VPC
|
57
|
+
Igw:
|
58
|
+
Type: AWS::EC2::InternetGateway
|
59
|
+
Properties:
|
60
|
+
Tags:
|
61
|
+
- Key: Name
|
62
|
+
Value: !Sub ${VpcName}-IGW
|
63
|
+
IgwAttachement:
|
64
|
+
Type: AWS::EC2::VPCGatewayAttachment
|
65
|
+
Properties:
|
66
|
+
InternetGatewayId: !Ref Igw
|
67
|
+
VpcId: !Ref Vpc
|
68
|
+
InternalDns:
|
69
|
+
Type: AWS::Route53::HostedZone
|
70
|
+
Properties:
|
71
|
+
HostedZoneConfig:
|
72
|
+
Comment: Internal DNS
|
73
|
+
Name: !Ref InternalDnsName
|
74
|
+
VPCs:
|
75
|
+
- VPCId: !Ref Vpc
|
76
|
+
VPCRegion: !Ref AWS::Region
|
77
|
+
HostedZoneTags:
|
78
|
+
- Key: Name
|
79
|
+
Value: InternalDns
|
80
|
+
PublicSubnet1:
|
81
|
+
Type: AWS::EC2::Subnet
|
82
|
+
Properties:
|
83
|
+
CidrBlock: !Ref PublicSubnet1Cidr
|
84
|
+
VpcId: !Ref Vpc
|
85
|
+
AvailabilityZone: !Select
|
86
|
+
- 0
|
87
|
+
- Fn::GetAZs: !Ref 'AWS::Region'
|
88
|
+
MapPublicIpOnLaunch: true
|
89
|
+
Tags:
|
90
|
+
- Key: Name
|
91
|
+
Value: !Sub ${VpcName}-${Environment}-Public-Subnet1
|
92
|
+
PublicSubnet2:
|
93
|
+
Type: AWS::EC2::Subnet
|
94
|
+
Properties:
|
95
|
+
CidrBlock: !Ref PublicSubnet2Cidr
|
96
|
+
VpcId: !Ref Vpc
|
97
|
+
AvailabilityZone: !Select
|
98
|
+
- 1
|
99
|
+
- Fn::GetAZs: !Ref 'AWS::Region'
|
100
|
+
MapPublicIpOnLaunch: true
|
101
|
+
Tags:
|
102
|
+
- Key: Name
|
103
|
+
Value: !Sub ${VpcName}-${Environment}-Public-Subnet2
|
104
|
+
WebSubnet1:
|
105
|
+
Type: AWS::EC2::Subnet
|
106
|
+
Properties:
|
107
|
+
CidrBlock: !Ref WebSubnet1Cidr
|
108
|
+
VpcId: !Ref Vpc
|
109
|
+
AvailabilityZone: !Select
|
110
|
+
- 0
|
111
|
+
- Fn::GetAZs: !Ref 'AWS::Region'
|
112
|
+
MapPublicIpOnLaunch: false
|
113
|
+
Tags:
|
114
|
+
- Key: Name
|
115
|
+
Value: !Sub ${VpcName}-${Environment}-Web-Subnet1
|
116
|
+
WebSubnet2:
|
117
|
+
Type: AWS::EC2::Subnet
|
118
|
+
Properties:
|
119
|
+
CidrBlock: !Ref WebSubnet2Cidr
|
120
|
+
VpcId: !Ref Vpc
|
121
|
+
AvailabilityZone: !Select
|
122
|
+
- 1
|
123
|
+
- Fn::GetAZs: !Ref 'AWS::Region'
|
124
|
+
MapPublicIpOnLaunch: false
|
125
|
+
Tags:
|
126
|
+
- Key: Name
|
127
|
+
Value: !Sub ${VpcName}-${Environment}-Web-Subnet2
|
128
|
+
PrivateSubnet1:
|
129
|
+
Type: AWS::EC2::Subnet
|
130
|
+
Properties:
|
131
|
+
CidrBlock: !Ref PrivateSubnet1Cidr
|
132
|
+
VpcId: !Ref Vpc
|
133
|
+
AvailabilityZone: !Select
|
134
|
+
- 0
|
135
|
+
- Fn::GetAZs: !Ref 'AWS::Region'
|
136
|
+
Tags:
|
137
|
+
- Key: Name
|
138
|
+
Value: !Sub ${VpcName}-${Environment}-Private-Subnet1
|
139
|
+
PrivateSubnet2:
|
140
|
+
Type: AWS::EC2::Subnet
|
141
|
+
Properties:
|
142
|
+
CidrBlock: !Ref PrivateSubnet2Cidr
|
143
|
+
VpcId: !Ref Vpc
|
144
|
+
AvailabilityZone: !Select
|
145
|
+
- 1
|
146
|
+
- Fn::GetAZs: !Ref 'AWS::Region'
|
147
|
+
Tags:
|
148
|
+
- Key: Name
|
149
|
+
Value: !Sub ${VpcName}-${Environment}-Private-Subnet2
|
150
|
+
PublicSubnetRT:
|
151
|
+
Type: AWS::EC2::RouteTable
|
152
|
+
Properties:
|
153
|
+
VpcId: !Ref Vpc
|
154
|
+
Tags:
|
155
|
+
- Key: Name
|
156
|
+
Value: !Sub ${VpcName}-${Environment}-Public-SubnetRT
|
157
|
+
PublicSubnetToInternetRoute:
|
158
|
+
Type: AWS::EC2::Route
|
159
|
+
Properties:
|
160
|
+
RouteTableId: !Ref PublicSubnetRT
|
161
|
+
GatewayId: !Ref Igw
|
162
|
+
DestinationCidrBlock: 0.0.0.0/0
|
163
|
+
PublicSubnetRTAssociationToPublicSubnet1:
|
164
|
+
Type: AWS::EC2::SubnetRouteTableAssociation
|
165
|
+
Properties:
|
166
|
+
RouteTableId: !Ref PublicSubnetRT
|
167
|
+
SubnetId: !Ref PublicSubnet1
|
168
|
+
PublicSubnetRTAssociationToPublicSubnet2:
|
169
|
+
Type: AWS::EC2::SubnetRouteTableAssociation
|
170
|
+
Properties:
|
171
|
+
RouteTableId: !Ref PublicSubnetRT
|
172
|
+
SubnetId: !Ref PublicSubnet2
|
173
|
+
WebSubnetRT1:
|
174
|
+
Type: AWS::EC2::RouteTable
|
175
|
+
Properties:
|
176
|
+
VpcId: !Ref Vpc
|
177
|
+
Tags:
|
178
|
+
- Key: Name
|
179
|
+
Value: !Sub ${VpcName}-${Environment}-Web-SubnetRT1
|
180
|
+
WebSubnetRT2:
|
181
|
+
Type: AWS::EC2::RouteTable
|
182
|
+
Properties:
|
183
|
+
VpcId: !Ref Vpc
|
184
|
+
Tags:
|
185
|
+
- Key: Name
|
186
|
+
Value: !Sub ${VpcName}-${Environment}-Web-SubnetRT2
|
187
|
+
WebSubnetRTAssociationToPublicSubnet1:
|
188
|
+
Type: AWS::EC2::SubnetRouteTableAssociation
|
189
|
+
Properties:
|
190
|
+
RouteTableId: !Ref WebSubnetRT1
|
191
|
+
SubnetId: !Ref WebSubnet1
|
192
|
+
WebSubnetRTAssociationToPublicSubnet2:
|
193
|
+
Type: AWS::EC2::SubnetRouteTableAssociation
|
194
|
+
Properties:
|
195
|
+
RouteTableId: !Ref WebSubnetRT2
|
196
|
+
SubnetId: !Ref WebSubnet2
|
197
|
+
PrivateSubnetRT1:
|
198
|
+
Type: AWS::EC2::RouteTable
|
199
|
+
Properties:
|
200
|
+
VpcId: !Ref Vpc
|
201
|
+
Tags:
|
202
|
+
- Key: Name
|
203
|
+
Value: !Sub ${VpcName}-${Environment}-Private-SubnetRT1
|
204
|
+
PrivateSubnetRT2:
|
205
|
+
Type: AWS::EC2::RouteTable
|
206
|
+
Properties:
|
207
|
+
VpcId: !Ref Vpc
|
208
|
+
Tags:
|
209
|
+
- Key: Name
|
210
|
+
Value: !Sub ${VpcName}-${Environment}-Private-SubnetRT2
|
211
|
+
PrivateSubnetRT1AssociationToPrivateSubnet1:
|
212
|
+
Type: AWS::EC2::SubnetRouteTableAssociation
|
213
|
+
Properties:
|
214
|
+
RouteTableId: !Ref PrivateSubnetRT1
|
215
|
+
SubnetId: !Ref PrivateSubnet1
|
216
|
+
PrivateSubnetRT2AssociationToPrivateSubnet2:
|
217
|
+
Type: AWS::EC2::SubnetRouteTableAssociation
|
218
|
+
Properties:
|
219
|
+
RouteTableId: !Ref PrivateSubnetRT2
|
220
|
+
SubnetId: !Ref PrivateSubnet2
|
221
|
+
NatEip1:
|
222
|
+
Type: AWS::EC2::EIP
|
223
|
+
Properties: {}
|
224
|
+
NatEip2:
|
225
|
+
Type: AWS::EC2::EIP
|
226
|
+
Properties: {}
|
227
|
+
NatGw1:
|
228
|
+
Type: AWS::EC2::NatGateway
|
229
|
+
Properties:
|
230
|
+
SubnetId: !Ref PublicSubnet1
|
231
|
+
AllocationId:
|
232
|
+
Fn::GetAtt:
|
233
|
+
- NatEip1
|
234
|
+
- AllocationId
|
235
|
+
Tags:
|
236
|
+
- Key: Name
|
237
|
+
Value: !Sub ${VpcName}-${Environment}-NATGW1
|
238
|
+
NatGw2:
|
239
|
+
Type: AWS::EC2::NatGateway
|
240
|
+
Properties:
|
241
|
+
SubnetId: !Ref PublicSubnet2
|
242
|
+
AllocationId:
|
243
|
+
Fn::GetAtt:
|
244
|
+
- NatEip2
|
245
|
+
- AllocationId
|
246
|
+
Tags:
|
247
|
+
- Key: Name
|
248
|
+
Value: !Sub ${VpcName}-${Environment}-NATGW2
|
249
|
+
PrivateSubnet1ToInternetRoute:
|
250
|
+
Type: AWS::EC2::Route
|
251
|
+
Properties:
|
252
|
+
RouteTableId: !Ref PrivateSubnetRT1
|
253
|
+
NatGatewayId: !Ref NatGw1
|
254
|
+
DestinationCidrBlock: 0.0.0.0/0
|
255
|
+
PrivateSubnet2ToInternetRoute:
|
256
|
+
Type: AWS::EC2::Route
|
257
|
+
Properties:
|
258
|
+
RouteTableId: !Ref PrivateSubnetRT2
|
259
|
+
NatGatewayId: !Ref NatGw2
|
260
|
+
DestinationCidrBlock: 0.0.0.0/0
|
261
|
+
WebSubnet1ToInternetRoute:
|
262
|
+
Type: AWS::EC2::Route
|
263
|
+
Properties:
|
264
|
+
RouteTableId: !Ref WebSubnetRT1
|
265
|
+
NatGatewayId: !Ref NatGw1
|
266
|
+
DestinationCidrBlock: 0.0.0.0/0
|
267
|
+
WebSubnet2ToInternetRoute:
|
268
|
+
Type: AWS::EC2::Route
|
269
|
+
Properties:
|
270
|
+
RouteTableId: !Ref WebSubnetRT2
|
271
|
+
NatGatewayId: !Ref NatGw2
|
272
|
+
DestinationCidrBlock: 0.0.0.0/0
|
273
|
+
Outputs:
|
274
|
+
VpcCidr:
|
275
|
+
Description: VPC CIDR
|
276
|
+
Value: !GetAtt Vpc.CidrBlock
|
277
|
+
Export:
|
278
|
+
Name: !Sub ${VpcName}-VpcCidr
|
279
|
+
VpcId:
|
280
|
+
Description: VPC ID
|
281
|
+
Value: !Ref Vpc
|
282
|
+
Export:
|
283
|
+
Name: !Sub ${VpcName}-VpcId
|
284
|
+
Igw:
|
285
|
+
Description: InternetGateway of this VPC
|
286
|
+
Value: !Ref Igw
|
287
|
+
Export:
|
288
|
+
Name: !Sub ${VpcName}-IGW
|
289
|
+
IgwAttachement:
|
290
|
+
Description: InternetGatewayAttachement of this VPC
|
291
|
+
Value: !Ref IgwAttachement
|
292
|
+
Export:
|
293
|
+
Name: !Sub ${VpcName}-IGW-Attachement
|
294
|
+
InternalDnsName:
|
295
|
+
Description: Internal DNS zone name
|
296
|
+
Value: !Join [ ".", [ !Ref InternalDnsName, "" ]]
|
297
|
+
Export:
|
298
|
+
Name: !Sub ${VpcName}-InternalDnsName
|
299
|
+
InternalDns:
|
300
|
+
Description: Internal DNS zone id
|
301
|
+
Value: !Ref InternalDns
|
302
|
+
Export:
|
303
|
+
Name: !Sub ${VpcName}-InternalDns
|
304
|
+
PrivateSubnet1:
|
305
|
+
Description: Private Subnet 1 Id
|
306
|
+
Value: !Ref PrivateSubnet1
|
307
|
+
Export:
|
308
|
+
Name: !Sub ${VpcName}-${Environment}-Private-Subnet1
|
309
|
+
PrivateSubnet2:
|
310
|
+
Description: Private Subnet 2 Id
|
311
|
+
Value: !Ref PrivateSubnet2
|
312
|
+
Export:
|
313
|
+
Name: !Sub ${VpcName}-${Environment}-Private-Subnet2
|
314
|
+
WebSubnet1:
|
315
|
+
Description: Web Subnet 1 Id
|
316
|
+
Value: !Ref WebSubnet1
|
317
|
+
Export:
|
318
|
+
Name: !Sub ${VpcName}-${Environment}-Web-Subnet1
|
319
|
+
WebSubnet2:
|
320
|
+
Description: Web Subnet 2 Id
|
321
|
+
Value: !Ref WebSubnet2
|
322
|
+
Export:
|
323
|
+
Name: !Sub ${VpcName}-${Environment}-Web-Subnet2
|
324
|
+
PublicSubnet1:
|
325
|
+
Description: Public Subnet 1 Id
|
326
|
+
Value: !Ref PublicSubnet1
|
327
|
+
Export:
|
328
|
+
Name: !Sub ${VpcName}-${Environment}-Public-Subnet1
|
329
|
+
PublicSubnet2:
|
330
|
+
Description: Public Subnet 2 Id
|
331
|
+
Value: !Ref PublicSubnet2
|
332
|
+
Export:
|
333
|
+
Name: !Sub ${VpcName}-${Environment}-Public-Subnet2
|
@@ -0,0 +1,44 @@
|
|
1
|
+
{
|
2
|
+
"Parameters": [
|
3
|
+
{
|
4
|
+
"ParameterKey": "VpcName",
|
5
|
+
"ParameterValue": "sample"
|
6
|
+
},
|
7
|
+
{
|
8
|
+
"ParameterKey": "VpcCidr",
|
9
|
+
"ParameterValue": "10.199.0.0/16"
|
10
|
+
},
|
11
|
+
{
|
12
|
+
"ParameterKey": "InternalDnsName",
|
13
|
+
"ParameterValue": "sample.local"
|
14
|
+
},
|
15
|
+
{
|
16
|
+
"ParameterKey": "Environment",
|
17
|
+
"ParameterValue": "Prod"
|
18
|
+
},
|
19
|
+
{
|
20
|
+
"ParameterKey": "PublicSubnet1Cidr",
|
21
|
+
"ParameterValue": "10.199.1.0/25"
|
22
|
+
},
|
23
|
+
{
|
24
|
+
"ParameterKey": "PublicSubnet2Cidr",
|
25
|
+
"ParameterValue": "10.199.1.128/25"
|
26
|
+
},
|
27
|
+
{
|
28
|
+
"ParameterKey": "WebSubnet1Cidr",
|
29
|
+
"ParameterValue": "10.199.2.0/25"
|
30
|
+
},
|
31
|
+
{
|
32
|
+
"ParameterKey": "WebSubnet2Cidr",
|
33
|
+
"ParameterValue": "10.199.2.128/25"
|
34
|
+
},
|
35
|
+
{
|
36
|
+
"ParameterKey": "PrivateSubnet1Cidr",
|
37
|
+
"ParameterValue": "10.199.3.0/25"
|
38
|
+
},
|
39
|
+
{
|
40
|
+
"ParameterKey": "PrivateSubnet2Cidr",
|
41
|
+
"ParameterValue": "10.199.3.128/25"
|
42
|
+
}
|
43
|
+
]
|
44
|
+
}
|