Last active
December 12, 2015 09:39
-
-
Save armaniacs/4752951 to your computer and use it in GitHub Desktop.
JAWS yokohama VPC meta
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion" : "2010-09-09", | |
| "Description" : "Instance Deployment on existing vpc", | |
| "Parameters": { | |
| "SiteURL": { | |
| "Type": "String", | |
| "Default": "xxxxx.araki.in", | |
| "Description" : "Name of a FQDN for ec-site."}, | |
| "InstanceType" : { | |
| "Description" : "WebServer EC2 instance type", | |
| "Type" : "String", | |
| "Default" : "m1.small", | |
| "AllowedValues" : [ "t1.micro","m1.small","m1.medium","m1.large","m1.xlarge","m2.xlarge","m2.2xlarge","m2.4xlarge","c1.medium","c1.xlarge","cc1.4xlarge","cc2.8xlarge","cg1.4xlarge"], | |
| "ConstraintDescription" : "must be a valid EC2 instance type."}, | |
| "BackupWindow": { | |
| "Type": "String", | |
| "Default": "18:30-19:00", | |
| "Description": "The daily time range during which automated backups"}, | |
| "DBUser": { | |
| "Type": "String", | |
| "Default": "eccube_db", | |
| "Description": "RDS user"}, | |
| "DBPass": { | |
| "Type": "String", | |
| "Default": "eccube_db", | |
| "Description": "RDS password"} | |
| }, | |
| "Resources" : { | |
| "vpcMake" : { | |
| "Type" : "AWS::CloudFormation::Stack", | |
| "Properties" : { | |
| "TemplateURL" : "https://s3-ap-northeast-1.amazonaws.com/arakisa/CloudFormation/eccube-vpc-10vpc.json", | |
| "TimeoutInMinutes" : "60" | |
| } | |
| }, | |
| "dnscdpshoparakiin": { | |
| "Type": "AWS::Route53::RecordSet", | |
| "Properties": { | |
| "HostedZoneId": "/hostedzone/Z1TN0F06PFG5ZF", | |
| "Name": {"Ref":"SiteURL"}, | |
| "Type": "CNAME", | |
| "TTL": "300", | |
| "Comment": "araki.in ", | |
| "ResourceRecords": [ | |
| { "Fn::GetAtt" : [ "elbeccube", "DNSName" ] } | |
| ]}}, | |
| "elbeccube": { | |
| "Type": "AWS::ElasticLoadBalancing::LoadBalancer", | |
| "Properties": { | |
| "HealthCheck": { | |
| "HealthyThreshold": "10", | |
| "Interval": "30", | |
| "Target": "HTTP:80/", | |
| "Timeout": "5", | |
| "UnhealthyThreshold": "2" | |
| }, | |
| "Instances": [ | |
| {"Ref": "instancei2d5f6a2d"}, | |
| {"Ref": "instanceib3ba90b3"} | |
| ], | |
| "Listeners": [ | |
| { | |
| "InstancePort": "80", | |
| "LoadBalancerPort": "80", | |
| "Protocol": "HTTP", | |
| "PolicyNames": [ | |
| ] | |
| }], | |
| "Subnets": [ | |
| { "Fn::GetAtt" :["vpcMake", "Outputs.ELBSubnetAId"] }, | |
| { "Fn::GetAtt" :["vpcMake", "Outputs.ELBSubnetBId"] } | |
| ], | |
| "SecurityGroups" : [{"Ref" : "LoadBalancerSecurityGroup"}] | |
| }}, | |
| "LoadBalancerSecurityGroup" : { | |
| "Type" : "AWS::EC2::SecurityGroup", | |
| "Properties" : { | |
| "GroupDescription" : "Enable HTTP access on port 80", | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "SecurityGroupIngress" : [ { "IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0" } ], | |
| "SecurityGroupEgress" : [ { "IpProtocol" : "tcp", "FromPort" : "80", "ToPort" : "80", "CidrIp" : "0.0.0.0/0" } ] | |
| } | |
| }, | |
| "instanceib3ba90b3": { | |
| "Type": "AWS::EC2::Instance", | |
| "Properties": { | |
| "AvailabilityZone": "ap-northeast-1a", | |
| "DisableApiTermination": "FALSE", | |
| "ImageId": "ami-5259eb53", | |
| "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [ | |
| "#!/bin/bash \n", | |
| "sed -i \"s/cdpshop.araki.in/", | |
| {"Ref":"SiteURL"}, | |
| "/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "sed -i \"s/eccube.cpve4xcwndrv.ap-northeast-1.rds.amazonaws.com/", | |
| {"Fn::GetAtt": ["rdseccube","Endpoint.Address"]}, | |
| "/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "sed -i \"s/eccube_db/", | |
| {"Ref":"DBUser"}, | |
| "/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "sed -i \"s/DB_PASSWORD', 'kumokumo'/DB_PASSWORD', '", | |
| {"Ref":"DBPass"}, | |
| "'/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "#EOF" | |
| ]]}}, | |
| "InstanceType": {"Ref": "InstanceType"}, | |
| "KernelId": "aki-44992845", | |
| "Monitoring": "true", | |
| "SecurityGroupIds": [{"Ref": "sgeccube"},{"Ref": "sglog"},{"Ref": "sgwatch"}], | |
| "SubnetId": {"Fn::GetAtt":["vpcMake", "Outputs.ECSubnetAId"]}, | |
| "Tags": [ | |
| { "Key": "Name", | |
| "Value": "c-eccube-clone-2a"} | |
| ]}}, | |
| "instancei2d5f6a2d": { | |
| "Type": "AWS::EC2::Instance", | |
| "Properties": { | |
| "AvailabilityZone": "ap-northeast-1b", | |
| "DisableApiTermination": "FALSE", | |
| "ImageId": "ami-5259eb53", | |
| "UserData": { "Fn::Base64" : { "Fn::Join" : ["", [ | |
| "#!/bin/bash \n", | |
| "sed -i \"s/cdpshop.araki.in/", | |
| {"Ref":"SiteURL"}, | |
| "/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "sed -i \"s/eccube.cpve4xcwndrv.ap-northeast-1.rds.amazonaws.com/", | |
| {"Fn::GetAtt": ["rdseccube","Endpoint.Address"]}, | |
| "/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "sed -i \"s/eccube_db/", | |
| {"Ref":"DBUser"}, | |
| "/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "sed -i \"s/DB_PASSWORD', 'kumokumo'/DB_PASSWORD', '", | |
| {"Ref":"DBPass"}, | |
| "'/g\" /home/ec2-user/cdp/eccube/data/config/config.php\n", | |
| "#EOF" | |
| ]]}}, | |
| "InstanceType": {"Ref": "InstanceType"}, | |
| "KernelId": "aki-44992845", | |
| "Monitoring": "false", | |
| "SecurityGroupIds": [{"Ref": "sgeccube"},{"Ref": "sglog"},{"Ref": "sgwatch"}], | |
| "SubnetId": {"Fn::GetAtt":["vpcMake", "Outputs.ECSubnetBId"]}, | |
| "Tags": [ | |
| { | |
| "Key": "Name", | |
| "Value": "c-eccube-clone-2b" | |
| }]}}, | |
| "instanceLog": { | |
| "Type": "AWS::EC2::Instance", | |
| "Properties": { | |
| "AvailabilityZone": "ap-northeast-1b", | |
| "DisableApiTermination": "FALSE", | |
| "ImageId": "ami-5259eb53", | |
| "InstanceType": {"Ref": "InstanceType"}, | |
| "KernelId": "aki-44992845", | |
| "Monitoring": "false", | |
| "SecurityGroupIds": [{"Ref": "sglog"}], | |
| "SubnetId": {"Fn::GetAtt":["vpcMake", "Outputs.LogSubnetBId"]}, | |
| "Tags": [{"Key": "Name","Value": "Log analyzer"}] | |
| }}, | |
| "instanceWatch": { | |
| "Type": "AWS::EC2::Instance", | |
| "Properties": { | |
| "AvailabilityZone": "ap-northeast-1b", | |
| "DisableApiTermination": "FALSE", | |
| "ImageId": "ami-5259eb53", | |
| "InstanceType": {"Ref": "InstanceType"}, | |
| "KernelId": "aki-44992845", | |
| "Monitoring": "false", | |
| "SecurityGroupIds": [{"Ref": "sgwatch"}], | |
| "SubnetId": {"Fn::GetAtt":["vpcMake", "Outputs.WatchSubnetBId"]}, | |
| "Tags": [{"Key": "Name","Value": "Watcher"}] | |
| }}, | |
| "sgeccube": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "GroupDescription": "eccube2", | |
| "SecurityGroupIngress": [ | |
| { | |
| "IpProtocol": "tcp", | |
| "FromPort": "22", | |
| "ToPort": "22", | |
| "CidrIp": "0.0.0.0/0" | |
| }, | |
| { | |
| "IpProtocol": "tcp", | |
| "FromPort": "80", | |
| "ToPort": "80", | |
| "CidrIp": "0.0.0.0/0" | |
| } | |
| ]}}, | |
| "sglog": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "GroupDescription": "log analysis cluster", | |
| "SecurityGroupIngress": [ | |
| { | |
| "IpProtocol": "tcp", | |
| "FromPort": "22", | |
| "ToPort": "22", | |
| "CidrIp": "0.0.0.0/0" | |
| } | |
| ]}}, | |
| "sgwatch": { | |
| "Type": "AWS::EC2::SecurityGroup", | |
| "Properties": { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "GroupDescription": "watcher", | |
| "SecurityGroupIngress": [ | |
| { | |
| "IpProtocol": "tcp", | |
| "FromPort": "22", | |
| "ToPort": "22", | |
| "CidrIp": "0.0.0.0/0" | |
| } | |
| ]}}, | |
| "rdseccube": { | |
| "Type": "AWS::RDS::DBInstance", | |
| "Properties": { | |
| "MultiAZ": "true", | |
| "DBSnapshotIdentifier": "eccube-snapshot", | |
| "AllocatedStorage": "5", | |
| "BackupRetentionPeriod": "1", | |
| "DBInstanceClass": "db.m1.small", | |
| "DBParameterGroupName": "eccube", | |
| "Engine": "mysql", | |
| "EngineVersion": "5.5.23", | |
| "MasterUsername": {"Ref":"DBUser"}, | |
| "MasterUserPassword": {"Ref":"DBPass"}, | |
| "Port": "3306", | |
| "PreferredBackupWindow": {"Ref":"BackupWindow"}, | |
| "PreferredMaintenanceWindow": "thu:19:30-thu:20:00", | |
| "DBSecurityGroups": [{"Ref": "dbsgdefault"}], | |
| "DBSubnetGroupName" : { "Ref" : "MyDBSubnetGroup" } | |
| }}, | |
| "MyDBSubnetGroup" : { | |
| "Type" : "AWS::RDS::DBSubnetGroup", | |
| "Properties" : { | |
| "DBSubnetGroupDescription" : "Subnets available for the RDS DB Instance", | |
| "SubnetIds" : [ | |
| { "Fn::GetAtt" :["vpcMake", "Outputs.RDSSubnetAId"] }, | |
| { "Fn::GetAtt" :["vpcMake", "Outputs.RDSSubnetBId"] } | |
| ] | |
| } | |
| }, | |
| "dbsgdefault": { | |
| "Type": "AWS::RDS::DBSecurityGroup", | |
| "Properties":{ | |
| "GroupDescription": "RDS security group in private", | |
| "EC2VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "DBSecurityGroupIngress": [{ | |
| "CIDRIP": "10.1.20.0/23" | |
| } ] | |
| } | |
| }, | |
| "SSSubnetA" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "CidrBlock" : "10.1.200.0/24", | |
| "AvailabilityZone" : "ap-northeast-1a"}}, | |
| "SSSubnetB" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "CidrBlock" : "10.1.201.0/24", | |
| "AvailabilityZone" : "ap-northeast-1b"}}, | |
| "SSRouteTable" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "SS(fumidai)" } | |
| ]}}, | |
| "SSSubnetRouteTableAssociationSSA" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "SSSubnetA" }, | |
| "RouteTableId" : { "Ref" : "SSRouteTable" } | |
| }}, | |
| "SSSubnetRouteTableAssociationSSB" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "SSSubnetB" }, | |
| "RouteTableId" : { "Ref" : "SSRouteTable" } | |
| }}, | |
| "SSNetworkAcl" : { | |
| "Type" : "AWS::EC2::NetworkAcl", | |
| "Properties" : { | |
| "VpcId" : { "Fn::GetAtt" :["vpcMake", "Outputs.VPCID"] }, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "SS(fumidai)" } | |
| ]}}, | |
| "InboundSSNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "SSNetworkAcl"}, | |
| "RuleNumber" : "100", | |
| "Protocol" : "-1", | |
| "RuleAction" : "allow", | |
| "Egress" : "false", | |
| "CidrBlock" : "10.10.0.0/16" | |
| }}, | |
| "OutBoundSSNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "SSNetworkAcl"}, | |
| "RuleNumber" : "100", | |
| "Protocol" : "-1", | |
| "RuleAction" : "allow", | |
| "Egress" : "true", | |
| "CidrBlock" : "10.10.0.0/16" | |
| }}, | |
| "SSSubnetNetworkAclAssociationA" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "SSSubnetA" }, | |
| "NetworkAclId" : { "Ref" : "SSNetworkAcl" } | |
| }}, | |
| "SSSubnetNetworkAclAssociationB" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "SSSubnetB" }, | |
| "NetworkAclId" : { "Ref" : "SSNetworkAcl" } | |
| } | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion" : "2010-09-09", | |
| "Description" : "VPC and VPC with VPN subnet making for cdpshop", | |
| "Resources" : { | |
| "VPC" : { | |
| "Type" : "AWS::EC2::VPC", | |
| "Properties" : { | |
| "CidrBlock" : "10.1.0.0/16", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ]}}, | |
| "AttachGateway" : { | |
| "Type" : "AWS::EC2::VPCGatewayAttachment", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "InternetGatewayId" : {"Ref" : "InternetGateway"} | |
| }}, | |
| "ELBSubnetA" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.10.0/24", | |
| "AvailabilityZone" : "ap-northeast-1a", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ]}}, | |
| "ELBSubnetB" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.11.0/24", | |
| "AvailabilityZone" : "ap-northeast-1b", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ]}}, | |
| "InternetGateway" : { | |
| "Type" : "AWS::EC2::InternetGateway", | |
| "Properties" : { | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ]}}, | |
| "PublicRouteTable" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ]}}, | |
| "PublicRoute" : { | |
| "Type" : "AWS::EC2::Route", | |
| "Properties" : { | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" }, | |
| "DestinationCidrBlock" : "0.0.0.0/0", | |
| "GatewayId" : { "Ref" : "InternetGateway" } | |
| }}, | |
| "PublicSubnetRouteTableAssociationElbA" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ELBSubnetA" }, | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" } | |
| }}, | |
| "PublicSubnetRouteTableAssociationElbB" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ELBSubnetB" }, | |
| "RouteTableId" : { "Ref" : "PublicRouteTable" } | |
| }}, | |
| "PublicNetworkAcl" : { | |
| "Type" : "AWS::EC2::NetworkAcl", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Public" } | |
| ]}}, | |
| "InboundSSHPublicNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PublicNetworkAcl"}, | |
| "RuleNumber" : "10", | |
| "Protocol" : "6", | |
| "RuleAction" : "allow", | |
| "Egress" : "false", | |
| "CidrBlock" : "0.0.0.0/0", | |
| "PortRange" : {"From" : "22", "To" : "22"} | |
| } | |
| }, | |
| "InboundHTTPPublicNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PublicNetworkAcl"}, | |
| "RuleNumber" : "20", | |
| "Protocol" : "6", | |
| "RuleAction" : "allow", | |
| "Egress" : "false", | |
| "CidrBlock" : "0.0.0.0/0", | |
| "PortRange" : {"From" : "80", "To" : "80"} | |
| }}, | |
| "InboundDynamicPortsPublicNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PublicNetworkAcl"}, | |
| "RuleNumber" : "50", | |
| "Protocol" : "6", | |
| "RuleAction" : "allow", | |
| "Egress" : "false", | |
| "CidrBlock" : "0.0.0.0/0", | |
| "PortRange" : {"From" : "1024", "To" : "65535"} | |
| } | |
| }, | |
| "OutboundHTTPPublicNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PublicNetworkAcl"}, | |
| "RuleNumber" : "20", | |
| "Protocol" : "6", | |
| "RuleAction" : "allow", | |
| "Egress" : "true", | |
| "CidrBlock" : "0.0.0.0/0", | |
| "PortRange" : {"From" : "80", "To" : "80"} | |
| }}, | |
| "OutBoundDynamicPortPublicNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PublicNetworkAcl"}, | |
| "RuleNumber" : "50", | |
| "Protocol" : "6", | |
| "RuleAction" : "allow", | |
| "Egress" : "true", | |
| "CidrBlock" : "0.0.0.0/0", | |
| "PortRange" : {"From" : "1024", "To" : "65535"} | |
| }}, | |
| "PublicSubnetNetworkAclAssociationElbA" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ELBSubnetA" }, | |
| "NetworkAclId" : { "Ref" : "PublicNetworkAcl" } | |
| }}, | |
| "PublicSubnetNetworkAclAssociationElbB" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ELBSubnetB" }, | |
| "NetworkAclId" : { "Ref" : "PublicNetworkAcl" } | |
| }}, | |
| "ECSubnetA" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.20.0/24", | |
| "AvailabilityZone" : "ap-northeast-1a", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ]}}, | |
| "ECSubnetB" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.21.0/24", | |
| "AvailabilityZone" : "ap-northeast-1b", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ]}}, | |
| "RDSSubnetA" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.30.0/24", | |
| "AvailabilityZone" : "ap-northeast-1a", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ]}}, | |
| "RDSSubnetB" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.31.0/24", | |
| "AvailabilityZone" : "ap-northeast-1b", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ]}}, | |
| "LogSubnetB" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.241.0/24", | |
| "AvailabilityZone" : "ap-northeast-1b", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Log" } | |
| ]}}, | |
| "WatchSubnetB" : { | |
| "Type" : "AWS::EC2::Subnet", | |
| "Properties" : { | |
| "VpcId" : { "Ref" : "VPC" }, | |
| "CidrBlock" : "10.1.251.0/24", | |
| "AvailabilityZone" : "ap-northeast-1b", | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Watch" } | |
| ]}}, | |
| "PrivateRouteTable" : { | |
| "Type" : "AWS::EC2::RouteTable", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ]}}, | |
| "PrivateSubnetRouteTableAssociationA" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ECSubnetA" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
| }}, | |
| "PrivateSubnetRouteTableAssociationB" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ECSubnetB" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
| }}, | |
| "PrivateSubnetRouteTableAssociationRDSA" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "RDSSubnetA" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
| }}, | |
| "PrivateSubnetRouteTableAssociationRDSB" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "RDSSubnetB" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
| }}, | |
| "PrivateSubnetRouteTableAssociationLogB" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "LogSubnetB" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
| }}, | |
| "PrivateSubnetRouteTableAssociationWatchB" : { | |
| "Type" : "AWS::EC2::SubnetRouteTableAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "WatchSubnetB" }, | |
| "RouteTableId" : { "Ref" : "PrivateRouteTable" } | |
| }}, | |
| "PrivateNetworkAcl" : { | |
| "Type" : "AWS::EC2::NetworkAcl", | |
| "Properties" : { | |
| "VpcId" : {"Ref" : "VPC"}, | |
| "Tags" : [ | |
| {"Key" : "Application", "Value" : { "Ref" : "AWS::StackName"} }, | |
| {"Key" : "Network", "Value" : "Private" } | |
| ]}}, | |
| "InboundPrivateNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PrivateNetworkAcl"}, | |
| "RuleNumber" : "100", | |
| "Protocol" : "-1", | |
| "RuleAction" : "allow", | |
| "Egress" : "false", | |
| "CidrBlock" : "10.1.0.0/16" | |
| }}, | |
| "OutBoundPrivateNetworkAclEntry" : { | |
| "Type" : "AWS::EC2::NetworkAclEntry", | |
| "Properties" : { | |
| "NetworkAclId" : {"Ref" : "PrivateNetworkAcl"}, | |
| "RuleNumber" : "100", | |
| "Protocol" : "-1", | |
| "RuleAction" : "allow", | |
| "Egress" : "true", | |
| "CidrBlock" : "10.1.0.0/16" | |
| }}, | |
| "PrivateSubnetNetworkAclAssociationA" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ECSubnetA" }, | |
| "NetworkAclId" : { "Ref" : "PrivateNetworkAcl" } | |
| }}, | |
| "PrivateSubnetNetworkAclAssociationB" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "ECSubnetB" }, | |
| "NetworkAclId" : { "Ref" : "PrivateNetworkAcl" } | |
| }}, | |
| "PrivateSubnetNetworkAclAssociationRDSA" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "RDSSubnetA" }, | |
| "NetworkAclId" : { "Ref" : "PrivateNetworkAcl" } | |
| }}, | |
| "PrivateSubnetNetworkAclAssociationRDSB" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "RDSSubnetB" }, | |
| "NetworkAclId" : { "Ref" : "PrivateNetworkAcl" } | |
| }}, | |
| "PrivateSubnetNetworkAclAssociationLogB" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "LogSubnetB" }, | |
| "NetworkAclId" : { "Ref" : "PrivateNetworkAcl" } | |
| }}, | |
| "PrivateSubnetNetworkAclAssociationWatchB" : { | |
| "Type" : "AWS::EC2::SubnetNetworkAclAssociation", | |
| "Properties" : { | |
| "SubnetId" : { "Ref" : "WatchSubnetB" }, | |
| "NetworkAclId" : { "Ref" : "PrivateNetworkAcl" } | |
| } | |
| } | |
| }, | |
| "Outputs":{ | |
| "ELBSubnetAId":{ | |
| "Value":{"Ref": "ELBSubnetA"}, | |
| "Description":"Id of ELBSubnetA" | |
| }, | |
| "ELBSubnetBId":{ | |
| "Value":{"Ref": "ELBSubnetB"}, | |
| "Description":"Id of ELBSubnetB" | |
| }, | |
| "ECSubnetAId":{ | |
| "Value":{"Ref": "ECSubnetA"}, | |
| "Description":"Id of ECSubnetA" | |
| }, | |
| "ECSubnetBId":{ | |
| "Value":{"Ref": "ECSubnetB"}, | |
| "Description":"Id of ECSubnetB" | |
| }, | |
| "RDSSubnetAId":{ | |
| "Value":{"Ref": "RDSSubnetA"}, | |
| "Description":"Id of RDSSubnetA" | |
| }, | |
| "RDSSubnetBId":{ | |
| "Value":{"Ref": "RDSSubnetB"}, | |
| "Description":"Id of RDSSubnetB" | |
| }, | |
| "LogSubnetBId":{ | |
| "Value":{"Ref": "LogSubnetB"}, | |
| "Description":"Id of LogSubnetB" | |
| }, | |
| "WatchSubnetBId":{ | |
| "Value":{"Ref": "WatchSubnetB"}, | |
| "Description":"Id of WatchSubnetB" | |
| }, | |
| "VPCID":{ | |
| "Value":{ "Ref" : "VPC" }, | |
| "Description":"Id of VPC" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment