Skip to content

Instantly share code, notes, and snippets.

@caevyn

caevyn/cf.json

Last active August 29, 2015 14:22
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save caevyn/6a3fe2d5f9af0307e2bf to your computer and use it in GitHub Desktop.
Save caevyn/6a3fe2d5f9af0307e2bf to your computer and use it in GitHub Desktop.
Download ZIP
empty vpc
Raw
cf.json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "AWS CloudFormation demo thingy",
"Parameters": {
"Environment": {
"Description": "Environment",
"Type": "String",
"MinLength": "3",
"MaxLength": "4",
"Default": "DEV",
"AllowedPattern": "^(DEV|TEST|PROD)$",
"ConstraintDescription": "must be DEV|TEST|PROD"
}
},
"Mappings": {
"SubnetConfig": {
"VPC": {
"CIDR": "10.0.0.0/16"
},
"PublicA": {
"CIDR": "10.0.0.0/22"
},
"PublicB": {
"CIDR": "10.0.4.0/22"
},
"PrivateA": {
"CIDR": "10.0.128.0/22"
},
"PrivateB": {
"CIDR": "10.0.132.0/22"
}
}
},
"Resources": {
"VPC": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"VPC",
"CIDR"
]
},
"Tags": [
{
"Key": "Network",
"Value": "Public"
},
{
"Key": "Name",
"Value": "PublicWebVPC"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"PublicSubnetA": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"PublicA",
"CIDR"
]
},
"AvailabilityZone": "ap-southeast-2a",
"Tags": [
{
"Key": "Network",
"Value": "Public"
},
{
"Key": "Name",
"Value": "CfPublicA"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"PublicSubnetB": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"PublicB",
"CIDR"
]
},
"AvailabilityZone": "ap-southeast-2b",
"Tags": [
{
"Key": "Network",
"Value": "Public"
},
{
"Key": "Name",
"Value": "CfPublicB"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"InternetGateway": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "Network",
"Value": "Public"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"GatewayToInternet": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"InternetGatewayId": {
"Ref": "InternetGateway"
}
}
},
"PublicRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Network",
"Value": "Public"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"PublicRoute": {
"Type": "AWS::EC2::Route",
"DependsOn": "GatewayToInternet",
"Properties": {
"RouteTableId": {
"Ref": "PublicRouteTable"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"PublicSubnetRouteTableAssociationA": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PublicSubnetA"
},
"RouteTableId": {
"Ref": "PublicRouteTable"
}
}
},
"PublicSubnetRouteTableAssociationB": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PublicSubnetB"
},
"RouteTableId": {
"Ref": "PublicRouteTable"
}
}
},
"PublicNetworkAcl": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Network",
"Value": "Public"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"InboundHTTPPublicNetworkAclEntry": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"NetworkAclId": {
"Ref": "PublicNetworkAcl"
},
"RuleNumber": "100",
"Protocol": "6",
"RuleAction": "allow",
"Egress": "false",
"CidrBlock": "0.0.0.0/0",
"PortRange": {
"From": "80",
"To": "80"
}
}
},
"InboundHTTPSPublicNetworkAclEntry": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"NetworkAclId": {
"Ref": "PublicNetworkAcl"
},
"RuleNumber": "101",
"Protocol": "6",
"RuleAction": "allow",
"Egress": "false",
"CidrBlock": "0.0.0.0/0",
"PortRange": {
"From": "443",
"To": "443"
}
}
},
"OutboundPublicNetworkAclEntry": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"NetworkAclId": {
"Ref": "PublicNetworkAcl"
},
"RuleNumber": "100",
"Protocol": "6",
"RuleAction": "allow",
"Egress": "true",
"CidrBlock": "0.0.0.0/0",
"PortRange": {
"From": "0",
"To": "65535"
}
}
},
"PublicSubnetNetworkAclAssociationA": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"SubnetId": {
"Ref": "PublicSubnetA"
},
"NetworkAclId": {
"Ref": "PublicNetworkAcl"
}
}
},
"PublicSubnetNetworkAclAssociationB": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"SubnetId": {
"Ref": "PublicSubnetB"
},
"NetworkAclId": {
"Ref": "PublicNetworkAcl"
}
}
},
"PrivateSubnetA": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"PrivateA",
"CIDR"
]
},
"AvailabilityZone": "ap-southeast-2a",
"Tags": [
{
"Key": "Network",
"Value": "Private"
},
{
"Key": "Name",
"Value": "CfPrivateA"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"PrivateSubnetB": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"PrivateB",
"CIDR"
]
},
"AvailabilityZone": "ap-southeast-2b",
"Tags": [
{
"Key": "Network",
"Value": "Private"
},
{
"Key": "Name",
"Value": "CfPrivateB"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"PrivateRouteTable": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Network",
"Value": "Private"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"PrivateSubnetRouteTableAssociationA": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnetA"
},
"RouteTableId": {
"Ref": "PrivateRouteTable"
}
}
},
"PrivateSubnetRouteTableAssociationB": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnetB"
},
"RouteTableId": {
"Ref": "PrivateRouteTable"
}
}
},
"PrivateNetworkAcl": {
"Type": "AWS::EC2::NetworkAcl",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"Tags": [
{
"Key": "Network",
"Value": "Private"
},
{
"Key": "Environment",
"Value": {
"Ref": "Environment"
}
}
]
}
},
"InboundHTTPPrivateNetworkAclEntry": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"NetworkAclId": {
"Ref": "PrivateNetworkAcl"
},
"RuleNumber": "103",
"Protocol": "6",
"RuleAction": "allow",
"Egress": "false",
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"VPC",
"CIDR"
]
},
"PortRange": {
"From": "80",
"To": "80"
}
}
},
"InboundHTTPSPrivateNetworkAclEntry": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"NetworkAclId": {
"Ref": "PrivateNetworkAcl"
},
"RuleNumber": "101",
"Protocol": "6",
"RuleAction": "allow",
"Egress": "false",
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"VPC",
"CIDR"
]
},
"PortRange": {
"From": "443",
"To": "443"
}
}
},
"OutBoundPrivateNetworkAclEntry": {
"Type": "AWS::EC2::NetworkAclEntry",
"Properties": {
"NetworkAclId": {
"Ref": "PrivateNetworkAcl"
},
"RuleNumber": "102",
"Protocol": "6",
"RuleAction": "allow",
"Egress": "true",
"CidrBlock": {
"Fn::FindInMap": [
"SubnetConfig",
"VPC",
"CIDR"
]
},
"PortRange": {
"From": "0",
"To": "65535"
}
}
},
"PrivateSubnetNetworkAclAssociationA": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnetA"
},
"NetworkAclId": {
"Ref": "PrivateNetworkAcl"
}
}
},
"PrivateSubnetNetworkAclAssociationB": {
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
"Properties": {
"SubnetId": {
"Ref": "PrivateSubnetB"
},
"NetworkAclId": {
"Ref": "PrivateNetworkAcl"
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment