Last active
August 29, 2015 14:22
-
-
Save caevyn/6a3fe2d5f9af0307e2bf to your computer and use it in GitHub Desktop.
empty vpc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"AWSTemplateFormatVersion": "2010-09-09", | |
"Description": "AWS CloudFormation demo thingy", | |
"Parameters": { | |
"Environment": { | |
"Description": "Environment", | |
"Type": "String", | |
"MinLength": "3", | |
"MaxLength": "4", | |
"Default": "DEV", | |
"AllowedPattern": "^(DEV|TEST|PROD)$", | |
"ConstraintDescription": "must be DEV|TEST|PROD" | |
} | |
}, | |
"Mappings": { | |
"SubnetConfig": { | |
"VPC": { | |
"CIDR": "10.0.0.0/16" | |
}, | |
"PublicA": { | |
"CIDR": "10.0.0.0/22" | |
}, | |
"PublicB": { | |
"CIDR": "10.0.4.0/22" | |
}, | |
"PrivateA": { | |
"CIDR": "10.0.128.0/22" | |
}, | |
"PrivateB": { | |
"CIDR": "10.0.132.0/22" | |
} | |
} | |
}, | |
"Resources": { | |
"VPC": { | |
"Type": "AWS::EC2::VPC", | |
"Properties": { | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"VPC", | |
"CIDR" | |
] | |
}, | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
}, | |
{ | |
"Key": "Name", | |
"Value": "PublicWebVPC" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"PublicSubnetA": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"PublicA", | |
"CIDR" | |
] | |
}, | |
"AvailabilityZone": "ap-southeast-2a", | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
}, | |
{ | |
"Key": "Name", | |
"Value": "CfPublicA" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"PublicSubnetB": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"PublicB", | |
"CIDR" | |
] | |
}, | |
"AvailabilityZone": "ap-southeast-2b", | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
}, | |
{ | |
"Key": "Name", | |
"Value": "CfPublicB" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"InternetGateway": { | |
"Type": "AWS::EC2::InternetGateway", | |
"Properties": { | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"GatewayToInternet": { | |
"Type": "AWS::EC2::VPCGatewayAttachment", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"InternetGatewayId": { | |
"Ref": "InternetGateway" | |
} | |
} | |
}, | |
"PublicRouteTable": { | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"PublicRoute": { | |
"Type": "AWS::EC2::Route", | |
"DependsOn": "GatewayToInternet", | |
"Properties": { | |
"RouteTableId": { | |
"Ref": "PublicRouteTable" | |
}, | |
"DestinationCidrBlock": "0.0.0.0/0", | |
"GatewayId": { | |
"Ref": "InternetGateway" | |
} | |
} | |
}, | |
"PublicSubnetRouteTableAssociationA": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PublicSubnetA" | |
}, | |
"RouteTableId": { | |
"Ref": "PublicRouteTable" | |
} | |
} | |
}, | |
"PublicSubnetRouteTableAssociationB": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PublicSubnetB" | |
}, | |
"RouteTableId": { | |
"Ref": "PublicRouteTable" | |
} | |
} | |
}, | |
"PublicNetworkAcl": { | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Public" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"InboundHTTPPublicNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
}, | |
"RuleNumber": "100", | |
"Protocol": "6", | |
"RuleAction": "allow", | |
"Egress": "false", | |
"CidrBlock": "0.0.0.0/0", | |
"PortRange": { | |
"From": "80", | |
"To": "80" | |
} | |
} | |
}, | |
"InboundHTTPSPublicNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
}, | |
"RuleNumber": "101", | |
"Protocol": "6", | |
"RuleAction": "allow", | |
"Egress": "false", | |
"CidrBlock": "0.0.0.0/0", | |
"PortRange": { | |
"From": "443", | |
"To": "443" | |
} | |
} | |
}, | |
"OutboundPublicNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
}, | |
"RuleNumber": "100", | |
"Protocol": "6", | |
"RuleAction": "allow", | |
"Egress": "true", | |
"CidrBlock": "0.0.0.0/0", | |
"PortRange": { | |
"From": "0", | |
"To": "65535" | |
} | |
} | |
}, | |
"PublicSubnetNetworkAclAssociationA": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PublicSubnetA" | |
}, | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
} | |
} | |
}, | |
"PublicSubnetNetworkAclAssociationB": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PublicSubnetB" | |
}, | |
"NetworkAclId": { | |
"Ref": "PublicNetworkAcl" | |
} | |
} | |
}, | |
"PrivateSubnetA": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"PrivateA", | |
"CIDR" | |
] | |
}, | |
"AvailabilityZone": "ap-southeast-2a", | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Private" | |
}, | |
{ | |
"Key": "Name", | |
"Value": "CfPrivateA" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"PrivateSubnetB": { | |
"Type": "AWS::EC2::Subnet", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"PrivateB", | |
"CIDR" | |
] | |
}, | |
"AvailabilityZone": "ap-southeast-2b", | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Private" | |
}, | |
{ | |
"Key": "Name", | |
"Value": "CfPrivateB" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"PrivateRouteTable": { | |
"Type": "AWS::EC2::RouteTable", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Private" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"PrivateSubnetRouteTableAssociationA": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PrivateSubnetA" | |
}, | |
"RouteTableId": { | |
"Ref": "PrivateRouteTable" | |
} | |
} | |
}, | |
"PrivateSubnetRouteTableAssociationB": { | |
"Type": "AWS::EC2::SubnetRouteTableAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PrivateSubnetB" | |
}, | |
"RouteTableId": { | |
"Ref": "PrivateRouteTable" | |
} | |
} | |
}, | |
"PrivateNetworkAcl": { | |
"Type": "AWS::EC2::NetworkAcl", | |
"Properties": { | |
"VpcId": { | |
"Ref": "VPC" | |
}, | |
"Tags": [ | |
{ | |
"Key": "Network", | |
"Value": "Private" | |
}, | |
{ | |
"Key": "Environment", | |
"Value": { | |
"Ref": "Environment" | |
} | |
} | |
] | |
} | |
}, | |
"InboundHTTPPrivateNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
}, | |
"RuleNumber": "103", | |
"Protocol": "6", | |
"RuleAction": "allow", | |
"Egress": "false", | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"VPC", | |
"CIDR" | |
] | |
}, | |
"PortRange": { | |
"From": "80", | |
"To": "80" | |
} | |
} | |
}, | |
"InboundHTTPSPrivateNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
}, | |
"RuleNumber": "101", | |
"Protocol": "6", | |
"RuleAction": "allow", | |
"Egress": "false", | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"VPC", | |
"CIDR" | |
] | |
}, | |
"PortRange": { | |
"From": "443", | |
"To": "443" | |
} | |
} | |
}, | |
"OutBoundPrivateNetworkAclEntry": { | |
"Type": "AWS::EC2::NetworkAclEntry", | |
"Properties": { | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
}, | |
"RuleNumber": "102", | |
"Protocol": "6", | |
"RuleAction": "allow", | |
"Egress": "true", | |
"CidrBlock": { | |
"Fn::FindInMap": [ | |
"SubnetConfig", | |
"VPC", | |
"CIDR" | |
] | |
}, | |
"PortRange": { | |
"From": "0", | |
"To": "65535" | |
} | |
} | |
}, | |
"PrivateSubnetNetworkAclAssociationA": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PrivateSubnetA" | |
}, | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
} | |
} | |
}, | |
"PrivateSubnetNetworkAclAssociationB": { | |
"Type": "AWS::EC2::SubnetNetworkAclAssociation", | |
"Properties": { | |
"SubnetId": { | |
"Ref": "PrivateSubnetB" | |
}, | |
"NetworkAclId": { | |
"Ref": "PrivateNetworkAcl" | |
} | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment