Created
May 6, 2024 21:35
-
-
Save clintkev251/8e73afcbd55c17e01b00b0d799eeed5e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: Template which deploys a basic VPC with a single SG, 2 public subnets and an IGW. Optionally can also deploy 2 private subnets and a NAT gateway | |
| Parameters: | |
| Subnet1AzParameter: | |
| Type: AWS::EC2::AvailabilityZone::Name | |
| Description: First subnet avalibility zone | |
| Subnet2AzParameter: | |
| Type: AWS::EC2::AvailabilityZone::Name | |
| Description: Second subnet avalibility zone | |
| PrivateSubnetParameter: | |
| Type: String | |
| AllowedValues: | |
| - "Yes" | |
| - "No" | |
| Default: "No" | |
| Description: Select 'Yes' to create private subenets and NAT Gateways. When set to 'No', only public subnets are created | |
| VpcCidrParameter: | |
| Type: String | |
| Default: 10.0.0.0/16 | |
| Description: CIDR range for VPC | |
| CidrBitsParameter: | |
| Type: Number | |
| Default: 8 | |
| Description: Size of each created subnet represented in host bits (subtract your desired suffix from 32 to get this number, default of 8 creates /24 networks) | |
| Conditions: | |
| CreatePrivateSubnet: !Equals [!Ref PrivateSubnetParameter, "Yes"] | |
| Resources: | |
| # VPC Resources | |
| Vpc: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: !Ref VpcCidrParameter | |
| EnableDnsHostnames: true | |
| EnableDnsSupport: true | |
| Tags: | |
| - Key: Name | |
| Value: !Ref AWS::StackName | |
| PublicSubnetA: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref Vpc | |
| CidrBlock: !Select [ 0, !Cidr [ !Ref VpcCidrParameter, 4, !Ref CidrBitsParameter ]] | |
| AvailabilityZone: !Ref Subnet1AzParameter | |
| MapPublicIpOnLaunch: true | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-PublicSubnetA' | |
| PublicSubnetB: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref Vpc | |
| CidrBlock: !Select [ 1, !Cidr [ !Ref VpcCidrParameter, 4, !Ref CidrBitsParameter ]] | |
| AvailabilityZone: !Ref Subnet2AzParameter | |
| MapPublicIpOnLaunch: true | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-PublicSubnetB' | |
| PrivateSubnetA: | |
| Type: AWS::EC2::Subnet | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| VpcId: !Ref Vpc | |
| CidrBlock: !Select [ 2, !Cidr [ !Ref VpcCidrParameter, 4, !Ref CidrBitsParameter ]] | |
| AvailabilityZone: !Ref Subnet1AzParameter | |
| MapPublicIpOnLaunch: false | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-PrivateSubnetA' | |
| PrivateSubnetB: | |
| Type: AWS::EC2::Subnet | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| VpcId: !Ref Vpc | |
| CidrBlock: !Select [ 3, !Cidr [ !Ref VpcCidrParameter, 4, !Ref CidrBitsParameter ]] | |
| AvailabilityZone: !Ref Subnet2AzParameter | |
| MapPublicIpOnLaunch: false | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-PrivateSubnetB' | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref Vpc | |
| PrivateRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| VpcId: !Ref Vpc | |
| PublicRoute: | |
| Type: AWS::EC2::Route | |
| DependsOn: IgwAttachment | |
| Properties: | |
| DestinationCidrBlock: "0.0.0.0/0" | |
| GatewayId: !Ref Igw | |
| RouteTableId: !Ref PublicRouteTable | |
| PrivateRoute: | |
| Type: AWS::EC2::Route | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| DestinationCidrBlock: "0.0.0.0/0" | |
| NatGatewayId: !Ref NatGateway | |
| RouteTableId: !Ref PrivateRouteTable | |
| PublicRouteTableAssociationB: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| SubnetId: !Ref PublicSubnetB | |
| PublicRouteTableAssociationA: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref PublicRouteTable | |
| SubnetId: !Ref PublicSubnetA | |
| PrivateRouteTableAssociationB: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| RouteTableId: !Ref PrivateRouteTable | |
| SubnetId: !Ref PrivateSubnetB | |
| PrivateRouteTableAssociationA: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| RouteTableId: !Ref PrivateRouteTable | |
| SubnetId: !Ref PrivateSubnetA | |
| NatGateway: | |
| Type: AWS::EC2::NatGateway | |
| Condition: CreatePrivateSubnet | |
| Properties: | |
| AllocationId: !GetAtt ElasticIp.AllocationId | |
| ConnectivityType: public | |
| SubnetId: !Ref PublicSubnetA | |
| ElasticIp: | |
| Type: AWS::EC2::EIP | |
| Condition: CreatePrivateSubnet | |
| DependsOn: Vpc | |
| Igw: | |
| Type: AWS::EC2::InternetGateway | |
| IgwAttachment: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| InternetGatewayId: !Ref Igw | |
| VpcId: !Ref Vpc | |
| SecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: Security group allowing all egress and http/s ingress | |
| GroupName: Http | |
| SecurityGroupEgress: | |
| - IpProtocol: "-1" | |
| FromPort: -1 | |
| ToPort: -1 | |
| CidrIp: "0.0.0.0/0" | |
| - IpProtocol: "-1" | |
| FromPort: -1 | |
| ToPort: -1 | |
| CidrIpv6: "::/0" | |
| SecurityGroupIngress: | |
| - IpProtocol: TCP | |
| FromPort: 80 | |
| ToPort: 80 | |
| CidrIp: "0.0.0.0/0" | |
| - IpProtocol: TCP | |
| FromPort: 80 | |
| ToPort: 80 | |
| CidrIpv6: "::/0" | |
| - IpProtocol: TCP | |
| FromPort: 443 | |
| ToPort: 443 | |
| CidrIp: "0.0.0.0/0" | |
| - IpProtocol: TCP | |
| FromPort: 443 | |
| ToPort: 443 | |
| CidrIpv6: "::/0" | |
| VpcId: !Ref Vpc |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment