Last active
March 23, 2024 06:53
-
-
Save dgt0011/de28759cfc49cd81a79129019d094a88 to your computer and use it in GitHub Desktop.
Cloudformation template for a simple AWS VPC with three public, three private subnets, IGW, route tables and CF exports for all subnet Ids
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
AWSTemplateFormatVersion: '2010-09-09' | |
Description: Creates AWS infrastructure for the primary (non default) VPC | |
Parameters: | |
VPCOctet: | |
Description: First two octets of the VPC (e.g. '192.168' for '192.168.0.0/20') | |
Type: String | |
MinLength: 4 | |
MaxLength: 7 | |
AllowedPattern: "[0-9]{2,3}.[0-9]{1,3}" | |
ConstraintDescription: Must only be the first two octets without a trailing period | |
Default: '172.16' | |
VPCName: | |
Description: The name for the VPC | |
Type: String | |
MinLength: 3 | |
MaxLength: 255 | |
Default: 'my-aws-vpc' | |
Resources: | |
VPC: | |
Type: AWS::EC2::VPC | |
Properties: | |
CidrBlock: !Join [".", [!Ref VPCOctet, '0.0/20'] ] | |
InstanceTenancy: default | |
Tags: | |
- Key: Name | |
Value: !Ref VPCName | |
- Key: VpcOctet | |
Value: !Ref VPCOctet | |
PublicSubnetA: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Join ["", [!Ref 'AWS::Region', a]] | |
CidrBlock: !Join [".", [!Ref VPCOctet, '1.0/24'] ] | |
MapPublicIpOnLaunch: true | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, pub , a] ] | |
VpcId: !Ref VPC | |
PublicSubnetB: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Join ["", [!Ref 'AWS::Region', b]] | |
CidrBlock: !Join [".", [!Ref VPCOctet, '2.0/24'] ] | |
MapPublicIpOnLaunch: true | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, pub ,b] ] | |
VpcId: !Ref VPC | |
PublicSubnetC: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Join ["", [!Ref 'AWS::Region', c]] | |
CidrBlock: !Join [".", [!Ref VPCOctet, '3.0/24'] ] | |
MapPublicIpOnLaunch: true | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, pub , c] ] | |
VpcId: !Ref VPC | |
PrivateSubnetA: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Join ["", [!Ref 'AWS::Region', a]] | |
CidrBlock: !Join [".", [!Ref VPCOctet, '5.0/24'] ] | |
MapPublicIpOnLaunch: false | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, private, a] ] | |
VpcId: !Ref VPC | |
PrivateSubnetB: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Join ["", [!Ref 'AWS::Region', b]] | |
CidrBlock: !Join [".", [!Ref VPCOctet, '6.0/24'] ] | |
MapPublicIpOnLaunch: false | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, private, b] ] | |
VpcId: !Ref VPC | |
PrivateSubnetC: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Join ["", [!Ref 'AWS::Region', c]] | |
CidrBlock: !Join [".", [!Ref VPCOctet, '7.0/24'] ] | |
MapPublicIpOnLaunch: false | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, private, c] ] | |
VpcId: !Ref VPC | |
IGW: | |
Type: AWS::EC2::InternetGateway | |
Properties: | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, igw] ] | |
AttachIGWtoVPC: | |
Type: AWS::EC2::VPCGatewayAttachment | |
Properties: | |
VpcId: !Ref VPC | |
InternetGatewayId: !Ref IGW | |
# uncomment this section to add a NAT Gateway to a public subnet to permit resources deployed into | |
# private subnets to reach the internet | |
# do not uncomment this section unless you actually need it as it will incur additional costs | |
# NatGatewayAttachment: | |
# Type: AWS::EC2::EIP | |
# DependsOn: AttachIGWtoVPC | |
# Properties: | |
# Domain: vpc | |
# NatGateway: | |
# Type: AWS::EC2::NatGateway | |
# Properties: | |
# AllocationId: !GetAtt NatGatewayAttachment.AllocationId | |
# SubnetId: !Ref PublicSubnetA | |
# Tags: | |
# - Key: Name | |
# Value: !Join ["-", [!Ref VPCName, nat] ] | |
PublicRouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, public, rt] ] | |
PublicRouteTableIGWRoute: | |
Type: AWS::EC2::Route | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
DestinationCidrBlock: 0.0.0.0/0 | |
GatewayId: !Ref IGW | |
RouteTableAssPubA: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
SubnetId: !Ref PublicSubnetA | |
RouteTableAssPubB: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
SubnetId: !Ref PublicSubnetB | |
RouteTableAssPubC: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
SubnetId: !Ref PublicSubnetC | |
PrivateRouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- Key: Name | |
Value: !Join ["-", [!Ref VPCName, private, rt] ] | |
RouteTableAssPrivateA: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: !Ref PrivateRouteTable | |
SubnetId: !Ref PrivateSubnetA | |
RouteTableAssPrivateB: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: !Ref PrivateRouteTable | |
SubnetId: !Ref PrivateSubnetB | |
RouteTableAssPrivateC: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: !Ref PrivateRouteTable | |
SubnetId: !Ref PrivateSubnetC | |
SecretsManagerInterfaceEndpoint: | |
Type: AWS::EC2::VPCEndpoint | |
Properties: | |
PrivateDnsEnabled: true | |
VpcEndpointType: 'Interface' | |
ServiceName: !Sub com.amazonaws.${AWS::Region}.secretsmanager | |
VpcId: !Ref VPC | |
SubnetIds: | |
- !Ref PrivateSubnetA | |
- !Ref PrivateSubnetB | |
- !Ref PrivateSubnetC | |
SecurityGroupIds: | |
- sg-0cxxxxxxxxxxxxxxx #change this | |
SnsInterfaceEndpoint: | |
Type: AWS::EC2::VPCEndpoint | |
Properties: | |
PrivateDnsEnabled: true | |
VpcEndpointType: 'Interface' | |
ServiceName: !Sub com.amazonaws.${AWS::Region}.sns | |
VpcId: !Ref VPC | |
SubnetIds: | |
- !Ref PrivateSubnetA | |
- !Ref PrivateSubnetB | |
- !Ref PrivateSubnetC | |
SecurityGroupIds: | |
- sg-0cxxxxxxxxxxxxxxx #change this | |
Outputs: | |
VPCID: | |
Value: !Ref VPC | |
Description: ID of the VPC deployed | |
Export: | |
Name: !Join ["-", [vpc, id]] | |
VPCCidrBlock: | |
Value: !GetAtt VPC.CidrBlock | |
Description: ID of the VPC deployed | |
Export: | |
Name: !Join ["-", [vpc, cidr]] | |
PublicSubnetA: | |
Value: !Ref PublicSubnetA | |
Description: ID of the public subnet | |
Export: | |
Name: subnet-pub-a | |
PublicSubnetB: | |
Value: !Ref PublicSubnetB | |
Description: ID of the public subnet | |
Export: | |
Name: subnet-pub-b | |
PublicSubnetC: | |
Value: !Ref PublicSubnetC | |
Description: ID of the public subnet | |
Export: | |
Name: subnet-pub-c | |
PrivateSubnetA: | |
Value: !Ref PrivateSubnetA | |
Description: ID of the private subnet | |
Export: | |
Name: subnet-private-a | |
PrivateSubnetB: | |
Value: !Ref PrivateSubnetB | |
Description: ID of the private subnet | |
Export: | |
Name: subnet-private-b | |
PrivateSubnetC: | |
Value: !Ref PrivateSubnetC | |
Description: ID of the private subnet | |
Export: | |
Name: subnet-private-c |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment