Created
May 10, 2017 02:08
-
-
Save estahn/3c97683fbbff8d388041724a05d1b972 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{% import 'roles/cfn-orchestrator/templates/cfn.macros.j2' as cfn with context %} | |
--- | |
AWSTemplateFormatVersion: '2010-09-09' | |
{{ cfn.metadata(1) }} | |
Description: > | |
Creates a VPC with DNS and Public IPs enabled. | |
Creates 4 subnets in 2 AZs (a pair of public/private subnets in each AZ). | |
Parameters: | |
DomainSuffix: | |
Description: Enter the domain suffix to add to all domain names. | |
Type: String | |
Default: aws.hipagesgroup.com.au | |
VpcCidr: | |
Description: CIDR address for the VPC to be created. | |
Type: String | |
Default: 10.0.0.0/16 | |
Resources: | |
VPC: | |
Type: AWS::EC2::VPC | |
Properties: | |
CidrBlock: !Ref VpcCidr | |
EnableDnsSupport: true | |
EnableDnsHostnames: true | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-VPC } | |
- { Key: Environment, Value: !Ref Environment } | |
{%- for segment_name, segment in segments.iteritems() %} | |
{%- set segment_cidr = vpc.cidr | ipsubnet(vpc.slash, loop.index0) -%} | |
{% for subnet in range(1, segment.azs + 1) %} | |
{{ segment_name | title }}Subnet{{ subnet }}: | |
Type: AWS::EC2::Subnet | |
Properties: | |
AvailabilityZone: !Select ['{{subnet - 1}}', !GetAZs] | |
CidrBlock: {{ segment_cidr| ipsubnet(segment.slash, subnet - 1) }} | |
VpcId: !Ref VPC | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-{{ segment_name | title }}Subnet{{ subnet }} } | |
- { Key: Environment, Value: !Ref Environment } | |
{% endfor -%} | |
{%- endfor %} | |
InternetGateway: | |
Type: AWS::EC2::InternetGateway | |
Properties: | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-InternetGateway } | |
- { Key: Environment, Value: !Ref Environment } | |
GatewayToInternet: | |
Type: AWS::EC2::VPCGatewayAttachment | |
Properties: | |
VpcId: !Ref VPC | |
InternetGatewayId: !Ref InternetGateway | |
NatGateway1: | |
DependsOn: GatewayToInternet | |
Type: AWS::EC2::NatGateway | |
Properties: | |
AllocationId: !GetAtt NatGatewayEIP1.AllocationId | |
SubnetId: !Ref PublicSubnet1 | |
NatGatewayEIP1: | |
Type: AWS::EC2::EIP | |
Properties: | |
Domain: vpc | |
NatGateway2: | |
DependsOn: GatewayToInternet | |
Type: AWS::EC2::NatGateway | |
Properties: | |
AllocationId: !GetAtt NatGatewayEIP2.AllocationId | |
SubnetId: !Ref PublicSubnet2 | |
NatGatewayEIP2: | |
Type: AWS::EC2::EIP | |
Properties: | |
Domain: vpc | |
PublicRouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-PublicRouteTable } | |
- { Key: Environment, Value: !Ref Environment } | |
PrivateRouteTable1: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-PrivateRouteTable1 } | |
- { Key: Environment, Value: !Ref Environment } | |
PrivateRouteTable2: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: !Ref VPC | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-PrivateRouteTable2 } | |
- { Key: Environment, Value: !Ref Environment } | |
PublicRoute: | |
Type: AWS::EC2::Route | |
Properties: | |
RouteTableId: !Ref PublicRouteTable | |
DestinationCidrBlock: 0.0.0.0/0 | |
GatewayId: !Ref InternetGateway | |
PrivateRoute1: | |
Type: AWS::EC2::Route | |
Properties: | |
RouteTableId: !Ref PrivateRouteTable1 | |
DestinationCidrBlock: 0.0.0.0/0 | |
NatGatewayId: !Ref NatGateway1 | |
PrivateRoute2: | |
Type: AWS::EC2::Route | |
Properties: | |
RouteTableId: !Ref PrivateRouteTable2 | |
DestinationCidrBlock: 0.0.0.0/0 | |
NatGatewayId: !Ref NatGateway2 | |
PublicSubnetRouteTableAssociation1: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref PublicSubnet1 | |
RouteTableId: !Ref PublicRouteTable | |
PublicSubnetRouteTableAssociation2: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref PublicSubnet2 | |
RouteTableId: !Ref PublicRouteTable | |
PrivateSubnetRouteTableAssociation1: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref PrivateSubnet1 | |
RouteTableId: !Ref PrivateRouteTable1 | |
PrivateSubnetRouteTableAssociation2: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
SubnetId: !Ref PrivateSubnet2 | |
RouteTableId: !Ref PrivateRouteTable2 | |
DHCPOptions: | |
Type: AWS::EC2::DHCPOptions | |
Properties: | |
DomainName: !Sub | |
- ${AWS::StackName}.${DomainSuffix} | |
- { DomainSuffix: !Ref DomainSuffix} | |
DomainNameServers: [ AmazonProvidedDNS ] | |
Tags: | |
- { Key: Name, Value: !Sub ${AWS::StackName}-DHCPOptions } | |
- { Key: Environment, Value: !Ref Environment } | |
Outputs: | |
VpcId: | |
Description: VPC ID | |
Value: !Ref VPC | |
Export: | |
Name: !Sub ${AWS::StackName}-VpcId | |
PublicSubnet1: | |
Description: The subnet ID to use for public servers | |
Value: !Ref PublicSubnet1 | |
Export: | |
Name: !Sub ${AWS::StackName}-PublicSubnet1 | |
PublicSubnet2: | |
Description: The subnet ID to use for public servers | |
Value: !Ref PublicSubnet2 | |
Export: | |
Name: !Sub ${AWS::StackName}-PublicSubnet2 | |
PrivateSubnet1: | |
Description: The subnet ID to use for private servers | |
Value: !Ref PrivateSubnet1 | |
Export: | |
Name: !Sub ${AWS::StackName}-PrivateSubnet1 | |
PrivateSubnet2: | |
Description: The subnet ID to use for private servers | |
Value: !Ref PrivateSubnet2 | |
Export: | |
Name: !Sub ${AWS::StackName}-PrivateSubnet2 | |
NatGatewayEIP1: | |
Description: The external IP for all private servers | |
Value: !Ref NatGatewayEIP1 | |
Export: | |
Name: !Sub ${AWS::StackName}-NatGatewayEIP1 | |
NatGatewayEIP2: | |
Description: The external IP for all private servers | |
Value: !Ref NatGatewayEIP2 | |
Export: | |
Name: !Sub ${AWS::StackName}-NatGatewayEIP2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment