boto3+CF+AWS

vpc.yaml

Description:  This CloudFormation YAML file will provision a VPC

Parameters:
  KeyName:
    Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
    Type: AWS::EC2::KeyPair::KeyName
    Default: ec2-keypair

  InstanceType:
    Description: EC2 instance type
    Type: String
    Default: t2.micro

  EnvironmentName:
    Description: An environment name that is prefixed to resource names
    Type: String
    Default: Development

  VpcCIDR:
    Description: Please enter the IP range (CIDR notation) for this VPC
    Type: String
    Default: "172.16.0.0/16"

  PublicSubnet1CIDR:
    Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
    Type: String
    Default: "172.16.1.0/24"

Mappings:
  AWSRegionToAMI:
    us-east-1:
      AMIID: ami-0742b4e673072066f

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock:
        Ref: VpcCIDR
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value:
            Ref: EnvironmentName

  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value:
            Ref: EnvironmentName

  InternetGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId:
        Ref: InternetGateway
      VpcId:
        Ref: VPC

  PublicSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId:
        Ref: VPC
      AvailabilityZone: !Select [ 0, !GetAZs '' ]
      CidrBlock:
        Ref: PublicSubnet1CIDR
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub ${EnvironmentName} Public Subnet (AZ1)

  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId:
        Ref: VPC
      Tags:
        - Key: Name
          Value: !Sub ${EnvironmentName} Public Routes

  DefaultPublicRoute:
    Type: AWS::EC2::Route
    DependsOn: InternetGatewayAttachment
    Properties:
      RouteTableId:
        Ref: PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId:
        Ref: InternetGateway

  PublicSubnet1RouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId:
        Ref: PublicRouteTable
      SubnetId:
        Ref: PublicSubnet1

  VPCEC2SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: only allow SSH traffic
      GroupName: SSH-ONLY
      SecurityGroupIngress:
      - CidrIp: 72.137.76.221/32
        FromPort: 22
        IpProtocol: tcp
        ToPort: 22
      Tags:
        -
          Key: Name
          Value: CloudFormationSecurityGroup
      VpcId:
        Ref: VPC

  VPCEC2:
    Type: AWS::EC2::Instance
    Properties:
      ImageId:
        !FindInMap
          - AWSRegionToAMI
          - !Ref AWS::Region
          - AMIID
      InstanceType: !Ref InstanceType
      SecurityGroupIds:
        - !GetAtt "VPCEC2SecurityGroup.GroupId"
      SubnetId: !Ref PublicSubnet1
      KeyName:
        Ref: KeyName

Outputs:
  VPC:
    Description: A reference to the created VPC
    Value:
      Ref: VPC

  PublicSubnet1:
    Description: A reference to the public subnet in the 1st Availability Zone
    Value:
      Ref: PublicSubnet1

  VPCEC2SecurityGroup:
    Description: Security group with no ingress rule
    Value:
      Ref: VPCEC2SecurityGroup

  InternetGateway:
    Description: InternetGateway Information
    Value:
      Ref: InternetGateway

  PublicRouteTable:
    Description: Public Route Table Information
    Value:
      Ref: PublicRouteTable

  VPCEC2:
    Description: EC2 Information
    Value:
      Ref: VPCEC2