Created
April 11, 2019 12:10
-
-
Save thapakazi/3e508b490ecf6b5a32a029a7bc17d953 to your computer and use it in GitHub Desktop.
create_vpc work in progress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| Description: >- | |
| An AWS VPC with model according to https://medium.com/aws-activate-startup-blog/practical-vpc-design-8412e1a18dcc | |
| AWSTemplateFormatVersion: 2010-09-09 | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: 10.0.0.0/16 | |
| EnableDnsSupport: true | |
| EnableDnsHostnames: true | |
| InstanceTenancy: default | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| VPCGatewayAttachment: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| VpcId: !Ref VPC | |
| InternetGatewayId: !Ref InternetGateway | |
| ###### SubnetA ######################## | |
| SubnetAPrivate: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.0.0/19 | |
| SubnetAPublic: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.32.0/20 | |
| MapPublicIpOnLaunch: true | |
| SubnetAProtected: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.48.0/21 | |
| ######SubnetB ######################## | |
| SubnetBPrivate: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.64.0/19 | |
| SubnetBPublic: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.96.0/20 | |
| MapPublicIpOnLaunch: true | |
| SubnetBProtected: | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: !Ref VPC | |
| CidrBlock: 10.0.112.0/21 | |
| ##### Routing ###################### | |
| RouteTablePublic: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: !Ref VPC | |
| InternetRoute: | |
| Type: AWS::EC2::Route | |
| DependsOn: VPCGatewayAttachment | |
| Properties: | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: !Ref InternetGateway | |
| RouteTableId: !Ref RouteTablePublic | |
| SubnetARouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref RouteTablePublic | |
| SubnetId: !Ref SubnetAPublic | |
| SubnetBRouteTableAssociation: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| RouteTableId: !Ref RouteTablePublic | |
| SubnetId: !Ref SubnetBPublic | |
| ##### NAT Gateway ###################### | |
| # NatGatewayEIP: | |
| # Type: AWS::EC2::EIP | |
| # Properties: | |
| # Domain: "vpc" | |
| # NatGateway: | |
| # Type: AWS::EC2::NatGateway | |
| # DependsOn: VPCGatewayAttachment | |
| # Properties: | |
| # AllocationId: | |
| # "Fn::GetAtt" : | |
| # [ | |
| # "NATGateway1EIP", | |
| # "AllocationId" | |
| # ] | |
| # SubnetId: !Ref SubnetAPublic | |
| # PrivateNat: | |
| # Type: AWS::EC2::Route | |
| # DependsOn: VPCGatewayAttachment | |
| # Properties: | |
| # DestinationCidrBlock: 0.0.0.0/0 | |
| # NatGatewayId: !Ref NatGateway | |
| # RouteTableId: !Ref RouteTablePublic | |
| ##### SG #################### | |
| SecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupName: "Internet Group" | |
| GroupDescription: "SSH traffic in, all traffic out." | |
| VpcId: !Ref VPC | |
| SecurityGroupIngress: | |
| - IpProtocol: tcp | |
| FromPort: '22' | |
| ToPort: '22' | |
| CidrIp: 0.0.0.0/0 | |
| SecurityGroupEgress: | |
| - IpProtocol: -1 | |
| CidrIp: 0.0.0.0/0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Looks fine but minor improvements can be done like: