Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example CloudFormation stack building two public subnets.
---
AWSTemplateFormatVersion: '2010-09-09'
Description:
The Public Subnet, and associated routing information
# Metadata: # no metadata
Parameters:
Environment:
Type: String
Description:
Stack Environment Prefix.
PrimaryAvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: us-east-1a # Probably shouldn't set a default, as it makes this region dependent
SecondaryAvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: us-east-1b # Probably shouldn't set a default, as it makes this region dependent
#Mappings:
# Conditions: # No Conditions at this time.
# Transform: # No Transforms at this time
Resources:
# We need to create a VPC Gateway, and then attach it to the VPC.
VPCGateway:
# Using an Internet Gateway for now; may change to a VPN gateway if needed, but one step at a time.
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Sub "${Environment} VPC Internet Gateway"
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref VPCGateway
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
# We need a subnet for publicly available servers. We need two, so that we can register
# a load balancer.
PublicSubnetAZ1:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.1.0/24 # 10.0.10.0 -> 10.0.1.255
MapPublicIpOnLaunch: false # We will use elastic IPs for public-facing servers.
AvailabilityZone: !Ref PrimaryAvailabilityZone
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
Tags:
- Key: Name
Value: !Sub "${Environment} Public Subnet AZ1"
PublicSubnetAZ2:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.2.0/24 # 10.0.20.0 -> 10.0.2.255
MapPublicIpOnLaunch: false # We will use elastic IPs for public-facing servers.
AvailabilityZone: !Ref SecondaryAvailabilityZone
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
Tags:
- Key: Name
Value: !Sub "${Environment} Public Subnet AZ2"
# In order for subnets to receive traffic from the public, we need to create
# routing tables and rules.
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
Tags:
- Key: Name
Value: !Sub "${Environment} Public Route Table"
PublicSubnetRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0 # We have no idea what IPs may be assigned; got to go global
GatewayId: !Ref VPCGateway
# The route can not be configured until the gateway is attached to the subnet.
DependsOn: VPCGatewayAttachment
PublicRouteTableAssociationAZ1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnetAZ1
RouteTableId: !Ref PublicRouteTable
PublicRouteTableAssociationAZ2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnetAZ2
RouteTableId: !Ref PublicRouteTable
Outputs:
PublicSubnetAZ1:
Description: The publicly accessible subnet
Value: !Ref PublicSubnetAZ1
Export:
Name: !Sub "${Environment}::PublicSubnetAZ1"
PublicSubnetAZ2:
Description: The publicly accessible subnet
Value: !Ref PublicSubnetAZ2
Export:
Name: !Sub "${Environment}::PublicSubnetAZ2"
@twasink

This comment has been minimized.

Copy link
Owner Author

@twasink twasink commented Jan 15, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.